| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpWaJ7WKOEQe=00AX35x_gCKHoHikVTGH6UQTPw+3oD_pw@mail.gmail.com>
Date: Fri, 2 Jun 2017 16:25:44 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Harald Welte <laforge@...monks.org>,
Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: loosing netdevices with namespaces and unshare?
On Wed, May 31, 2017 at 11:32 PM, Eric W. Biederman
<ebiederm@...ssion.com> wrote:
> Cong Wang <xiyou.wangcong@...il.com> writes:
>> Network namespace does not special-case the physical devices,
>> it treats them all equally as abstract net devices.
>
> Absolutely not true.
>
> The relevant code is in net/core/dev.c:default_device_exit
>
> If a network device does not implement rntl_link_ops it is returned to
> the initial network namespace. Anything else will loose physical
> devices.
Hmm, I never noticed that if check...
>
> Only for pure software based devices do we delete them. Perhaps your
> sub interface implements rtnl_link_ops? Either that or something is
> still holding a reference to your network namespace, which would prevent
> the network device from being returned.
>
But this simply sucks:
snprintf(fb_name, IFNAMSIZ, "dev%d", dev->ifindex);
err = dev_change_net_namespace(dev, &init_net, fb_name);
if (err) {
pr_emerg("%s: failed to move %s to init_net: %d\n",
__func__, dev->name, err);
BUG();
}
It is essentially hard to handle the error here, but it is quite easy to
trigger such BUG() by naming other device devX, it is no better
than just losing it.
Powered by blists - more mailing lists