lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241107133004.7469-1-shaw.leon@gmail.com>
Date: Thu,  7 Nov 2024 21:29:55 +0800
From: Xiao Liang <shaw.leon@...il.com>
To: netdev@...r.kernel.org,
	linux-kselftest@...r.kernel.org,
	Kuniyuki Iwashima <kuniyu@...zon.com>,
	Jakub Kicinski <kuba@...nel.org>
Cc: "David S. Miller" <davem@...emloft.net>,
	David Ahern <dsahern@...nel.org>,
	Eric Dumazet <edumazet@...gle.com>,
	Paolo Abeni <pabeni@...hat.com>,
	Ido Schimmel <idosch@...dia.com>,
	Andrew Lunn <andrew+netdev@...n.ch>,
	Simon Horman <horms@...nel.org>,
	Donald Hunter <donald.hunter@...il.com>,
	Shuah Khan <shuah@...nel.org>,
	Jiri Pirko <jiri@...nulli.us>,
	Hangbin Liu <liuhangbin@...il.com>
Subject: [PATCH net-next v2 0/8] net: Improve netns handling in RTNL and ip_tunnel

This patch series includes some netns-related improvements and fixes for
RTNL and ip_tunnel, to make link creation more intuitive:

 - Creating link in another net namespace doesn't conflict with link names
   in current one.
 - Add a flag in rtnl_ops, to avoid netns change when link-netns is present
   if possible.
 - When creating ip tunnel (e.g. GRE) in another netns, use current as
   link-netns if not specified explicitly.

So that

  # modprobe ip_gre netns_atomic=1
  # ip link add netns ns1 link-netns ns2 tun0 type gre ...

will create tun0 in ns1, rather than create it in ns2 and move to ns1.
And don't conflict with another interface named "tun0" in current netns.

---

v2:
 - Check NLM_F_EXCL to ensure only link creation is affected.
 - Add self tests for link name/ifindex conflict and notifications
   in different netns.
 - Changes in dummy driver and ynl in order to add the test case.

v1:
 link: https://lore.kernel.org/all/20241023023146.372653-1-shaw.leon@gmail.com/


Xiao Liang (8):
  rtnetlink: Lookup device in target netns when creating link
  rtnetlink: Add netns_atomic flag in rtnl_link_ops
  net: ip_tunnel: Build flow in underlay net namespace
  net: ip_tunnel: Add source netns support for newlink
  net: ip_gre: Add netns_atomic module parameter
  net: dummy: Set netns_atomic in rtnl ops for testing
  tools/net/ynl: Add retry limit for async notification
  selftests: net: Add two test cases for link netns

 drivers/net/dummy.c                         |  1 +
 include/net/ip_tunnels.h                    |  3 ++
 include/net/rtnetlink.h                     |  3 ++
 net/core/rtnetlink.c                        | 17 +++++--
 net/ipv4/ip_gre.c                           | 15 +++++-
 net/ipv4/ip_tunnel.c                        | 27 +++++++----
 tools/net/ynl/lib/ynl.py                    |  7 ++-
 tools/testing/selftests/net/Makefile        |  1 +
 tools/testing/selftests/net/netns-name.sh   | 10 ++++
 tools/testing/selftests/net/netns_atomic.py | 54 +++++++++++++++++++++
 10 files changed, 121 insertions(+), 17 deletions(-)
 create mode 100755 tools/testing/selftests/net/netns_atomic.py

-- 
2.47.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ