From: jamal <hadi@cyberus.ca>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Thomas Graf <tgraf@suug.ch>,
hasso@estpak.ee, kuznet@ms2.inr.ac.ru, davem@davemloft.net,
netdev@vger.kernel.org
Subject: Re: [PATCH 09/16] [IPv6] address: Convert address notification to use rtnl_notify()
Date: Wed, 16 Aug 2006 08:04:24 -0400 [thread overview]
Message-ID: <1155729864.5122.95.camel@jzny2> (raw)
In-Reply-To: <20060816113950.GA29003@gondor.apana.org.au>
On Wed, 2006-16-08 at 21:39 +1000, Herbert Xu wrote:
> So let's step back a bit and think about where does this pid really
> come from. The field in question is nlmsg_pid. Its primary purpose
> is to identify unicast transactions along with the field nlmsg_seq.
> It was not designed to identify the origin of a broadcast kernel
> notification to a third party.
There are quiet a few things that netlink design intent was not
intending to solve that became needed over time. This being one IMHO.
Design intent and eventual (sometimes creative) use occasionally create
an impedance ;-> Evolution is the only description i can think of.
> For this purpose, the value of nlmsg_pid is set to the address of
> the destination socket for a particular unicast message (also known
> as the pid).
Since we are talking history:
The idea of it being a destination socket _was not_ design intent. It
was evolution. I recall James Morris actually to be the first person
whining about this ambiguity when coding up nfqueue. I cant remember who
fixed it (I am inclined to think it was you;->)
> That pid in turn has only a vague connection with the process ID
> of the process owning the socket. For practical purposes, we
> should not treat it as a process ID it can easily be claimed by
> another process (think socket + bind + fork).
If you want to be complete the kernel should "fix" the pid in
netlink::sendmsg().
> For a broadcast notification, the nlmsg_pid field is meaningless
> because the nlmsg_seq field is also meaningless.
nlmsg_seq is meaningless; "seq" is again a bad noun. It should be
"cookie".
> I'm not denying
> that it wouldn't be useful to have the originator's socket address
> in there. What I'm saying is that it's the wrong place to put
> that information.
>
> In any case, putting current->pid in this field is definitely
> a bad idea because it only encourages people to confuse the
> netlink pid with the process ID which can lead to security
> problems later on.
current->pid i think is coming out to be a bad idea. Thomas' patches
revert it out. Again this has everything to do with the original idea
what maps to pid now changing to socketid.
What do you think of the idea of infact rewriting the pid to be that of
the socket id?
cheers,
jamal
next prev parent reply other threads:[~2006-08-16 12:04 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-14 21:37 [PATCHSET] rtnetlink notification rework Thomas Graf
2006-08-13 22:00 ` [PATCH 01/16] [RTNETLINK]: Use rtnl_unicast() for rtnetlink unicasts Thomas Graf
2006-08-13 22:00 ` [PATCH 02/16] [NETLINK]: Add notification message sending interface Thomas Graf
2006-08-13 22:00 ` [PATCH 03/16] [RTNETLINK]: Add rtnetlink notification interface Thomas Graf
2006-08-13 22:00 ` [PATCH 04/16] [NET] fib_rules: Convert fib rule notification to use rtnl_notify() Thomas Graf
2006-08-13 22:00 ` [PATCH 05/16] [NEIGH]: Convert neighbour notifications ot " Thomas Graf
2006-08-13 22:00 ` [PATCH 06/16] [DECNET]: Convert DECnet notifications to " Thomas Graf
2006-08-13 22:00 ` [PATCH 07/16] [IPv4] address: Convert address notification " Thomas Graf
2006-08-13 22:00 ` [PATCH 08/16] [IPv4] route: Convert route notifications " Thomas Graf
2006-08-13 22:00 ` [PATCH 09/16] [IPv6] address: Convert address notification " Thomas Graf
2006-08-14 23:43 ` jamal
2006-08-14 23:51 ` jamal
2006-08-15 7:20 ` Hasso Tepper
2006-08-15 9:50 ` jamal
2006-08-15 0:07 ` Thomas Graf
2006-08-15 0:12 ` jamal
2006-08-15 0:36 ` Alexey Kuznetsov
2006-08-15 0:56 ` Herbert Xu
2006-08-15 2:46 ` jamal
2006-08-15 3:03 ` jamal
2006-08-15 11:17 ` Thomas Graf
2006-08-15 12:08 ` Hasso Tepper
2006-08-15 12:23 ` Thomas Graf
2006-08-16 2:58 ` Herbert Xu
2006-08-16 3:04 ` Herbert Xu
2006-08-16 10:58 ` Thomas Graf
2006-08-16 11:03 ` jamal
2006-08-16 11:12 ` Herbert Xu
2006-08-16 11:39 ` Herbert Xu
2006-08-16 12:04 ` jamal [this message]
2006-08-16 12:08 ` Herbert Xu
2006-08-16 12:08 ` Thomas Graf
2006-08-16 12:36 ` jamal
2006-08-16 13:04 ` Alexey Kuznetsov
2006-08-16 13:11 ` jamal
2006-08-16 12:13 ` Thomas Graf
2006-08-16 11:40 ` Thomas Graf
2006-08-16 11:57 ` Herbert Xu
2006-08-16 12:05 ` Thomas Graf
2006-08-16 12:08 ` jamal
2006-08-16 12:54 ` Alexey Kuznetsov
2006-08-13 22:00 ` [PATCH 10/16] [IPv6] route: Convert route notifications " Thomas Graf
2006-08-13 22:00 ` [PATCH 11/16] [IPv6] link: Convert link " Thomas Graf
2006-08-13 22:00 ` [PATCH 12/16] [IPv6] prefix: Convert prefix " Thomas Graf
2006-08-13 22:00 ` [PATCH 13/16] [BRIDGE]: Convert " Thomas Graf
2006-08-13 22:00 ` [PATCH 14/16] [WIRELESS]: " Thomas Graf
2006-08-13 22:00 ` [PATCH 15/16] [NET] link: " Thomas Graf
2006-08-13 22:00 ` [PATCH 16/16] [RTNETLINK]: Unexport rtnl socket Thomas Graf
2006-08-15 7:38 ` [PATCHSET] rtnetlink notification rework David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1155729864.5122.95.camel@jzny2 \
--to=hadi@cyberus.ca \
--cc=davem@davemloft.net \
--cc=hasso@estpak.ee \
--cc=herbert@gondor.apana.org.au \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).