netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Eric Paris <eparis@redhat.com>
To: David Miller <davem@davemloft.net>
Cc: ebiederm@xmission.com, sgrubb@redhat.com, rgb@redhat.com,
	netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-audit@redhat.com, akpm@linux-foundation.org
Subject: Re: [RFC][PATCH] audit: Simplify by assuming the callers socket buffer is large enough
Date: Fri, 07 Mar 2014 22:56:52 -0500	[thread overview]
Message-ID: <1394251012.17193.9.camel@localhost> (raw)
In-Reply-To: <20140307.194801.1893514114998807038.davem@davemloft.net>

On Fri, 2014-03-07 at 19:48 -0500, David Miller wrote:
> From: Eric Paris <eparis@redhat.com>
> Date: Fri, 07 Mar 2014 17:52:02 -0500
> 
> > Audit is non-tolerant to failure and loss.
> 
> Netlink is not a loss-less transport.
I'm happy to accept that (and know it to be true).  How can I better
architect things?  It seems Eric is complaining that when we get a
request for info, we queue that info up, and then use a kthread to make
it available when the task next calls recv.  By using blocking sockets
in the kthread we have no problem with the size of the socket read buf.
If we switch to non-blocking sockets how can we possibly queue up more
than rmem size of data?  (honestly, if userspace used INT_MAX it is
almost certainly overkill for even the largest rulesets, but
theoretically, it's not...)

Is our design somehow wrong?  Flawed?  Mind you it's pretty dumb that we
do basically the same thing in 3 different audit code path, but the
architecture doesn't seem crazy to me.  Then again, I'm not brilliant by
any stretch!

   +------------------------------------------------------------------+
   |                                                                  |
   |               auditctl (audit tool run by root)                  |
   |         netlink send                         netlink receive     |
   +------------------------------------------------------------------+
                  +                                        ^
                  |                                        |
                  v                                        +
      +----------------------------+        +------------------------+
      | kernel audit generate skbs |        | send skbs to userspace |
      +----------------------------+        +------------------------+
                  +                                        ^
                  |        +------------------------+      |
                  +------->| send skbs to a kthread |+-----+
                           +------------------------+

  parent reply	other threads:[~2014-03-08  3:56 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <8738j3vzry.fsf@xmission.com>
     [not found] ` <20140301011142.GK16640@madcap2.tricolour.ca>
     [not found]   ` <87fvn2r0yb.fsf@xmission.com>
     [not found]     ` <874n3ir0uw.fsf_-_@xmission.com>
2014-03-01  4:50       ` [RFC][PATCH] audit: Simplify by assuming the callers socket buffer is large enough Eric W. Biederman
2014-03-04 21:30         ` Andrew Morton
2014-03-04 21:51           ` David Miller
2014-03-04 22:41             ` Eric W. Biederman
2014-03-04 22:50               ` Andrew Morton
2014-03-10  3:06                 ` [GIT PULL] namespaces fixes for 3.14-rcX Eric W. Biederman
2014-03-10 13:59                   ` Eric Paris
2014-03-10 19:56                     ` Eric W. Biederman
2014-03-16 18:36                       ` Richard Guy Briggs
2014-03-05  0:21               ` [RFC][PATCH] audit: Simplify by assuming the callers socket buffer is large enough David Miller
2014-03-05 16:59                 ` Steve Grubb
2014-03-05 18:06                   ` Eric W. Biederman
2014-03-07 22:52                     ` Eric Paris
2014-03-08  0:48                       ` David Miller
2014-03-08  3:27                         ` Steve Grubb
2014-03-08  6:34                           ` David Miller
2014-03-08  3:56                         ` Eric Paris [this message]
2014-03-10 19:30                       ` David Miller
2014-03-10 21:57                         ` Eric Paris

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1394251012.17193.9.camel@localhost \
    --to=eparis@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=davem@davemloft.net \
    --cc=ebiederm@xmission.com \
    --cc=linux-audit@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=rgb@redhat.com \
    --cc=sgrubb@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).