lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 30 Sep 2020 12:14:04 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Johannes Berg <johannes@...solutions.net>
Cc:     Jiri Pirko <jiri@...nulli.us>, Michal Kubecek <mkubecek@...e.cz>,
        dsahern@...nel.org, pablo@...filter.org, netdev@...r.kernel.org
Subject: Re: Genetlink per cmd policies

On Wed, 30 Sep 2020 21:03:08 +0200 Johannes Berg wrote:
> On Wed, 2020-09-30 at 12:01 -0700, Jakub Kicinski wrote:
> > On Wed, 30 Sep 2020 20:36:24 +0200 Johannes Berg wrote:  
> > > On Wed, 2020-09-30 at 09:44 -0700, Jakub Kicinski wrote:
> > >   
> > > > I started with a get_policy() callback, but I didn't like it much.
> > > > Static data is much more pleasant for a client of the API IMHO.    
> > > 
> > > Yeah, true.
> > >   
> > > > What do you think about "ops light"? Insufficiently flexible?    
> > > 
> > > TBH, I'm not really sure how you'd do it?  
> > 
> > There are very few users who actually access ops, I was thinking that
> > callers to genl_get_cmd() should declare a full struct genl_ops on the
> > stack (or in some context, not sure yet), and then genl_get_cmd() will
> > fill it in.
> > 
> > If family has full ops it will do a memcpy(); if the ops are "light" it
> > can assign the right pointers.
> > 
> > Plus it can propagate the policy and maxattr from family if needed in
> > both cases.  
> 
> Oh, so you were thinking you'd have to sort of decide on the *family*
> level whether you want "light" or "heavy" ops?
> 
> Hm. I guess you could even have both?
> 
> 	struct genl_ops *ops;
> 	struct genl_ops_ext *extops;
> 
> and then search both arrays, no need for memcpy/pointer assignment?

Yup, both should work quite nicely, too. No reason to force one or the
other.

Extra n_ops_ext should be fine, I think I can make n_ops a u8 in 
the first place, since commands themselves are u8s. And 0 is commonly
unused.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ