lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Feb 2012 08:21:57 +0100 From: Eric Dumazet <eric.dumazet@...il.com> To: "Erich E. Hoover" <ehoover@...es.edu> Cc: Linux Netdev <netdev@...r.kernel.org> Subject: Re: [PATCH v6 1/2] Implement IP_UNICAST_IF socket option. Le mardi 07 février 2012 à 14:44 -0700, Erich E. Hoover a écrit : > The IP_UNICAST_IF feature is needed by the Wine project. This patch implements the feature by setting the outgoing interface in a similar fashion to that of IP_MULTICAST_IF. A separate option is needed to handle this feature since the existing options do not provide all of the characteristics required by IP_UNICAST_IF, a summary is provided below. > > SO_BINDTODEVICE: > * SO_BINDTODEVICE requires administrative privileges, IP_UNICAST_IF does not. From reading some old mailing list articles my understanding is that SO_BINDTODEVICE requires administrative privileges because it can override the administrator's routing settings. > * The SO_BINDTODEVICE option restricts both outbound and inbound traffic, IP_UNICAST_IF only impacts outbound traffic. > > IP_PKTINFO: > * Since IP_PKTINFO and IP_UNICAST_IF are independent options, implementing IP_UNICAST_IF with IP_PKTINFO will likely break some applications. > * Implementing IP_UNICAST_IF on top of IP_PKTINFO significantly complicates the Wine codebase and reduces the socket performance (doing this requires a lot of extra communication between the "server" and "user" layers). > > bind(): > * bind() does not work on broadcast packets, IP_UNICAST_IF is specifically intended to work with broadcast packets. > * Like SO_BINDTODEVICE, bind() restricts both outbound and inbound traffic. > > Signed-off-by: Erich E. Hoover <ehoover@...es.edu> This seems good, only the changelog is not formatted to fit in short lines (70 cols) Also title should include subsystem name : ipv4: Implement IP_UNICAST_IF socket option. Acked-by: Eric Dumazet <eric.dumazet@...il.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists