PSARC Questions Version 1.22 Approved Oct. 2008 (PSARC/2008/625) The 20 questions outline serves several purposes. One is to present to the ARC in a uniform manner pertinent information about any case. Many of the answers to these questions can be direct and specific references to other case materials (although care must be taken to keep the references current). A second purpose is to allow an ARC member to get a concise overview of the case in an efficient manner. Another purpose is that the 20 questions should provoke thought and questions for project teams unfamiliar with the ARC process, by asking questions about aspects of the project that need be considered. Lastly, the 20 questions serves as a vehicle between the case owner and the project team as an indicator of preparedness. The 20 questions, as do other ARC materials, remain as documentation of the case plan of record. 1. What is the proposal being presented for review? This project is planning to deliver BPF packet capture into Solaris and the PF_PACKET socket interface. The former is an interface that has been engineered to provide high performance with packet capture and the latter provides an easy to use programming interface for raw sockets. 2. Describe user interactions. Both of these features are found in other platforms. They bring with them faimiliarity for developers and users coming to Solaris as well as basic compatibility at the source code level. Whilst the user is not expected to directly interact with these interfaces, they will use them when libraries and applications are updated. 3. What are the exported (defined by your project) and imported (defined by another project that your project then references) interfaces or protocols and their respective stability levels? See: http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/ The exported and imported interfaces can be found within the other project documents. 4. Describe any dependencies on hardware (e.g. SPARC exclusive), and on other projects within Solaris. There are no hardware dependencies. 5. Projects need to be aware of the overall security of the system and how their components affect it. Which parts of this project are critical to the security of the system to avoid such unintended consequences such as unauthorized system entry, unauthorized access to or modification of data, elevation of privilege, denial of service, violation of labeled security, ...? Does this project require elevated privilege? Both of the kernel modules being introduced require that applications hold the net-rawaccess privilege in order to use them. A number of specific policies and practices address various aspects of the security of the system. They are found in appendix 1. Which of these are applicable to this project, and how are they addressed? 6. Describe means of observing project functionality and performance, by an end user or by a system administrator. kstats are provided by both new modules as a means of exporting global statistics on their activity. Applications are able to access run-time statistics via the programming APIs. 7. How does the project deal with faults and interruptions? Initialization and restarting? 8. How does the project interact with Solaris virtualization technologies (xVM, LDOMs, zones, Branded zones, SunCluster, etc.)? The requirement for net-rawaccess prevents both kernel modules from being used within a zone (or branded zone.) In all other cases, the use of the interfaces introduced by this project is limited to the network interfaces that can be observed in the global zone with either the "dladm show-link" command or "ifconfig -a". 9. Does this project require administration (i.e., configuration or management)? If so, This project introduces new APIs, there are no administration requriements. Projects that require or deliver administrative interfaces are often by their nature security components of the system and should likely address the security question (#5 above, with attention to RBAC and Audit). (See also appendix 2). 10. Have you reviewed the Policies and Best Practices? Are there any exceptions this project needs? See http://www.opensolaris.org/os/community/arc/policies/ http://www.opensolaris.org/os/community/arc/bestpractices/