[Top] [All Lists]

Re: Check connect address in NETLINK

To: Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>
Subject: Re: Check connect address in NETLINK
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 29 Jun 2004 18:45:52 +1000
Cc: "David S. Miller" <davem@xxxxxxxxxx>, netdev@xxxxxxxxxxx
In-reply-to: <20040629082252.GA26866@xxxxxxxxxxxxx>
References: <20040628231439.GA3021@xxxxxxxxxxxxxxxxxxx> <20040629082252.GA26866@xxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040523i
On Tue, Jun 29, 2004 at 12:22:52PM +0400, Alexey Kuznetsov wrote:
> Do you mean the restriction sort of made in AF_UNIX SOCK_DGRAM:
> a connected socket receives messages only from its destination?

Exactly.  Another example would be UDP over IP.

> It was not done because netlink sockets were expected to listen
> for broadcasts, so that this kind of protection would be not useful
> and even harmful. But taking into account that inter-application
> communication is not used, only kernel sends broadcasts and applications
> talking to kernel will receive such broadcasts, because they are connected
> to kernel.

I've had a look in the various NETLINK applications that I know of,
including quagga/iproute/iptables and all the stuff that I wrote, 
none of them does a connect at all.

So it should be harmless to introduce this new semantics.

> The troube is that pid of kernel socket used to be 0, so that
> applications connected to kernel are not connected in technical sense. :-)

That's kind of a good thing since it means that existing applications
are less likely to call connect(2) :)

> Apparently, to implement this we have to add some kind of flag
> marking connected sockets.

Or we can set the disconnected pid to a negative value since POSIX
requires pid_t to be signed.  I see that you've reserved everything
between -4096 and 0.  So perhaps we can pick -1?

Visit Openswan at
Email:  Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key:

<Prev in Thread] Current Thread [Next in Thread>