lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Z-a6RCuLQsEVBQuf@mini-arch>
Date: Fri, 28 Mar 2025 08:03:32 -0700
From: Stanislav Fomichev <stfomichev@...il.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Stanislav Fomichev <sdf@...ichev.me>, netdev@...r.kernel.org,
	davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com
Subject: Re: [PATCH net v2 08/11] docs: net: document netdev notifier
 expectations

On 03/27, Jakub Kicinski wrote:
> On Thu, 27 Mar 2025 13:57:01 -0700 Stanislav Fomichev wrote:
> > That sounds very sensible, let me try it out and run the tests.
> > I'll have to drop the lock twice, once for NETDEV_UNREGISTER
> > and another time for move_netdevice_notifiers_dev_net, but since
> > the device is unlisted, nothing should touch it (in theory)?
> 
> Yup, and/or we can adjust if we find a reason to, I don't think 
> the ordering of the actions in netns changes is precisely intentional.
> 
> > netif_change_net_namespace is already the first thing that happens
> > in do_setlink, so I won't be converting it to dev_xxx (lmk if I
> > miss something here).
> 
> I thought you could move it outside the lock in do_setlink() 
> and have [netif -> dev]_change_net_namespace take the lock.
> Dropping and taking the lock in a callee is a bit bad, so
> I'd prefer if the netif_ / "I want to switch netns but I'm already
> holding the lock" version of _change_net_namespace didn't exist 
> at all.

Looks like I also accidentally killed extack argument of
netif_change_net_namespace (by always passing NULL). Will bring
__dev_change_net_namespace, with proper locking and extack and will
call it before grabbing a lock in the do_setlink as you suggest (with
proper locking inside).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ