[Labeled-nfs] Pipes vs Netlink

[Paul Moore]

On Wednesday, September 12 2007 10:37:53 am David P. Quigley wrote:
> On Wed, 2007-09-12 at 10:36 -0400, Paul Moore wrote:
> > On Wednesday, September 12 2007 9:52:51 am David P. Quigley wrote:
> > > Any input on this would be appreciated. This is pretty much the only
> > > thing stopping me from moving forward with finishing the DOI mapper
> > > infrastructure.
> >
> > I vote for the netlink approach and I would encourage you to make use of
> > generic netlink rather than the connector if possible.
>
> What is wrong with the connector interface. I haven't seen that much on
> netlink in either direction in the kernel so if you know of something
> that I should be aware of I'd appreciate knowing.

Sorry, I probably should have elaborated a bit more in my original email.

My concern is that both the connector and generic netlink perform very similar 
roles in that they are designed to carry messages between userspace and the 
kernel.  Granted there are several mechanisms in the kernel that are designed 
to do this, but generic netlink and the userspace connector are an 
interesting case because they both use standard netlink as the underlying 
transport mechanism.  I personally tend to like generic netlink as it is a 
pretty think layer on top of standard netlink which makes use of a lot of the 
existing netlink API both in kernel and userspace.  The connector is a 
different beast as it is event/callback driven and has it's own, different 
API.  While both generic netlink and the connector mechanism have a rather 
limited number of users in the mainline kernel, standard netlink has a lot of 
users in the kernel and as a result I think sticking with the mechanism that 
is closest to the standard netlink has value from a community perspective.

As I originally said, I'm _encouraging_ you to use generic netlink over the 
userspace connector not saying you _have_ to use generic netlink.  Pick the 
right tool for the job.

-- 
paul moore
linux security @ hp