Willem de Bruijn says:
====================
net-timestamp: blinding
Changes
(v2 -> v3)
- rebase only: v2 did not make it to patchwork / netdev
(v1 -> v2)
- fix capability check in patch 2
this could be moved into net/core/sock.c as sk_capable_nouser()
(rfc -> v1)
- dropped patch 4: timestamp batching
due to complexity, as discussed
- dropped patch 5: default mode
because it does not really cover all use cases, as discussed
- added documentation
- minor fix, see patch 2
Two issues were raised during recent timestamping discussions:
1. looping full packets on the error queue exposes packet headers
2. TCP timestamping with retransmissions generates many timestamps
This RFC patchset is an attempt at addressing both without breaking
legacy behavior.
Patch 1 reintroduces the "no payload" timestamp option, which loops
timestamps onto an empty skb. This reduces the pressure on SO_RCVBUF
from looping many timestamps. It does not reduce the number of recv()
calls needed to process them. The timestamp cookie mechanism developed
in http://patchwork.ozlabs.org/patch/427213/ did, but this is
considerably simpler.
Patch 2 then gives administrators the power to block all timestamp
requests that contain data by unprivileged users. I proposed this
earlier as a backward compatible workaround in the discussion of
net-timestamp: pull headers for SOCK_STREAM
http://patchwork.ozlabs.org/patch/414810/
Patch 3 only updates the txtimestamp example to test this option.
Verified that with option '-n', length is zero in all cases and
option '-I' (PKTINFO) stops working.
====================
Acked-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>