> > > Peter Memishian writes: > > > > http://cr.opensolaris.org/~meem/dhcp-sock > > > > cmd/cmd-inet/sbin/dhcpagent/interface.c > > > > 1370: the design of this doesn't look entirely safe to me. If > > > dhcpagent were to go down on some fatal signal, then it appears that > > > we'd leave the SIOCSLIFDHCPINIT flag set on the LIF in the kernel. > > > I realize that we set IFF_DHCPRUNNING and can leave it set in some > > > cases, but this looks potentially more harmful. Is there any way to > > > make it less harmful, such as perhaps associating the flag with a > > > socket (which will then automatically close on exit)? > > > > > > Or, maybe, I shouldn't worry so much. > > > > DISCUSS. This concerns me too, but I don't think a flag would work since > > a single conn_t can set SIOCSLIFDHCPINIT on multiple ill_t's, and multiple > > conn_t's could (in theory) set SIOCSLIFDHCPINIT on the same ill_t (we > > could declare the second case to be unsupported, but that might come back > > to bite us some day). > > Actually, since we have a socket per DHCP lif and state machine > instance, I was suggesting making it so that the conn_t could have at > most exactly one ill_t in its set, not multiple. Yes, that'd nail > dhcpagent down so that we could never use the single-socket approach.
Well, at least until someone comes up with an improved SIOCSLIFDHCPINIT ;-) I think I can make this work; I'll give it a shot shortly and send out a new webrev. -- meem
