Pablo Neira Ayuso wrote:
Patrick McHardy wrote:
So you're returning an error when at least one of the "reliable"
sockets doesn't get its delivery.
Patrick, I like it, I'm fine with this approach as soon as it let me add
the "reliable" ctnetlink state-change reporting. I can add the following
on top of the patch that David already applied:
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
[...]
@@ -999,6 +1000,7 @@ static inline int do_one_broadcast(struct sock *sk,
p->skb2 = NULL;
} else if ((val = netlink_broadcast_deliver(sk, p->skb2)) < 0) {
netlink_overrun(sk);
+ p->delivery_failure = 1;
^^^^^^^^^^^^^^^^^^^^^^^^
Replace this by:
+ if (nlk->flags & NETLINK_HIGHLY_RELIABLE)
+ p->delivery_failure = 1;
And include the flag definition and setsockopt() operations in the new
patch, of course.
Sounds good. Maybe a nicer name for the flag :)
Please, find the previous patch that was applied to net-next tree
enclosed to save you some time in case that you don't know what patch I
was refering to. I think that the changes (several drivers and such) are
still useful, as they should ignore the return value of
netlink_broadcast() since it's not of any use for them (as we already
discussed, they printk the error, that's useless).
Agreed. The remaining question would be what to do about
xfrm_state. I think it can stay as it is if you add this
flag, *swan could use it if desired.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
