| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Dec 2016 07:49:24 +0000 From: "Du, Fan" <fan.du@...el.com> To: "netdev@...r.kernel.org" <netdev@...r.kernel.org> CC: "mrjana@...il.com" <mrjana@...il.com>, "Du, Fan" <fan.du@...el.com> Subject: [Query] Delayed vxlan socket creation? Hi I'm interested to one Docker issue[1] which looks like related to kernel vxlan socket creation as described in the thread. From my limited knowledge here, socket creation is synchronous , and after the *socket* syscall, the sock handle will be valid and ready to linkup. Somehow I'm not sure the detailed scenario here, and which/how possible commit fix? Thanks! Quoted analysis: -------------------------------------------------------------------------- (Found in kernel 3.13) The issue happens because in older kernels when a vxlan interface is created, the socket creation is queued up in a worker thread which actually creates the socket. But this needs to happen before we bring up the link on the vxlan interface. If for some chance, the worker thread hasn't completed the creation of the socket before we did link up then when we do link up the kernel checks if the socket was created and if not it will return ENOTCONN. This was a bug in the kernel which got fixed in later kernels. That is why retrying with a timer fixes the issue. [1]: https://github.com/docker/libnetwork/issues/1247
Powered by blists - more mailing lists