lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Jul 2012 05:33:05 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: Eric Dumazet <eric.dumazet@...il.com> Cc: Pavel Emelyanov <xemul@...allels.com>, Linux Netdev List <netdev@...r.kernel.org>, David Miller <davem@...emloft.net> Subject: Re: [PATCH 1/2] net: Allow to create links with given ifindex Eric Dumazet <eric.dumazet@...il.com> writes: > On Mon, 2012-07-30 at 03:49 -0700, Eric W. Biederman wrote: >> Pavel Emelyanov <xemul@...allels.com> writes: >> >> > Currently the RTM_NEWLINK results in -EOPNOTSUPP if the ifinfomsg->ifi_index >> > is not zero. I propose to allow requesting ifindices on link creation. This >> > is required by the checkpoint-restore to correctly restore a net namespace >> > (i.e. -- a container). The question what to do with pre-created devices such >> > as lo or sit fbdev is open, but for manually created devices this can be >> > solved by this patch. >> >> Have you walked through and found the locations where we still rely on >> ifindex being globally unique? >> >> Last time I was working in this area there were serveral places where >> things were indexed by just the interface index. > > Really ? This would be very strange. There at least were places that used oif or iff without being pernet last time I was working on this. It was never code that I understood particularly well so my memory of what that code is, is unfortunately fuzzy. > AFAIK dev_new_index() is always called, even in the > dev_change_net_namespace() case if there is a conflict. Except we never have a conflict because it takes an absurd number of network devices to cause a 32bit counter to wrap. > And dev_new_index() could use a pernet net->ifindex instead of a > shared/static one. Yes. I made all of the core changes, and held back on making dev_new_index() use a pernet net->ifindex because of a couple of problem cases. It has been a long time and those cases might have been fixed. I'm not seeing anything obvious in the network stack with a quick skim, but before we start relying on the property that interface indicies are not globally unique I expect an good hard look at the networking stack to see if any of those cases where there were problems still exist. Eric -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists