Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp201576imm; Thu, 26 Jul 2018 01:51:40 -0700 (PDT) X-Google-Smtp-Source: AAOMgpd77yD2xpqiGv8560Y9GN6KC0ztrV055Ons6woc0Yg0ay8AXa6z2oLRN7fEa7LQeQLnEtCY X-Received: by 2002:a62:9042:: with SMTP id a63-v6mr1238169pfe.52.1532595100344; Thu, 26 Jul 2018 01:51:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532595100; cv=none; d=google.com; s=arc-20160816; b=QtfHgfm9UrJLljeUKeRwapV+U6R9Zu2k9Q4DfdCrlE7u3DpkB/bNTpj5rS8v3kf2MQ s/OC7HCClyuD3+ZtPCdMdcTAwDLQQ2xasIu/IPxGmJOpXWQbfZTDTUmmZ0dXMxkkMkX2 4p5/DfFkh3dxB9Kz8QTMuEsViE9kjFdfwmiOWEoKnH4hLxFqSszo/PDMgkKB6j03Kv4R 2ryoGCamhPKJeJ8ko0Wpz4Q841N1aRgJ+9DEg+eceX+0rT8C/P4CN7Cv7XTAIuRb1QFP +guxfhhz6lLV4O7VDNmTuIE0V7cc2bjLiIoLe7hYMQvmGAWnOMUedX8KmiVDqyq+Z6aG tdfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=rPoOE7UGBy5A1pB6PUR2clpHQesGu02rGEYfawb2wME=; b=kfen1UQ7P5tE11nDy51afWrjFnfRyW2RbGLoquaMySMonPOrTUewNDFvIZbaacQbEv rklQlU5uFdGa5sGcFGju1CgRgvves52V7VbN12qvzuLwLyg2Soky8IPwb8ez683Lb7kh bXKElDB8FqNwz7ezS4o40GUJZYK1DMoO+ArGCa1q7btZlNsESMJ81H2HkwqKSDokUBeV DwbIScCNwxaeYuqKnJSs5DE9exxxStZwJAu7yLKmIBd55q3/qGFn/8SAbJB+ilg8msKb GBNOwXulB8/CIr3FrlRZp9cswh7UAw5yi7+adRVqw04ZSk3fzNRoE5MVZxRTTcQwtaAf +BpA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p17-v6si918413pfd.76.2018.07.26.01.51.25; Thu, 26 Jul 2018 01:51:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729283AbeGZKGU (ORCPT + 99 others); Thu, 26 Jul 2018 06:06:20 -0400 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:51364 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728825AbeGZKGU (ORCPT ); Thu, 26 Jul 2018 06:06:20 -0400 Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.89) (envelope-from ) id 1fibyB-0001PG-Lz; Thu, 26 Jul 2018 10:49:59 +0200 Date: Thu, 26 Jul 2018 10:49:59 +0200 From: Florian Westphal To: Dmitry Safonov Cc: linux-kernel@vger.kernel.org, "David S. Miller" , Herbert Xu , Steffen Klassert , Dmitry Safonov <0x7f454c46@gmail.com>, netdev@vger.kernel.org, Andy Lutomirski , Ard Biesheuvel , "H. Peter Anvin" , Ingo Molnar , John Stultz , "Kirill A. Shutemov" , Oleg Nesterov , Stephen Boyd , Steven Rostedt , Thomas Gleixner , x86@kernel.org, linux-efi@vger.kernel.org, Andrew Morton , Greg Kroah-Hartman , Mauro Carvalho Chehab , Shuah Khan , linux-kselftest@vger.kernel.org, Eric Paris , Florian Westphal , Jozsef Kadlecsik , Pablo Neira Ayuso , Paul Moore , coreteam@netfilter.org, linux-audit@redhat.com, netfilter-devel@vger.kernel.org, Fan Du Subject: Re: [PATCH 00/18] xfrm: Add compat layer Message-ID: <20180726084959.pzjvflfjq6a76du6@breakpoint.cc> References: <20180726023144.31066-1-dima@arista.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180726023144.31066-1-dima@arista.com> User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Dmitry Safonov wrote: > So, here I add a compatible layer to xfrm. > As xfrm uses netlink notifications, kernel should send them in ABI > format that an application will parse. The proposed solution is > to save the ABI of bind() syscall. The realization detail is > to create kernel-hidden, non visible to userspace netlink groups > for compat applications. Why not use exisiting netlink support? Just add the 32bit skb to skb64->frag_list and let netlink find if tasks needs 64 or 32 one. It only needs this small fix to properly signal the end of a dump: https://marc.info/?l=linux-netdev&m=126625240303351&w=2 I had started a second attempt to make xfrm compat work, but its still in early stage. One link that might still have some value: https://git.breakpoint.cc/cgit/fw/net-next.git/commit/?h=xfrm_config_compat_07&id=f64430e6d9e297f3990f485a4832e273751b9869 (compat structure definitions with BUILD_BUG_ON checking) My plan was to make xfrm compat work strictly as shrinker (64->32) and expander (32->64), i.e. no/little changes to exisiting code and pass all "expanded" skbs through existing xfrm rcv functions. Example to illustrate idea: https://git.breakpoint.cc/cgit/fw/net-next.git/commit/?h=xfrm_config_compat_07&id=c622f067849b02170127b69471cb3481e4bc9e49 ... its supposed to take 64bit skb and create a 32bit one from it. Just for reference; I currently don't plan to work on this again.