From: Dmitry Safonov <dima@arista.com>
To: Steffen Klassert <steffen.klassert@secunet.com>,
Florian Westphal <fw@strlen.de>
Cc: linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
Dmitry Safonov <0x7f454c46@gmail.com>,
netdev@vger.kernel.org, Andy Lutomirski <luto@kernel.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
John Stultz <john.stultz@linaro.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Oleg Nesterov <oleg@redhat.com>, Stephen Boyd <sboyd@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Thomas Gleixner <tglx@linutronix.de>,
x86@kernel.org, linux-efi@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Mauro Carvalho Chehab <mchehab+samsung@kernel.org>,
Shuah Khan <shuah@kernel.org>,
linux-kselftest@vger.kernel.org, Eric Paris <eparis@redhat.com>,
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Paul Moore <paul@paul-moore.com>,
coreteam@netfilter.org, linux-audit@redhat.com,
netfilter-devel@vger.kernel.org, Fan Du <fan.du@intel.com>
Subject: Re: [PATCH 00/18] xfrm: Add compat layer
Date: Fri, 27 Jul 2018 15:02:53 +0100 [thread overview]
Message-ID: <1532700173.2679.18.camel@arista.com> (raw)
In-Reply-To: <20180727073747.h27dtojlnmc3k25v@gauss3.secunet.de>
On Fri, 2018-07-27 at 09:37 +0200, Steffen Klassert wrote:
> On Thu, Jul 26, 2018 at 10:49:59AM +0200, Florian Westphal wrote:
> > Dmitry Safonov <dima@arista.com> wrote:
> > > So, here I add a compatible layer to xfrm.
> > > As xfrm uses netlink notifications, kernel should send them in
> > > ABI
> > > format that an application will parse. The proposed solution is
> > > to save the ABI of bind() syscall. The realization detail is
> > > to create kernel-hidden, non visible to userspace netlink groups
> > > for compat applications.
> >
> > Why not use exisiting netlink support?
> > Just add the 32bit skb to skb64->frag_list and let
> > netlink find if tasks needs 64 or 32 one.
> >
> > It only needs this small fix to properly signal the end of a dump:
> > https://marc.info/?l=linux-netdev&m=126625240303351&w=2
> >
> > I had started a second attempt to make xfrm compat work,
> > but its still in early stage.
> >
> > One link that might still have some value:
> > https://git.breakpoint.cc/cgit/fw/net-next.git/commit/?h=xfrm_confi
> > g_compat_07&id=f64430e6d9e297f3990f485a4832e273751b9869
> > (compat structure definitions with BUILD_BUG_ON checking)
> >
> > My plan was to make xfrm compat work strictly as shrinker (64->32)
> > and expander (32->64), i.e. no/little changes to exisiting code and
> > pass all "expanded" skbs through existing xfrm rcv functions.
>
> I agree here with Florian. The code behind this ABI
> is already complicated. Please stay away from generic
> code a much as possible. Generic and compat code should
> be clearly separated.
Yeah, I tend to agree that it would be better to separate it.
But:
1. It will double copy netlink messages, making it O(n) instead of
O(1), where n - is number of bind()s.. Probably we don't care much.
2. The patches not-yet-done on the link have +500 added lines - as much
as my working patches set, so probably it'll add more code.
Probably, we don't care that much about amount of code added and
additional copies than about separating compat layer from the main
code. Will look into that.
--
Thanks,
Dmitry
next prev parent reply other threads:[~2018-07-27 14:03 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-26 2:31 [PATCH 00/18] xfrm: Add compat layer Dmitry Safonov
2018-07-26 2:31 ` [PATCH 01/18] x86/compat: Adjust in_compat_syscall() to generic code under !COMPAT Dmitry Safonov
2018-07-26 2:31 ` [PATCH 02/18] compat: Cleanup in_compat_syscall() callers Dmitry Safonov
2018-07-26 2:31 ` [PATCH 03/18] selftest/net/xfrm: Add test for ipsec tunnel Dmitry Safonov
2018-07-26 2:31 ` [PATCH 04/18] net/xfrm: Add _packed types for compat users Dmitry Safonov
2018-07-26 2:31 ` [PATCH 05/18] net/xfrm: Parse userspi_info{,_packed} depending on syscall Dmitry Safonov
2018-07-26 2:31 ` [PATCH 06/18] netlink: Do not subscribe to non-existent groups Dmitry Safonov
2018-07-26 4:22 ` David Miller
2018-07-27 13:43 ` Dmitry Safonov
2018-07-26 2:31 ` [PATCH 07/18] netlink: Pass groups pointer to .bind() Dmitry Safonov
2018-07-26 2:31 ` [PATCH 08/18] xfrm: Add in-kernel groups for compat notifications Dmitry Safonov
2018-07-26 2:31 ` [PATCH 09/18] xfrm: Dump usersa_info in compat/native formats Dmitry Safonov
2018-07-26 2:31 ` [PATCH 10/18] xfrm: Send state notifications in compat format too Dmitry Safonov
2018-07-26 2:31 ` [PATCH 11/18] xfrm: Add compat support for xfrm_user_expire messages Dmitry Safonov
2018-07-26 2:31 ` [PATCH 12/18] xfrm: Add compat support for xfrm_userpolicy_info messages Dmitry Safonov
2018-07-26 2:31 ` [PATCH 13/18] xfrm: Add compat support for xfrm_user_acquire messages Dmitry Safonov
2018-07-26 2:31 ` [PATCH 14/18] xfrm: Add compat support for xfrm_user_polexpire messages Dmitry Safonov
2018-07-26 2:31 ` [PATCH 15/18] xfrm: Check compat acquire listeners in xfrm_is_alive() Dmitry Safonov
2018-07-26 2:31 ` [PATCH 16/18] xfrm: Notify compat listeners about policy flush Dmitry Safonov
2018-07-26 2:31 ` [PATCH 17/18] xfrm: Notify compat listeners about state flush Dmitry Safonov
2018-07-26 2:31 ` [PATCH 18/18] xfrm: Enable compat syscalls Dmitry Safonov
2018-07-26 8:49 ` [PATCH 00/18] xfrm: Add compat layer Florian Westphal
2018-07-27 7:37 ` Steffen Klassert
2018-07-27 14:02 ` Dmitry Safonov [this message]
2018-07-27 14:19 ` Florian Westphal
2018-07-27 14:51 ` Dmitry Safonov
[not found] ` <CADhJOfam+cY8uD4XTGvZSEFQdAgTu49G6cg6c64NJoP3bNuBmw@mail.gmail.com>
2018-07-28 16:26 ` Dmitry Safonov
2018-07-28 21:18 ` David Miller
2018-07-30 17:39 ` Dmitry Safonov
2018-07-30 19:43 ` Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1532700173.2679.18.camel@arista.com \
--to=dima@arista.com \
--cc=0x7f454c46@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=coreteam@netfilter.org \
--cc=davem@davemloft.net \
--cc=eparis@redhat.com \
--cc=fan.du@intel.com \
--cc=fw@strlen.de \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=john.stultz@linaro.org \
--cc=kadlec@blackhole.kfki.hu \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-audit@redhat.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mchehab+samsung@kernel.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=pablo@netfilter.org \
--cc=paul@paul-moore.com \
--cc=rostedt@goodmis.org \
--cc=sboyd@kernel.org \
--cc=shuah@kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox