On Tue, Sep 09, 2025 at 08:33:27AM -0700, Eric Dumazet wrote: > On Tue, Sep 9, 2025 at 8:19 AM Richard W.M. Jones <rjones@xxxxxxxxxx> wrote: > > On Tue, Sep 09, 2025 at 07:47:09AM -0700, Eric Dumazet wrote: > > > On Tue, Sep 9, 2025 at 7:37 AM Jens Axboe <axboe@xxxxxxxxx> wrote: > > > > On 9/9/25 8:35 AM, Eric Dumazet wrote: > > > > > On Tue, Sep 9, 2025 at 7:04 AM Eric Dumazet <edumazet@xxxxxxxxxx> wrote: > > > > >> On Tue, Sep 9, 2025 at 6:32 AM Richard W.M. Jones <rjones@xxxxxxxxxx> wrote: > > > > >>> On Tue, Sep 09, 2025 at 01:22:43PM +0000, Eric Dumazet wrote: ... > > From the outside it seems really odd to hard code a list of "good" > > socket types into each kernel client that can open a socket. Normally > > if you wanted to restrict socket types wouldn't you do that through > > something more flexible like nftables? > > nftables is user policy. > > We need a kernel that will not crash, even if nftables is not > compiled/loaded/used . Hi Rich, Eric, all, FWIIW, I think that the kernel maintaining a list of acceptable and known to work socket types is a reasonable measure. It reduces the surface where problems can arise - a surface that has real bugs. And can be expanded as necessary. For sure it is not perfect. There is a risk of entering wack-a-mole territory. And a more flexible mechanism may be nice. But, OTOH, we may be speculating about a problem that doesn't exist. If, very occasionally, a new socket type comes along and has to be used. Or perhaps more likely, there is a follow-up to this change for some cases it missed (i.e. the topic of this thread). And if that is very occasional. Is there really a problem? The answer is of course subjective. But I lean towards no. ...
