lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140211024009.GD11150@order.stressinduktion.org>
Date:	Tue, 11 Feb 2014 03:40:09 +0100
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	Cong Wang <cwang@...pensource.com>
Cc:	Cong Wang <xiyou.wangcong@...il.com>,
	netdev <netdev@...r.kernel.org>,
	Patrick McHardy <kaber@...sh.net>,
	"David S. Miller" <davem@...emloft.net>
Subject: Re: [Patch net] macvlan: add NETIF_F_NETNS_LOCAL flag

On Mon, Feb 10, 2014 at 06:25:51PM -0800, Cong Wang wrote:
> On Mon, Feb 10, 2014 at 5:45 PM, Hannes Frederic Sowa
> <hannes@...essinduktion.org> wrote:
> > On Mon, Feb 10, 2014 at 05:36:33PM -0800, Cong Wang wrote:
> >> From: Cong Wang <cwang@...pensource.com>
> >>
> >> BZ: https://bugzilla.kernel.org/show_bug.cgi?id=66691
> >>
> >> There is no point to allow moving a macvlan device to
> >> another namespace while the lower device is still in
> >> this namespace. tunnels already set this flag.
> >
> > Can't we solve this somehow differently, like not showing anything at all
> > etc.? I guess this is a feature some people use and haven't noticed yet.
> >
> 
> I don't understand what you mean by "not showing anything at all".
> I assume you mean mac1@xxx, not matter whether we show xxx
> here, mac1 relies on xxx to function.

Sorry, I have no idea how to resolve this easily, maybe set the ifindex to
something generic. I'll try to think about it.

Maybe revserve an id and install a generic name for it, so old software
doesn't get confused.

> Please give a real use case rather than just guessing, I don't think
> there is any valid case until we support moving multiple devices into
> a netns atomically.

Setting up a macvlan and moving it into another namespace without moving
the parent device is a nice feature. I am not an administrator, so I don't
use that stuff often, but given you can easily spawn namespaces and put
applications into them, one of the easiest things to connect those to
local network without routing over veth and such is the macvlan interface.

Greetings,

  Hannes

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ