| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jan 2012 20:40:32 +0100 From: Hans Schillström <hans.schillstrom@...csson.com> To: David Miller <davem@...emloft.net> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "ebiederm@...ssion.com" <ebiederm@...ssion.com> Subject: RE: RFC Hanging clean-up of a namespace >Date: Thu, 19 Jan 2012 12:07:09 +0100 > >> Closing of a namespace (container) can be delayed by ~ 2 minutes >> due to tcp timers ex tcp time wait (and of cource other things too). >> >> I think there should be some kind of "forced close" of the Network stack >> in ex free_nsproxy() > >I think this is unwise. > >Keeping the timewait sockets around is necessary to absorb any lingering >packets in the network meant for those sockets. > >If you truncate this activity, and then try to create another socket with >the same ID you'll run into the very problems time-wait is meant to >solve. > >It's an unfortunate delay, but one you will have to live with. I think the whole clean up is to weak of the name space, there is too many things that can go wrong and they do. I was more thinking of a way to make a forced close, ex by cleaning the stack where time wait was one point. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists