Re: [PATCH net-next v4 0/4] netns: allow to identify peer netns

From: Nicolas Dichtel
Date: Thu Dec 04 2014 - 11:21:18 EST

Next message: Jon Medhurst (Tixy): "Re: [PATCH v12 7/7] ARM: kprobes: enable OPTPROBES for ARM 32"
Previous message: Rasmus Villemoes: "[PATCH] kernfs: Fix kernfs_name_compare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le 05/11/2014 15:23, Nicolas Dichtel a Ãcrit :

Le 31/10/2014 20:14, Eric W. Biederman a Ãcrit :

Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx> writes:

Le 30/10/2014 19:41, Eric W. Biederman a Ãcrit :

Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx> writes:

The goal of this serie is to be able to multicast netlink messages with an
attribute that identify a peer netns.
This is needed by the userland to interpret some informations contained in
netlink messages (like IFLA_LINK value, but also some other attributes in case
of x-netns netdevice (see also
http://thread.gmane.org/gmane.linux.network/315933/focus=316064 and
http://thread.gmane.org/gmane.linux.kernel.containers/28301/focus=4239)).

Ids of peer netns are set by userland via a new genl messages. These ids are
stored per netns and are local (ie only valid in the netns where they are
set).
To avoid allocating an int for each peer netns, I use idr_for_each() to
retrieve
the id of a peer netns. Note that it will be possible to add a table
(struct net
-> id) later to optimize this lookup if needed.

Patch 1/4 introduces the netlink API mechanism to set and get these ids.
Patch 2/4 and 3/4 implements an example of how to use these ids in rtnetlink
messages. And patch 4/4 shows that the netlink messages can be symetric
between
a GET and a SET.

iproute2 patches are available, I can send them on demand.

A quick reply. I think this patchset is in the right general direction.
There are some oddball details that seem odd/awkward to me such as using
genetlink instead of rtnetlink to get and set the ids, and not having
ids if they are not set (that feels like a maintenance/usability challenge).

No problem to use rtnetlink, in fact, I hesitated.

For the second point, I'm not sure to follow you: how to have an id, which will
not break migration, without asking the user to set it?

We have that situtation with ifindex already. Basically the thought is
to allow an id to be set, but also allow an id to be auto-generated if
we use an namespace without an id being set.

If my understanding is correct, the difference is that we want to hide some
netns.
Do you think we can generate an id for each netns that does not have one and
relying on the fact that this id has no meaning unless you have a netns file
descriptor that allow you to get the id of this netns?

Any comment Eric ?

Thank you,
Nicolas
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jon Medhurst (Tixy): "Re: [PATCH v12 7/7] ARM: kprobes: enable OPTPROBES for ARM 32"
Previous message: Rasmus Villemoes: "[PATCH] kernfs: Fix kernfs_name_compare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]