Subject: Re: ancillary data alignment and binary backward compatibility
To: Chris G. Demetriou <>
From: Jun-ichiro itojun Hagino <>
List: tech-net
Date: 03/28/2000 17:09:40
	I'm in IETF Adelaide, I try to answer the most important part
	only right now, will reply other parts afterwards...

>> ways to cope with ancillary data alignment:
>> (1) Rewrite data stream in socke tdata buffer to change ancillary data
>>     alignment.  This must rewrite those in sys_sendmsg(), sendit(), or
>>     somewhere similar.  We can't do it in, for example, sys/netinet6/*.
>indeed, compat code already has to do this type of thing (or at least,
>has to if it wants to handle compatibility with the native control
>message format).
>(see osf1_cvt.c, for instance, for a case where this isn't handled,
>and therefore an error is returned.)
>Another possibility: don't rewrite, format more carefully.
>	* use structs safely (i.e. copy to temporary buffer, use there).
>	* use alignment specified by which kind of call it is (compat,
>	  native, etc., passed in as an alignment arg).
>	* return EINVAL or appropriate error code.
>	* instead of aligning to some native alignment, do it based on
>	  a supplied alignment.
>	* use structs safely (i.e. use temp, copy into final location.)

	I have been thinking about it, and I think we can't do this
	(this is the reason why I wrote "we can't do it in sys/netinet6/*"
	in the above).

	Suppose a situation where we produce ancillary data item in
	sys/netinet6/*, and userland process consumes them.
	They are non-synchronous.  There's socket buffer between them.
	- sys/netinet6/* produces ancillary data item whenever IPv6 packet
	- We pass around socket access privilege between parent
	  process to child process (inetd -> fingerd, for example), and
	  whenever we pass socket access privilege there can be alignment
	  constraint change.
	So, sys/netinet6/* code cannot guess the alignment constranint
	userland wants, by looking at socket structure, or the process
	structure.  The alignment constraint required by userland can be
	different between the following occasions, due to possibility of
	exec() between the two occasions:
	- when sys/netinet6/* produces ancillary data (when packet arrives)
	- when userland process consumes ancillary data (via recvmsg)