lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 4 May 2016 19:14:36 -0700
From:	Stephen Hemminger <stephen@...workplumber.org>
To:	Andrey Vagin <avagin@...nvz.org>
Cc:	Andy Lutomirski <luto@...capital.net>, netdev@...r.kernel.org,
	David Miller <davem@...emloft.net>,
	"Eric W. Biedermanm" <ebiederm@...ssion.com>
Subject: Re: task_diag: add a new interface to get information about
 processes

On Wed, 4 May 2016 15:34:21 -0700
Andrey Vagin <avagin@...nvz.org> wrote:

> Hi Stephen,
> 
> On Wed, May 4, 2016 at 1:22 PM, Stephen Hemminger
> <stephen@...workplumber.org> wrote:
> > I understand how reading /proc or /sys can be a bottleneck, but this
> > proposed method using a system call is the wrong way to do this.
> >
> > Why not use netlink like other systems do which allows a message
> > based response which allows for future changes (no fixed datastructures),
> > and is message based.
> >
> > Generic netlink has already been used by several other subsystems.
> 
> I used netlink in two first versions of task_diag, but then Andy
> convinced me that netlink interfaces are not ideal for this case. I
> added him into Cс.
> 
> Here is a thread with our discussion about using netlink for
> task_diag: https://lkml.org/lkml/2015/12/15/520
> Can I ask you to read it and give your comments? It would be nice to
> find a way how to use netlink sockets instead of creating a new
> interface.
> 
> Thanks,
> Andrew

LKML is too busy, no one reads it anymore :-)
Since this is netlink related you need to discuss it on netdev.

The objection seems to be time or creation versus time of use and permissions.
Netlink internally is not really message based all responses are generated
in the context of the send().  You need credentials to create
the socket, but the actual response will occur in the context of the calling
process. I don't see how that is substantially different than a system call.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ