| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Feb 2012 04:50:15 +0100 From: Kay Sievers <kay.sievers@...y.org> To: Henrique de Moraes Holschuh <hmh@....eng.br> Cc: Jiri Slaby <jslaby@...e.cz>, "Eric W. Biederman" <ebiederm@...ssion.com>, Greg KH <greg@...ah.com>, LKML <linux-kernel@...r.kernel.org>, ML netdev <netdev@...r.kernel.org> Subject: Re: network regression: cannot rename netdev twice On Wed, Feb 8, 2012 at 03:00, Henrique de Moraes Holschuh <hmh@....eng.br> wrote: > On Mon, 06 Feb 2012, Kay Sievers wrote: >> On Sat, Feb 4, 2012 at 03:14, Henrique de Moraes Holschuh >> <hmh@....eng.br> wrote: >> > Is it possible to configure the kernel to use something other than "eth#" as >> > its initial namespace for netif names? Or is there some other way to get >> > eth1 to be what you need eth1 to be during userland boot? >> >> I don't think there is a sane way to do that. Someone could add a >> kernel command line parameter to switch ethX in the kernel to >> something else, and create custom udev rules which match on device >> properties and apply configured names which are ethX again. But for >> all that, there will be no generally available support in common base >> system tools, and we absolutely do not recommend anybody doing that. > > What sort of impact analysis on userspace was done about this change? None. It will just not be supported for new setups. Existing ones will do what they always did. > Nobody in his right mind would go back to the dark ages of uncontrolled > ifnames. You're effectively forcing everybody with a clue away from the > eth# namespace. Yes. It's a game we have lost and we will not win in the future. I gave up, and I warn everybody who think it's simple to manage. > Just to be very clear: the impact of this is the need to change the > interface names on potentially millions of lines of firewall rules and > scripts out there, as well as tracking down stuff (mostly scripts) that > special-cases the eth prefix. Yeah, and for good, ethX is a pretty much random kernel name, and I personally will no longer work on conceptually broken infrastructure that can never deliver what it seems to promise. In the longer run, tools need to be fixed to automatically handle changing names, or not care about the names at all, or names need to be explicitly set up outside the ethX namespace to be predictable. After years of working in that area I will stop to work on these hacks to promise stable ethX names. It was just wrong, like enumerations always are in hotplug setups. > Is there a really good reason why we cannot have a way to move the > kernel away from the eth# namespace at boot (through a kernel parameter, > maybe with the default namespace set at compile time), Could work, but I don't think it is worth. Simple enumeration, and automatic persistent on-disk device name reservation in a flat number-range is just a very flawed concept. I'm not interested in working on that, but that surely should not stop anybody from trying and providing tools that can do that. > AND keep the > "common base system tools" support to assign ifname based on MAC > addresses that we have right now? Not provided by udev's default setup, which did persistent name reservation in the device hotplug path. It is already disabled and will be entirely removed from the source tree some day. Other tools can still try to provide that. But I declare that model as officially failed and udev will not even try anything like that anymore. People who need predictable interface names should just manually configure custom/descriptive names, or names which are reliably derived from the hardware, like firmware-provided names or the pci slot number. Kay -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists