| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <willemdebruijn.kernel.2e6213a98660b@gmail.com> Date: Mon, 09 Feb 2026 07:46:01 -0500 From: Willem de Bruijn <willemdebruijn.kernel@...il.com> To: Vadim Fedorenko <vadim.fedorenko@...ux.dev>, Sebastian Andrzej Siewior <bigeasy@...utronix.de> Cc: Willem de Bruijn <willemdebruijn.kernel@...il.com>, Willem de Bruijn <willemb@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>, "David S. Miller" <davem@...emloft.net>, "Loktionov, Aleksandr" <aleksandr.loktionov@...el.com>, Kurt Kanzenbach <kurt@...utronix.de>, "Nguyen, Anthony L" <anthony.l.nguyen@...el.com>, "Kitszel, Przemyslaw" <przemyslaw.kitszel@...el.com>, Paul Menzel <pmenzel@...gen.mpg.de>, "Gomes, Vinicius" <vinicius.gomes@...el.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, Richard Cochran <richardcochran@...il.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Andrew Lunn <andrew+netdev@...n.ch>, "intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org>, "Keller, Jacob E" <jacob.e.keller@...el.com> Subject: Re: [Intel-wired-lan] [PATCH iwl-next v3] igb: Retrieve Tx timestamp directly from interrupt for i210 Vadim Fedorenko wrote: > On 09/02/2026 11:48, Sebastian Andrzej Siewior wrote: > > On 2026-02-09 10:43:55 [+0000], Vadim Fedorenko wrote: > >> On 09/02/2026 09:06, Sebastian Andrzej Siewior wrote: > >>> On 2026-02-08 11:25:40 [-0500], Willem de Bruijn wrote: > >>>>>>> But it's more like a question to maintainers whether it is acceptable > >>>>>>> way of "fixing" drivers or it's no-go solution > >>>>>> > >>>>>> Requiring OPT_TSONLY unless CAP_NET_RAW would break legacy users. > >>>>> > >>>>> Well, they are kinda broken already. Without OPT_TSONLY and CAP_NET_RAW all TX > >>>>> timestamps are silently dropped. > >>>> > >>>> Are you referring to sysctl_tstamp_allow_data? > >>>> > >>>> That is enabled by default. > >>> > >>> Yes. If so, then we don't need the check below which requires > >>> sk_callback_lock. > >>> > >>> Are SIOCSHWTSTAMP the legacy users or the ones which do not set > >>> OPT_TSONLY? > >>> > >>> I would suggest to move the CAP_NET_RAW check to the point where > >>> timestamping is getting enabled. > >>> Also if ndo_hwtstamp_set is the preferred method of getting things done, > >>> I could check how many old ones are can be easily converted… > >> > >> Looks like you are mixing things. SIOCSHWTSTAMP/ndo_hwtstamp_set are HW > >> configuration calls while OPT_TSONLY is socket option, which is setup via > >> setsockopt, you can find points searching for > >> SOF_TIMESTAMPING_OPT_TSONLY in the sources, basically > >> sock_set_timestamping() is the function to check > > > > Yeah, but what is the legacy user here? If you enable HW-timestamps but > > never set OPT_TSONLY and the sysctl is also 0 then you reply on the > > CAP_NET_RAW later on. Right? > > Legacy users here means users of HW TX timestamps expecting full skb to > be returned back with the TX timestamp. Legacy here means that skb will > be returned with headers modified by stack, which is kind of exposure of > data, which requires CAP_NET_RAW... > > > I just try to justify the CAP_NET_RAW check and if it is required to > > move it earlier (where HW timestamps are enabled). And if the sysctl > > check is enough then maybe it is not needed. > > Capabilities should not change during lifetime of the process, should be > fine to move. On the other, sysctl can be changed system-wide which may > affect users. Ignore the hardware configuration. That is entirely optional. Some devices will timestamp every packet. The capability check here is per-socket, independent from the system hardware configuration. I don't see how it could be moved. Before OPT_TSONLY was introduced packets were always queued with their payload. The sysctl check was added to optionally disallow this. The check could arguably be moved earlier in the socket lifecycle and the decision cached in the socket. But then flipping the sysctl would not affect existing sockets, so that is a change in ABI behavior.
Powered by blists - more mailing lists