| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Jan 2015 12:42:26 +0100 From: Daniel Mack <daniel@...que.org> To: Andy Lutomirski <luto@...capital.net> CC: Michael Kerrisk <mtk.manpages@...il.com>, Arnd Bergmann <arnd@...db.de>, Theodore T'so <tytso@....edu>, Linux API <linux-api@...r.kernel.org>, One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>, Austin S Hemmelgarn <ahferroin7@...il.com>, Tom Gundersen <teg@...m.no>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, linux-kernel <linux-kernel@...r.kernel.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, David Herrmann <dh.herrmann@...il.com>, Djalal Harouni <tixxdz@...ndz.org>, Johannes Stezenbach <js@...21.net>, Christoph Hellwig <hch@...radead.org> Subject: Re: [PATCH 01/13] kdbus: add documentation On 01/29/2015 12:25 PM, Andy Lutomirski wrote: > On Jan 29, 2015 3:53 AM, "Daniel Mack" <daniel@...que.org> wrote: >> Also note that if a receiving peer opts in for a certain piece of >> metadata, it should do that that for a good reason, because it needs >> that data to process a request. Letting kdbus do the work of providing >> such information is still a lot faster than having the receiving peer >> gather it itself, as that would involve more syscalls and more context >> switches (let alone the fact that doing so is inherently racy, as >> explained in earlier threads). > Given that I see almost no advantage to send-time metadata, and I see > three disadvantages (slower, inconsistent with the basic POSIX model, > and inconsistent with existing user-space dbus), I still don't see why > you designed it this way. Because effective information about tasks may change over time, and D-Bus is a connection-less protocol that has no notion of peer-to-peer connections. As we explained before, currently, D-Bus peers do collect the same information already if they need to have them, but they have to do deal with the inherit races in such cases. kdbus is closing the gap by optionally providing the same information along with each message, if requested. > There's an added disadvantage of the current design: if a kdbus user > is communicating with a traditional d-bus user using the proxy, then > IIUC the credentials at the time of connection get used. That's not quite true any more. After our discussion in v2, we agreed on dropping this detail. If you're using the proxy, no metadata is attached to messages any more. Userspace has to gather this information in the traditional, racy way in such cases. You are right - metadata about the proxy task is of no interest here, and hence dropping the information altogether is the most consistent thing we can do. But again - that metadata thing just an optional feature. People developing with the bare kernel-level API are free to ignore all that and just just kdbus as low-level protocol for reliable multicast. Note that in such cases, you would still be able to retrieve the connect-time metadata if that's needed. Thanks, Daniel -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists