On 09/02/2026 11:48, Sebastian Andrzej Siewior wrote:
On 2026-02-09 10:43:55 [+0000], Vadim Fedorenko wrote:
On 09/02/2026 09:06, Sebastian Andrzej Siewior wrote:
On 2026-02-08 11:25:40 [-0500], Willem de Bruijn wrote:
But it's more like a question to maintainers whether it is acceptable
way of "fixing" drivers or it's no-go solution
Requiring OPT_TSONLY unless CAP_NET_RAW would break legacy users.
Well, they are kinda broken already. Without OPT_TSONLY and CAP_NET_RAW all TX
timestamps are silently dropped.
Are you referring to sysctl_tstamp_allow_data?
That is enabled by default.
Yes. If so, then we don't need the check below which requires
sk_callback_lock.
Are SIOCSHWTSTAMP the legacy users or the ones which do not set
OPT_TSONLY?
I would suggest to move the CAP_NET_RAW check to the point where
timestamping is getting enabled.
Also if ndo_hwtstamp_set is the preferred method of getting things done,
I could check how many old ones are can be easily converted…
Looks like you are mixing things. SIOCSHWTSTAMP/ndo_hwtstamp_set are HW
configuration calls while OPT_TSONLY is socket option, which is setup via
setsockopt, you can find points searching for
SOF_TIMESTAMPING_OPT_TSONLY in the sources, basically
sock_set_timestamping() is the function to check
Yeah, but what is the legacy user here? If you enable HW-timestamps but
never set OPT_TSONLY and the sysctl is also 0 then you reply on the
CAP_NET_RAW later on. Right?
Legacy users here means users of HW TX timestamps expecting full skb to
be returned back with the TX timestamp. Legacy here means that skb will
be returned with headers modified by stack, which is kind of exposure of
data, which requires CAP_NET_RAW...
I just try to justify the CAP_NET_RAW check and if it is required to
move it earlier (where HW timestamps are enabled). And if the sysctl
check is enough then maybe it is not needed.
Capabilities should not change during lifetime of the process, should be
fine to move. On the other, sysctl can be changed system-wide which may
affect users.
To receive these timestamps users have to get
CAP_NET_RAW permission, and it will work with the updated logic as well...
Sebastian
