[PATCH v01] net/af_packet: don't specify protocol on socket create

Stephen Hemminger stephen at networkplumber.org
Thu Oct 17 03:38:11 CEST 2024

Previous message (by thread): [PATCH v01] net/af_packet: don't specify protocol on socket create
Next message (by thread): [PATCH v01] net/af_packet: don't specify protocol on socket create
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 13 Oct 2024 16:59:47 +0300
Gur Stavi <gur.stavi at huawei.com> wrote:

> When creating AF_PACKET socket with specified protocol it is
> immediately implicitly bound to any existing interface and
> becomes RUNNING. Calling bind on such socket is affectively unbind
> from "any interface", then bind to the specific interface.
> 
> When creating socket with 0 as protocol, it is created in non-RUNNING
> state, then it can be bound to interface and protocol in a single bind
> call and switch to RUNNING state.
> 
> Especially with ETH_P_ALL, binding to any interface is not a good idea.
> It is safer and faster to use the 2nd approach.
> 
> This patch replaces protocol in socket creation from ETH_P_ALL to 0.
> 
> Signed-off-by: Gur Stavi <gur.stavi at huawei.com>

This makes sense see packet(7) man page:

       By default, all packets of the specified protocol type are passed  to  a
       packet  socket.   To  get  packets  only  from  a specific interface use
       bind(2) specifying an address in a struct sockaddr_ll to bind the packet
       socket to an interface.  Fields used for binding are sll_family  (should
       be AF_PACKET), sll_protocol, and sll_ifindex.

So there is a small window where the packet socket could pick up junk before
the bind from other interfaces.

Previous message (by thread): [PATCH v01] net/af_packet: don't specify protocol on socket create
Next message (by thread): [PATCH v01] net/af_packet: don't specify protocol on socket create
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list