On Fri, May 1, 2015 at 10:43 AM, Eric B Munson <emunson@xxxxxxxxxx> wrote: > In order to enable policy decisions in userspace, the data contained in > the SYN packet would be useful for tracking or identifying connections. > Only parts of this data are available to userspace after the hand shake > is completed. This patch exposes a new setsockopt() option that will, > when used with a listening socket, ask the kernel to cache the skb > holding the SYN packet for retrieval later. The SYN skbs will not be > saved while the kernel is in syn cookie mode. > > The same option will ask the kernel for the packet headers when used > with getsockopt() with the socket returned from accept(). The cached > packet will only be available for the first getsockopt() call, the skb > is consumed after the requested data is copied to userspace. Subsequent > calls will return -ENOENT. Because of this behavior, getsockopt() will > return -E2BIG if the caller supplied a buffer that is too small to hold > the skb header. What's the purpose and what headers are you returning? There was a bit of a mixup with tx timestamps where the set of headers returned was possibly excessive and incompletely thought out the first time around. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
