In addtion of preventing unwanted packets (from other interfaces) being received between socket and bind, I've found another one. If desired usage of the raw packet socket is egress-only, meaning user doesn't want to receive any packet, then such a socket created with protocol = 0 argument will save both CPU/memory resources of the process, since Rx protocol handler won't be invoked upon reception of packets and the associated Rx socket buffer won't be populated, regardless of ingress traffic load This can be especially useful in embedded applications. Not sure if this can also be added to man, though. Thanks, Grzegorz wt., 25 sty 2022 o 16:22 Grzegorz Szpetkowski <gszpetkowski@xxxxxxxxx> napisał(a): > > Dear Maintainers, > > According to packet(7), whenever raw packet is created by socket(), > it's immediately running, meaning that internal packet_rcv() handler > will be triggered and socket buffer will begin allocation of sk_buff > until sk_rcvbuf limit is reached. > > However, by examination of kernel's internal handler packet_create() > it looks that kernel handles case of zero protocol in a special > manner. > When packet_create() is called with arg protocol = 0, > __register_prot_hook is not executed, meaning running state is still 0 > and most notably, packet handler is not added to kernel list (vide > dev_add_pack). > > I found this behavior invaluable for solving a subtle issue. When > process creates raw packet socket to listen for (let's say) all > protocols, but limited to a single network interface, then while this > interface can set by bind, it may to be too late due to preemption > (e.g. if real-time scheduling is used) and/or high-rate of packets on > other interfaces, meaning that undesired packets (any count) may be > pulled into the socket buffer. > > The proposed patch to define behavior when protocol is to zero with socket(). > Please review. > > Signed-off-by: Grzegorz Szpetkowski gszpetkowski@xxxxxxxxx > > diff --git a/man7/packet.7 b/man7/packet.7 > index 706efbb54..461444c43 100644 > --- a/man7/packet.7 > +++ b/man7/packet.7 > @@ -47,6 +47,9 @@ is set to > then all protocols are received. > All incoming packets of that protocol type will be passed to the packet > socket before they are passed to the protocols implemented in the kernel. > +When protocol is set to zero, then no packets are received until > +.BR bind (2) > +specifies allowed protocol or to receive all protocols. > .PP > In order to create a packet socket, a process must have the > .B CAP_NET_RAW > > Thanks, > Grzegorz
