lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20100923145458.GA1160234@jupiter.n2.diac24.net>
Date:	Thu, 23 Sep 2010 16:54:58 +0200
From:	David Lamparter <equinox@...c24.net>
To:	Pavel Emelyanov <xemul@...allels.com>
Cc:	hadi@...erus.ca, "Eric W. Biederman" <ebiederm@...ssion.com>,
	linux-kernel@...r.kernel.org,
	Linux Containers <containers@...ts.osdl.org>,
	netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org,
	Daniel Lezcano <daniel.lezcano@...e.fr>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Michael Kerrisk <mtk.manpages@...il.com>,
	Ulrich Drepper <drepper@...il.com>,
	Al Viro <viro@...IV.linux.org.uk>,
	David Miller <davem@...emloft.net>,
	"Serge E. Hallyn" <serge@...lyn.com>,
	Ben Greear <greearb@...delatech.com>,
	Matt Helsley <matthltc@...ibm.com>,
	Jonathan Corbet <corbet@....net>,
	Sukadev Bhattiprolu <sukadev@...ux.vnet.ibm.com>,
	Jan Engelhardt <jengelh@...ozas.de>,
	Patrick McHardy <kaber@...sh.net>
Subject: Re: [PATCH 8/8] net: Implement socketat.

On Thu, Sep 23, 2010 at 04:34:37PM +0400, Pavel Emelyanov wrote:
> On 09/23/2010 04:11 PM, jamal wrote:
> > On Thu, 2010-09-23 at 15:53 +0400, Pavel Emelyanov wrote:
> > 
> >> Why does it matter? You told, that the usage scenario was to
> >> add routes to container. If I do 2 syscalls instead of 1, is
> >> it THAT worse?
> >>
> > 
> > Anything to do with socket IO that requires namespace awareness
> > applies for usage; it could be tcp/udp/etc socket. If it doesnt
> > make any difference performance wise using one scheme vs other
> > to write/read heavy messages then i dont see an issue and socketat
> > is redundant.
> 
> That's what my point is about - unless we know why would we need it
> we don't need it.
> 
> Eric, please clarify, what is the need in creating a socket in foreign
> net namespace?

Hmm. If you somewhere get the fd to a socket from another namespace, it
definitely does work (I'm currently implementing my "socketat" with fd
passing through AF_UNIX sockets, so i know it works), so the

  setns(other...)
  fd = socket(...)
  setns(orig...)

sequence would certainly work. However, there might be other things
happening inbetween like a signal (imagine AIO particularly). While
signals are user-controllable (and therefore to be managed/excluded by
the user), we need to think if there are other problems with doing this
as sequence?

If there are no other problematic conditions with this, socketat should
probably be moved to a user library.


-David

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ