Re: [GIT PULL] kdbus for 4.1-rc1
From: Åukasz Stelmach
Date: Thu Apr 30 2015 - 08:40:55 EST
It was <2015-04-30 czw 14:23>, when Richard Weinberger wrote:
> Am 30.04.2015 um 14:16 schrieb Åukasz Stelmach:
>> It was <2015-04-30 czw 12:40>, when Richard Weinberger wrote:
>>> Am 30.04.2015 um 12:19 schrieb Åukasz Stelmach:
>>>> It was <2015-04-30 czw 11:12>, when Richard Weinberger wrote:
>>>>> Am 30.04.2015 um 11:05 schrieb Åukasz Stelmach:
>>>>>> Regardless, of initrd issues I feel there is a need of a local IPC
>>>>>> that is more capable than UDS.
[...]
>>>> For example, a service can't aquire credentials of a client process that
>>>> actually sent a request (it can, but it can't trust them). The service
>>>> can't be protected by LSM on a bus that is driven by dbus-daemon. Yes,
>>>> dbus-daemon, can check client's and srevice's labels and enforce a
>>>> policy but it is going to be the daemon and not the LSM code in the
>>>> kernel.
>>>
>>> That's why I said we can think of new kernel features if they are
>>> needed. But they current sink or swim approach of kdbus folks is also
>>> not the solution. As I said, if dbus-daemon utilizes the kernel
>>> interface as much as possible we can think of new features.
>>
>> What kernel interfaces do you suggest to use to solve the issues
>> I mentioned in the second paragraph: race conditions, LSM support (for
>> example)?
>
> The question is whether it makes sense to collect this kind of meta data.
> I really like Andy and Alan's idea improve AF_UNIX or revive AF_BUS.
Race conditions have nothing to do with metadata. Neither has LSM
support.
AF_UNIX with multicast support wouldn't be AF_UNIX anymore.
AF_BUS? I haven't followed the discussion back then. Why do you think it
is better than kdbus?
--
Åukasz Stelmach
Samsung R&D Institute Poland
Samsung Electronics
Attachment:
signature.asc
Description: PGP signature