On Fri, Mar 21, 2025 at 08:13:59AM +0000, Paul Vixie wrote: > This is a reply to the first of two of Julian's recent messages. > > On Friday, March 14, 2025 4:26:30 AM UTC Julian Elischer wrote: > > On 1/28/25 12:09 AM, Mark Johnston wrote: > > > On Sat, Jan 25, 2025 at 08:44:25PM +0000, Paul Vixie wrote: > > >> does anyone remember why the FIB of a socket or process cannot be > > >> discovered from user mode? lack of motivation -- or deliberate design > > >> decision? > > That was probably me. > > I probably just didn't need it for my case and didn't spend time on it. > > KK. I have a need now. > > > > ... > > > > > > So, an application already knows the FIB number of any given socket, > > > since it can find its own FIB number, and new sockets always inherit the > > > FIB number of the process or the listening socket. Therefore, I believe > > > there's no reason not to provide an explicit mechanism to query the FIB > > > number. > > > > I believe so.. > > Not all sockets within a process are created within that process. When stdin, > stdout, and stderr are pty's or pipes, they predate the process, and have no > FIB of their own since they aren't sockets. Therefore the process FIB in this > case has to be set after fork and before exec by the parent, so that work > done > within this process is within the FIB that only the parent would otherwise > know about. > > I expect to teach sshd, http, and nginx to look at the FIB of its network > socket (which after fibnum2 will not always be that of the listener socket) > and then setfib() the forked process FIB to this value before execing the > shell or command. Obviously that subprocess will be able to setfib() to some > other value if so desired, but the default FIB for the shell and its > subprocesses should be the same as for the network socket. > > For this I do not need a getfib() syscall but I will need an SO_FIB socket > option which would allow both setting and getting. We'll have to leave > SO_SETFIB for ABI/API stability reasons, of course.
For what it's worth, I already added this in main: https://cgit.FreeBSD.org/src/commit/?id=ee951eb59f2136a604e3fbb12abf8d8344da0c99 and in stable/14: https://cgit.FreeBSD.org/src/commit/?id=b0f2df45e7a6f1db28bd96fc5da690618a0c38a6