From: Jason Wang <jasow...@redhat.com> Date: Fri, 14 Dec 2012 17:53:30 +0800
> The current multiqueue API is ambigious which may confuse both user and LSM to > do things correctly: > > - Both TUNSETIFF and TUNSETQUEUE could be used to create the queues of a > tuntap > device. > - TUNSETQUEUE were used to disable and enable a specific queue of the > device. But since the state of tuntap were completely removed from the > queue, > it could be used to attach to another device (there's no such kind of > requirement currently, and it needs new kind of LSM policy. > - TUNSETQUEUE could be used to attach to a persistent device without any > queues. This kind of attching bypass the necessary checking during TUNSETIFF > and may lead unexpected result. > > So this patch tries to make a cleaner and simpler API by: > > - Only allow TUNSETIFF to create queues. > - TUNSETQUEUE could be only used to disable and enabled the queues of a > device, > and the state of the tuntap device were not detachd from the queues when it > was disabled, so TUNSETQUEUE could be only used after TUNSETIFF and with the > same device. > > This is done by introducing a list which keeps track of all queues which were > disabled. The queue would be moved between this list and tfiles[] array when > it > was enabled/disabled. A pointer of the tun_struct were also introdued to track > the device it belongs to when it was disabled. > > After the change, the isolation between management and application could be > done > through: TUNSETIFF were only called by management software and TUNSETQUEUE > were > only called by application.For LSM/SELinux, the things left is to do proper > check during tun_set_queue() if needed. > > Signed-off-by: Jason Wang <jasow...@redhat.com> Applied. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
