Re: Issues with capability bits and meta-data in kdbus

From: David Herrmann
Date: Wed Apr 22 2015 - 09:47:07 EST

Next message: Paolo Bonzini: "Re: [PATCH stable] KVM: x86: Fix lost interrupt on irr_pending race"
Previous message: Doug Ledford: "Re: [PATCH v4 1/2] IB/qib: add acounting for MTRR"
In reply to: Andy Lutomirski: "Re: Issues with capability bits and meta-data in kdbus"
Next in thread: Austin S Hemmelgarn: "Re: Issues with capability bits and meta-data in kdbus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi

On Wed, Apr 22, 2015 at 5:19 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> Where do you draw the line?

User-space draws _this_ line.

A bus creator can set the "mandatory metadata mask" of a bus. It
defines a mask all senders (!) have to use as base. The bus creator
can thus mandate a policy for its bus and force everyone who wants to
communicate via this bus to at least agree to transmit the requested
set of information. Using UIDs+GIDs+PIDs+seclabel+names as masks works
just fine.

To be clear, kdbus only transmits metadata that sender and receiver
both agreed on. Both peers have to opt-in for an item to be
transmitted.

Thanks
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paolo Bonzini: "Re: [PATCH stable] KVM: x86: Fix lost interrupt on irr_pending race"
Previous message: Doug Ledford: "Re: [PATCH v4 1/2] IB/qib: add acounting for MTRR"
In reply to: Andy Lutomirski: "Re: Issues with capability bits and meta-data in kdbus"
Next in thread: Austin S Hemmelgarn: "Re: Issues with capability bits and meta-data in kdbus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]