lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20170810.091246.434591449474758645.davem@davemloft.net>
Date:   Thu, 10 Aug 2017 09:12:46 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     otubo@...hat.com
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        devel@...uxdriverproject.org, sthemmin@...rosoft.com,
        haiyangz@...rosoft.com, kys@...rosoft.com
Subject: Re: [PATCH] hv_set_ifconfig.sh double check before setting ip

From: Eduardo Otubo <otubo@...hat.com>
Date: Thu, 10 Aug 2017 09:40:27 +0200

> On 08/09/2017 11:02 AM, Eduardo Otubo wrote:
>> On 08/09/2017 06:11 AM, David Miller wrote:
>>> From: Eduardo Otubo <otubo@...hat.com>
>>> Date: Tue,  8 Aug 2017 15:53:45 +0200
>>>
>>>> This patch fixes the behavior of the hv_set_ifconfig script when
>>>> setting
>>>> the interface ip. Sometimes the interface has already been configured
>>>> by
>>>> network daemon, in this case hv_set_ifconfig causes "RTNETLINK: file
>>>> exists error"; in order to avoid this error this patch makes sure
>>>> double
>>>> checks the interface before trying anything.
>>>>
>>>> Signed-off-by: Eduardo Otubo <otubo@...hat.com>
>>>
>>> And if the daemon sets the address after you test it but before
>>> you try to set it in the script, what happens?
>>>
>>> This is why I hate changes like this.  They don't remove the problem,
>>> they make it smaller.  And smaller in a bad way.  Smaller makes the
>>> problem even more harder to diagnose when it happens.
>>>
>>> There is implicitly no synchonization between network configuration
>>> daemons and things people run by hand like this script.
>>>
>>> So, caveat emptor.
>>>
>>> I'm not applying this, sorry.
> 
> But also, looking from a different point of view, the current upstream
> solution does not avoid the problems you mentioned. My fix at least
> avoids double configuration and RTNETLINK errors. So perhaps you could
> consider this as "a better version walking towards an ideal fix"?

I didn't say upstream avoids the problem.

In fact, that's the good thing.  It doesn't try to do something it
cannot do without explicit pieces of synchronization infrastructure
between such tools.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ