lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <m1y5syq2dw.fsf@fess.ebiederm.org>
Date:	Sun, 22 Jan 2012 23:55:23 -0800
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Hans Schillstrom <hans.schillstrom@...csson.com>
Cc:	Hagen Paul Pfeifer <hagen@...u.net>,
	David Miller <davem@...emloft.net>,
	"equinox\@diac24.net" <equinox@...c24.net>,
	"netdev\@vger.kernel.org" <netdev@...r.kernel.org>
Subject: Re: RFC Hanging clean-up of a namespace

Hans Schillstrom <hans.schillstrom@...csson.com> writes:

> We  have a process in root name space (init_net) that have 
> tcp connections into a number of containers (in the same machine)
>
> If the control process in root ns dies all containers will also be killed
> i.e. there can easilly be out standing messages to and from the containers.
> So I guess that's why I see the tcp_write_timer()

The control process is an important piece of this but it should not be
sufficient to cause tcp sockets to take forever to close, as the kernel
manages sockets.  Do you shut down communication between your namespaces
before the are finished cleanup up?

The easy way to communicate between namespaces would be just to use
a veth pair and the veth pair will go away when the non init_net
container goes away.  Using a veth pair should ensure you have
communications between your namespaces so your local sockets
can shutdown quickly.

It feels like right now that whatever your shutdown/restart process
is that you are shooting yourself in the foot and triggering those
long socket close times.  I expect with a slight different order
of operations you can avoid this long shutdown problem.

Eric

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ