| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1358096257.8744.112.camel@edumazet-glaptop> Date: Sun, 13 Jan 2013 08:57:37 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Benjamin LaHaise <bcrl@...ck.org> Cc: Jamal Hadi Salim <jhs@...atatu.com>, David Miller <davem@...emloft.net>, socketcan@...tkopp.net, netdev@...r.kernel.org Subject: Re: [PATCH net-next] pkt_sched: namespace aware ifb On Sun, 2013-01-13 at 11:41 -0500, Benjamin LaHaise wrote: > Hi folks, > > On Sun, Jan 13, 2013 at 09:44:48AM -0500, Jamal Hadi Salim wrote: > > Eric, the point probably Ben was trying to make is not about > > synchronizing rather about which namespace has the right to that action > > config. Your change is correct for the common use of actions > > but does not fix the larger picture. > ... > > In such a case, the "tc actions" netlink path may be > > entered from a different namespace than the one that is > > using it. Then current->nsproxy->net_ns is no longer correct. > > > > To correct this, i think what Ben points out in passing the > > init() the correct namespace seem like the way to go. Feel free > > to make that change - otherwise i will get to it and fix it. > > Yep, Jamal's right on the point I'm trying to make. To deal with this, I > think we need a patch along the lines of the following to pass the 'struct > net *' down to where it's needed... Please note that I've only compile > tested this with all the net/sched modules enabled and a allmodconfig > build. It's a bit bigger, but passing the argument down through the call > chain looks simpler than trying to stuff a struct net pointer into the > various structures and keep that in sync with the network device's network > namespace. > > -ben > -- > "Thought is the essence of where you are now." > > -- > pkt_sched: namespace aware ifb v2 > > Eric Dumazet pointed out that act_mirred needs to find the current net_ns, > and struct net pointer is not provided in the call chain. His original > patch made use of current->nsproxy->net_ns to find the network namespace, > but this fails to work correctly for userspace code that makes use of > netlink sockets in different network namespaces. Instead, pass the > "struct net *" down along the call chain to where it is needed. > > Signed-off-by: Benjamin LaHaise <bcrl@...ck.org> > --- OK I'll test it at the end of the (sunny) day. Thanks -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists