Re: Rcceiving a generic netlink multicast - should be restricted to the root user?

From: Craig Davison
Date: Tue Mar 10 2015 - 19:55:25 EST

Next message: Linus Torvalds: "Re: [PATCH 4/4] mm: numa: Slow PTE scan rate if migration failures occur"
Previous message: Michael Ellerman: "Re: [PATCH] kbuild: Don't pass -rR to selftest makefiles"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I asked about this on stackoverflow at
http://stackoverflow.com/questions/28909009/ .

Basically, when the generic netlink socket is created on the kernel
side, its netlink_kernel_cfg has:
.flags = NL_CFG_F_NONROOT_RECV

So for generic netlink, non-root processes will always be able to
receive multicasts. But the default, as is used in some other netlink
families, is that only root can receive them. So it seems the
documentation is only a little misleading.

On Sat, Mar 7, 2015 at 9:12 PM, Craig Davison <craig65535@xxxxxxxxx> wrote:
> Some code to reproduce this is at https://github.com/craig65535/mcast-exmpl.
>
> The kernel module hooks TCP connects via a jprobe, and multicasts a
> generic netlink message on every connect. So after insmod'ing the
> module, just connect anywhere to send a multicast.
>
> The client receives multicasts, even when it's not running as root.
>
> Again, the documentation (man 7 netlink) does not agree with this. Is
> this just a documentation bug, or a real bug?
>
> On Fri, Mar 6, 2015 at 7:08 PM, Craig Davison <craig65535@xxxxxxxxx> wrote:
>> I wrote a kernel module that sends generic Netlink multicasts, and
>> wrote a userland client using libmnl that receives them.
>>
>> That all works fine, but my client works even when it's not the root user.
>>
>> man 7 netlink says:
>>
>> Only processes with an effective UID of 0 or the CAP_NET_ADMIN capability
>> may send or listen to a netlink multicast group.
>>
>> The listen part of this is seemingly not true. I've tried this on
>> kernels 3.13 (Ubuntu 14.04), 2.6.32 (CentOS 6) and 2.6.18 (CentOS 5).
>>
>> Is this a bug?
>>
>> If not: I know that restricting receiving generic netlink commands
>> incoming to the kernel to being only from root is possible with
>> GENL_ADMIN_PERM flag, but is it possible to send multicasts from the
>> kernel that can only be received by root?
>>
>> Thank you
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [PATCH 4/4] mm: numa: Slow PTE scan rate if migration failures occur"
Previous message: Michael Ellerman: "Re: [PATCH] kbuild: Don't pass -rR to selftest makefiles"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]