lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5358F649.6090206@huawei.com>
Date:	Thu, 24 Apr 2014 19:32:25 +0800
From:	chenweilong <chenweilong@...wei.com>
To:	Michal Kubecek <mkubecek@...e.cz>
CC:	<nicolas.dichtel@...nd.com>, Eric Dumazet <eric.dumazet@...il.com>,
	<kaber@...sh.net>, <davem@...emloft.net>, <netdev@...r.kernel.org>
Subject: Re: [patch net-next] vlan: Don't allow vlan devices to change network
 namespaces.

On 2014/4/24 13:47, Michal Kubecek wrote:
> On Thu, Apr 24, 2014 at 08:59:51AM +0800, chenweilong wrote:
>> On 2014/4/23 15:23, Nicolas Dichtel wrote:
>>> Le 23/04/2014 04:40, chenweilong a écrit :
>>>> And, 2) is not safe, if someone forgets to move eth1, eth1.5 will not work, making
>>>> things complex.
>>> We have to fix this case, because it is a valid use case to have eth1.5 in net0
>>> and eth1 in another ns.
>>>
>> eth1.5 can receive and send packets in net0, the problem is you can't add a new eth1.5
>> in old ns, report 'error: File exists'.
> 
> And this is correct, as far as I can tell. If it was possible, which of
> the two interfaces would receive VLAN tagged packets with VID 5 coming
> to eth1?
> 
>                                                          Michal Kubecek
> 
> 
> 
If eth1 and eth1.5 can work in different ns,
my fist test(move eth1 first,and then eth1.5) should be success,
but it failed, if eth1 was moved to other ns, all related vlans were unregisted.
Strangely, if I move eth1.5 to net0, then move eth1 to net0, and then
move eth1 to net1, eth1.5 is still there!
It is a bug?

I agree with you there should be one interface tagged with VID 5 in the system.
But I think the network namespaces are independent, vlan port and its VID interfaces
spread in different ns break the rule.

Thanks,



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ