Dear Maintainers, According to packet(7), whenever raw packet is created by socket(), it's immediately running, meaning that internal packet_rcv() handler will be triggered and socket buffer will begin allocation of sk_buff until sk_rcvbuf limit is reached. However, by examination of kernel's internal handler packet_create() it looks that kernel handles case of zero protocol in a special manner. When packet_create() is called with arg protocol = 0, __register_prot_hook is not executed, meaning running state is still 0 and most notably, packet handler is not added to kernel list (vide dev_add_pack). I found this behavior invaluable for solving a subtle issue. When process creates raw packet socket to listen for (let's say) all protocols, but limited to a single network interface, then while this interface can set by bind, it may to be too late due to preemption (e.g. if real-time scheduling is used) and/or high-rate of packets on other interfaces, meaning that undesired packets (any count) may be pulled into the socket buffer. The proposed patch to define behavior when protocol is to zero with socket(). Please review. Signed-off-by: Grzegorz Szpetkowski gszpetkowski@xxxxxxxxx diff --git a/man7/packet.7 b/man7/packet.7 index 706efbb54..461444c43 100644 --- a/man7/packet.7 +++ b/man7/packet.7 @@ -47,6 +47,9 @@ is set to then all protocols are received. All incoming packets of that protocol type will be passed to the packet socket before they are passed to the protocols implemented in the kernel. +When protocol is set to zero, then no packets are received until +.BR bind (2) +specifies allowed protocol or to receive all protocols. .PP In order to create a packet socket, a process must have the .B CAP_NET_RAW Thanks, Grzegorz
