Date: Fri, 10 Jul 2020 03:29:29 -0700 From: Doug Hardie <bc979@lafn.org> To: Michael Tuexen <tuexen@freebsd.org> Cc: Eugene Grosbein <eugen@grosbein.net>, Mark Johnston <markj@freebsd.org>, freebsd-net@freebsd.org Subject: Re: making SCTP loadable and removing it from GENERIC Message-ID: <081C36F7-190F-489E-9100-E5B78A911710@mail.sermon-archive.info> In-Reply-To: <4B6A707F-88C4-43B8-96BF-24BC32E2C9A9@freebsd.org> References: <20200709151300.GC8947@raichu> <63F4446F-DECF-4DE8-99CA-EC8755A5D4A1@mail.sermon-archive.info> <44d21cf7-e154-f7f4-12ee-6dce1c3f9a63@grosbein.net> <4B6A707F-88C4-43B8-96BF-24BC32E2C9A9@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 10 July 2020, at 02:39, Michael Tuexen <tuexen@freebsd.org> wrote: >=20 > Hi Eugene, >=20 > you are completely right. However, it requires that the program needs = to run > with root privileges just to be able to communicate. > In the context of userland stack, this is one of the most important = issues. > In case of SCTP, this is needed to open a raw socket to send/recv SCTP = packets. > This is one of the reasons why you use UDP encapsulation... I see RFC 6951 on UDP encapsulation and understand there are situations = where that would be needed. However, my replication processes do run as = root. Just for fun, I started them as non-root and SCTP worked just = fine. I didn't see any raw sockets in a ktrace of the processes. 76330 replicate CALL socket(PF_INET6,0x5<SOCK_SEQPACKET>,IPPROTO_SCTP) 76330 replicate RET socket 5 =20 -- Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?081C36F7-190F-489E-9100-E5B78A911710>