On Mon, Aug 13, 2012 at 09:58:12AM -0700, John Fastabend wrote: > [...] > > >HOWEVER, it still doesn't address more fundamental problem - somebody > >creating a socket and passing it to you in SCM_RIGHTS datagram will > >leave you with a socket you can do IO on, still tagged according to who > >had created it. > > > >AFAICS, the whole point of that exercise was to allow third-party changing > >the priorities of traffic on sockets already created by a process we now > >move to a different cgroup. Consider e.g. this: > > Correct that is the point of the exercise. > > To fix this specific case we could add a call to sock_update_netprioidx > in scm_recv to set the sk_cgrp_prioidx value.
On every received descriptor, that is? Eeek... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
