| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100712220727.1be49d54@xenia.leun.net> Date: Mon, 12 Jul 2010 22:07:27 +0200 From: Michael Leun <lkml20100708@...ton.leun.net> To: Max Krasnyansky <maxk@...lcomm.com> Cc: lkml@...r.kernel.org, netdev@...r.kernel.org Subject: Re: sysfs bug when using tun with network namespaces Max, On Mon, 12 Jul 2010 11:22:32 -0700 Max Krasnyansky <maxk@...lcomm.com> wrote: > Thanks for forwarding this report. I'll take a look and try to > reproduce and fix it when I get a chance. Sorry, I should have send the further communication CC: to you. This one is resolved, it is due to missing support for namespaces almost at all in sysfs prior to 2.6.35-rc, bug does not appear in .35-rcX anymore. But I have found another one: On Sat, 10 Jul 2010 16:52:08 +0200 Michael Leun <lkml20100708@...ton.leun.net> wrote: > # tunctl -u ml -t tap1 > works as expected, but > # unshare -n /bin/bash > # tunctl -u ml -t tap1 [bug (no sysfs support for net namespaces at all) solved in 2.6.35-rcX - I used 2.6.34.1] Now that we have solved that last one I've another glitch (this time using 2.6.35-rc4): In an network namespace I can use an tun/tap tunnel through ssh and when closing that namespace then eveything is fine. But when using openvpn (also tunnel trough tun/tap) in an network namespace and then closing that namespace I get: unregister_netdevice: waiting for lo to become free [repeated] Please see the following two examples showing that difference: # > unshare -n /bin/bash # > # how to setup veth device pair to get connectivity into namespace not shown here # > tunctl -u ml -t tap1 # > ssh -o Tunnel=Ethernet -w 1:1 somewhere [ running some traffic over tap1 not shown here ] ^d # logging out from somewhere # > tunctl -d tap1 # > exit # logging out from shell in network namespace Now the veth device pair used automagically vanishes and nothing from that different network namespace remains - very well. but # > unshare -n /bin/bash # > # how to setup veth device pair to get connectivity into namespace not shown here # > openvpn --config some.config [ running some traffic over vpn device not shown here ] ^c # stopping openvpn # > lsof -i # > netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path # > ps ax|grep openvpn|grep -v grep # > # cannot find anything that suggests there is anything left from that openvpn session # > exit # logging out from shell in network namespace Now I get Jul 10 20:02:36 doris kernel: unregister_netdevice: waiting for lo to become free. Usage count = 3 [repeated] Now one might say it is fault of openvpn (used OpenVPN 2.1_rc20 i586-suse-linux - the one in openSuSE 11.2 package), openvpn didn't close some ressource and ssh does fine. But: should'nt kernel clean up after process when it exits? And/or: Should'nt kernel clean up if last process in network namespace exits - there is nothing left which might use that interface?! Greg KH <greg@...ah.com> wrote: > Yes, you are correct. Care to resend all of this to the > network-namespace developer(s) and the netdev mailing list so that the > correct people are notified so they can fix it all? [X] done - hopefully, cannot find a particular network namespace developer in MAINTAINERS or source files. If such a one exists, please forward. Thanks. -- MfG, Michael Leun -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists