lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 21 May 2008 13:06:51 +0100
From:	Gerrit Renker <gerrit@....abdn.ac.uk>
To:	Tomasz Grobelny <tomasz@...belny.oswiecenia.net>
Cc:	acme@...hat.com, dccp@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH 1/1] [DCCP][QPOLICY]: Make information about qpolicies
	available to userspace

Hi Tomasz,

| Since packets with invalid cmsg parameters can be rejected by kernel there
| is a need to allow applications to access information on available policies
| and their respective cmsg parameters at runtime. This patch simplifies
| maintaining compatibility between userspace applications and DCCP code.
| 
The difference to querying supported CCIDs is that
 * CCIDs are all defined per RFC documents, and that
 * different combinations of CCIDs are possible due to the Kconfig options.

As far as I understand your patch, querying here has a different role -
ensuring compatibilities between kernel versions.

I think it might be too early for that:
 * it takes quite a long while until patches propagate through to 
   mainline (more than half a year), so that there is the time to
   come up with a single, well-tested interface;
 * at this stage it would be better to have documentation (man pages,
   web pages, sample application code etc.) to allow people to use 
   the interface - few will want to discover the interface by grepping
   through source code.

DCCP is full of half-finished things. I would much prefer to keep this
as simple as at all possible, to have time/room to fix the missing parts
(such as no ECN support) in DCCP.

As a possible suggestion, I came up with a minimalistic variant of 
querying the interface - only 7 lines, including documentation.

This is attached and it works by exploiting that
 * policy IDs are just numbers;
 * so that we could use the highest supported ID instead of an array;
 * parameters are tied to the individual policy, so that a second
   query (about which parameters are supported) is not necessary.
   
I have put this idea as a suggestion into the `qpolicy' subtree at
	git://eden-feed.erg.abdn.ac.uk/dccp_exp

A trivial test program using this interface can be downloaded from
http://www.erg.abdn.ac.uk/users/gerrit/dccp/query_ids.tar.gz

- Gerrit

View attachment "combined.diff" of type "text/x-diff" (1578 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ