On Sun, 21 Apr 2024 13:32:24 -0600 David Ahern wrote: > On 4/21/24 1:17 PM, Eric Dumazet wrote: > > I wonder if NLM_F_DUMP_FILTERED should not be reported to user space ? > > good point. We do set that flag for other dumps when a filter has been > used to limit data returned. That flag appears to be a, hm, historic workaround? If I was to guess what the motivation was I'd say that it's because "old school netlink" didn't reject unknown attributes. And you wanted to know whether the kernel did the filtering or you have to filter again in user space? Am I close? :) The flag is mostly used in the IP stack, I'd rather try to deprecate it than propagate it to new genetlink families which do full input validation, rendering the flag 100% unnecessary.