From: "Rémi Denis-Courmont" <rdenis@simphalempin.com>
To: "YOSHIFUJI Hideaki / 吉藤英明" <yoshfuji@linux-ipv6.org>
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: Re: [PATCH] IPv6: optionaly validate RAs on raw sockets
Date: Wed, 11 Jul 2007 15:44:43 +0300 [thread overview]
Message-ID: <200707111544.43151.rdenis@simphalempin.com> (raw)
In-Reply-To: <20070711.212916.36390936.yoshfuji@linux-ipv6.org>
On Wednesday 11 July 2007 15:29:16 YOSHIFUJI Hideaki / 吉藤英明 wrote:
> In article <200707102111.18824@auguste.remlab.net> (at Tue, 10 Jul 2007
21:11:17 +0300), Remi Denis-Courmont <rdenis@simphalempin.com> says:
> > ICMPv6 Router Advertisements may now contain informations that is
> > mostly of interest to userland. This currently mostly consists of
> > recursive DNS server addresses (though one should expect other
> > stuff to come).
>
> I really do not want to have such non-standard API in kernel.
I can only think of a very limited set of ways to extract options from RAs
that the kernel currently ignores:
1) parse everything in kernel addrconf.c
2) validate RA in kernel, parse userland options in userland
3) parse everything in userland
4) do not support any option of interest to userland ever
5) userland and kernel do their own cooking separately
netdev folks already rejected (1) earlier. You just rejected (2) this instant.
(3) implies removing addrconf from the kernel completely, which does not
sound good, besides being a big waste. (4) means Linux is unusable on IPv6
networks. And it's already been pointed out (5) was not safe/secure (userland
may end up accepting something when it should not).
I might be missing something because I am a notoriously arrogant moron but it
looks like Linux IPv6 is in a dead-end for the time being :-(
What do you propose then?
--
Rémi Denis-Courmont
next prev parent reply other threads:[~2007-07-11 12:44 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-10 18:11 [PATCH] IPv6: optionaly validate RAs on raw sockets Remi Denis-Courmont
2007-07-11 12:29 ` YOSHIFUJI Hideaki / 吉藤英明
2007-07-11 12:44 ` Rémi Denis-Courmont [this message]
2007-07-11 13:20 ` David Stevens
2007-07-11 14:10 ` Vlad Yasevich
2007-07-11 16:10 ` David Stevens
2007-07-11 16:19 ` Rémi Denis-Courmont
2007-07-11 16:50 ` Vlad Yasevich
2007-07-11 20:56 ` David Miller
2007-07-11 21:17 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200707111544.43151.rdenis@simphalempin.com \
--to=rdenis@simphalempin.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).