lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 6 Jan 2020 10:15:19 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     David Ahern <dsahern@...il.com>
Cc:     netdev@...r.kernel.org, davem@...emloft.net,
        jakub.kicinski@...ronome.com, saeedm@...lanox.com, leon@...nel.org,
        tariqt@...lanox.com, ayal@...lanox.com, vladbu@...lanox.com,
        michaelgur@...lanox.com, moshe@...lanox.com, mlxsw@...lanox.com
Subject: Re: [patch net-next 0/4] net: allow per-net notifier to follow
 netdev into namespace

Sun, Dec 22, 2019 at 05:57:35AM CET, dsahern@...il.com wrote:
>On 12/21/19 1:14 AM, Jiri Pirko wrote:
>> Fri, Dec 20, 2019 at 07:30:22PM CET, dsahern@...il.com wrote:
>>> On 12/20/19 5:35 AM, Jiri Pirko wrote:
>>>> However if netdev can change namespace, per-net notifier cannot be used.
>>>> Introduce dev_net variant that is basically per-net notifier with an
>>>> extension that re-registers the per-net notifier upon netdev namespace
>>>> change. Basically the per-net notifier follows the netdev into
>>>> namespace.
>>>
>>> This is getting convoluted.
>>>
>>> If the driver wants notifications in a new namespace, then it should
>>> register for notifiers in the new namespace. The info for
>>> NETDEV_UNREGISTER event could indicate the device is getting moved to a
>>> new namespace and the driver register for notifications in the new
>> 
>> Yes, I considered this option. However, that would lead to having a pair
>> of notifier block struct for every registration and basically the same
>> tracking code would be implemented in every driver.
>> 
>> That is why i chose this implementation where there is still one
>> notifier block structure and the core takes care of the tracking for
>> all.
>> 
>
>This design has core code only handling half of the problem - automatic
>registration in new namespaces for a netdev but not dealing with drivers
>receiving notifications in namespaces they no longer care about. If a

I do not follow. This patchset assures that driver does not get
notification of namespace it does not care about. I'm not sure what do
you mean by "half of the problem".


>driver cares for granularity, it can deal with namespace changes on its
>own. If that's too much, use the global registration.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ