Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759337AbaJ3M3D (ORCPT ); Thu, 30 Oct 2014 08:29:03 -0400 Received: from bhuna.collabora.co.uk ([93.93.135.160]:33417 "EHLO bhuna.collabora.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759157AbaJ3M3A (ORCPT ); Thu, 30 Oct 2014 08:29:00 -0400 Message-ID: <54522F08.7080005@collabora.co.uk> Date: Thu, 30 Oct 2014 12:28:56 +0000 From: Simon McVittie Organization: Collabora Ltd. User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.2.0 MIME-Version: 1.0 To: Tom Gundersen , Andy Lutomirski CC: Greg Kroah-Hartman , Jiri Kosina , Linux API , "linux-kernel@vger.kernel.org" , John Stultz , Arnd Bergmann , Tejun Heo , Marcel Holtmann , Ryan Lortie , Bastien Nocera , David Herrmann , Djalal Harouni , Daniel Mack , "alban.crequy" , Javier Martinez Canillas Subject: Re: [PATCH 00/12] Add kdbus implementation References: <1414620056-6675-1-git-send-email-gregkh@linuxfoundation.org> <20141029231106.GB16548@kroah.com> <20141029234001.GB16520@kroah.com> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 30/10/14 11:52, Tom Gundersen wrote: > For example, if you want to get the audit identity > bits, you can now get this attached securely by the kernel, at the > time the message is sent, rather than having to firest get the peer's > $PID from SCM_CREDENTIALS and then read the audit identity bits racily > from /proc/$PID/loginuid and /proc/$PID/sessionid ... which dbus-daemon (traditional D-Bus) deliberately doesn't offer as a feature, because we are not aware of any way to do that over Unix sockets without a race condition; and if we can't have it securely, we don't want to have it at all. It would be great if kdbus can fix that omission. Capabilities are in the same boat, and as a result, systemd can't currently have D-Bus methods that can only be called with CAP_WHATEVER. > * fewer userspace context switches [...] > * fewer message copies in userspace Readers are probably already aware of this, but note that D-Bus is designed to be usable between mutually distrusting processes, which is why we use Unix sockets and a lot of copies, rather than mmap or something. S -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/