lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <e85381f3d7575d8784f54c5a3abdb60be190c4af.camel@kernel.org> Date: Thu, 30 Nov 2023 11:55:29 -0500 From: Jeff Layton <jlayton@...nel.org> To: Lorenzo Bianconi <lorenzo@...nel.org>, Chuck Lever <chuck.lever@...cle.com> Cc: linux-nfs@...r.kernel.org, lorenzo.bianconi@...hat.com, neilb@...e.de, netdev@...r.kernel.org, kuba@...nel.org Subject: Re: [PATCH v5 3/3] NFSD: convert write_ports to netlink command On Thu, 2023-11-30 at 11:22 -0500, Jeff Layton wrote: > On Thu, 2023-11-30 at 10:57 +0100, Lorenzo Bianconi wrote: > > > > > > > > +/* ============== NFSD_CMD_LISTENER_START ============== */ > > > > +/* NFSD_CMD_LISTENER_START - do */ > > > > +struct nfsd_listener_start_req { > > > > + struct { > > > > + __u32 transport_name_len; > > > > + __u32 port:1; > > > > + } _present; > > > > + > > > > + char *transport_name; > > > > + __u32 port; > > > > +}; > > > > > > How do you deconfigure a listener with this interface? i.e. suppose I > > > want to stop nfsd from listening on a particular port? I think this too > > > is a place where a declarative interface would be better: > > > > Is it possible with current APIs? as for 2/3 so far I have just added netlink > > counter for current implementation but I am fine to change the logic here to > > better APIs. > > > > > > > No, I don't think you can do this with the current API at all. I > consider it a major deficiency. I don't think we want to repeat that > mistake in the new interface. > > > > Have userland send down a list of the ports that we should currently be > > > listening on, and let the kernel do the work to match the request. Again > > > too, an empty list could mean "close everything". > > > > > > > Another thought: should this interface also report and allow you to specify the address to listen on? When the write_ports interface was first created, it lacked a field for the address to listen on. Later we added a way to just hand off a socket to the kernel to pass that info. I think it's possible today to send down a socket that only listens on a particular address, and you have no real way to tell that with the current "ports" file. Should we instead plumb a complete struct sockaddr_storage (or some other suitable address structure) into this interface? -- Jeff Layton <jlayton@...nel.org>
Powered by blists - more mailing lists