On Wed, Nov 08, 2017 at 03:09:59AM -0800, Mahesh Bandewar (महेश बंडेवार) wrote:
> Sorry folks I was traveling and seems like lot happened on this thread. :p
>
> I will try to response few of these comments selectively -
>
> > The thing that makes me hesitate with this set is that it is a
> >
On Mon, Nov 06, 2017 at 04:14:18PM -0600, Serge Hallyn wrote:
> Quoting Daniel Micay (danielmi...@gmail.com):
> > Substantial added attack surface will never go away as a problem. There
> > aren't a finite number of vulnerabilities to be found.
>
> There's varying levels of usefulness and
removes kobj_bcast_filter() and replaces
netlink_broadcast_filtered() with the simpler netlink_broadcast()
everywhere.
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Signed-off-by: Christian Brauner <christian.brau...@
This patch adds alloc_uevent_skb() in preparation for follow up patches.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
lib/kobject_uevent.c | 39 ++-
1 file changed, 26 insertions(+), 13 deletions(-)
diff --git a/lib/kobject_ueve
/pci:00/:00:02.0/:01:00.1/net/eth1 (net)
Thanks!
Christian
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Christian Brauner (2):
uevent: add alloc_uevent_skb() helper
netns: restrict uevents
lib
On Thu, Apr 26, 2018 at 07:35:47PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 26, 2018 at 12:10:30PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
/2018/4/4/739
[5]: https://lkml.org/lkml/2018/4/26/767
[6]: https://lkml.org/lkml/2018/4/26/738
Signed-off-by: Christian Brauner <christ...@brauner.io>
---
tools/testing/selftests/uevent/Makefile | 17 +
tools/testing/selftests/uevent/config | 2 +
.../selftests/
On Thu, Apr 26, 2018 at 12:10:30PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 26, 2018 at 11:47:19AM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
On Tue, Apr 24, 2018 at 06:00:35PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Wed, Apr 25, 2018, 00:41 Eric W. Biederman <ebied...@xmission.com> wrote:
> >
> > Bah. This code is obviously correct an
On Thu, Apr 26, 2018 at 11:47:19AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Tue, Apr 24, 2018 at 06:00:35PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
On Fri, Apr 27, 2018 at 11:39:44AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@ubuntu.com> writes:
>
> > This patch adds alloc_uevent_skb() in preparation for follow up patches.
> >
> > Signed-off-by: Christian Brauner <christian.bra
On Fri, Apr 27, 2018 at 11:30:26AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@ubuntu.com> writes:
> > ---
> > lib/kobject_uevent.c | 140 ++-
> > 1 file changed, 99 insertions(+), 41 deletions(
This patch adds alloc_uevent_skb() in preparation for follow up patches.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
v3->v4:
* non-functional changes:
initialize some variables again explicitly to make it obvious to
readers that they are correctly set
v2-&
removes kobj_bcast_filter() and replaces
netlink_broadcast_filtered() with the simpler netlink_broadcast()
everywhere.
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Signed-off-by: Christian Brauner <christian.brau...@ubunt
)
KERNEL[655.333272] remove
/devices/pci:00/:00:02.0/:01:00.1/net/eth1 (net)
Thanks!
Christian
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Christian Brauner (2):
uevent: add alloc_uevent_skb() helper
On Sat, Apr 28, 2018 at 11:23:58PM -0500, Eric W. Biederman wrote:
>
> > + /* fix credentials */
> > + if (owning_user_ns != _user_ns) {
> > + struct netlink_skb_parms *parms = _CB(skb);
> > + kuid_t root_uid;
> > + kgid_t root_gid;
> > +
> > + /* fix
removes kobj_bcast_filter() and replaces
netlink_broadcast_filtered() with the simpler netlink_broadcast()
everywhere.
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Signed-off-by: Christian Brauner <christian.brau...@ubunt
This patch adds alloc_uevent_skb() in preparation for follow up patches.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
v4->v5:
* patch unchanged
v3->v4:
* non-functional changes:
initialize some variables again explicitly to make it obvious
)
KERNEL[655.333272] remove
/devices/pci:00/:00:02.0/:01:00.1/net/eth1 (net)
Thanks!
Christian
[1]: https://lkml.org/lkml/2018/4/4/739
[2]: https://lkml.org/lkml/2018/4/26/767
[3]: https://lkml.org/lkml/2018/4/26/738
Christian Brauner (2):
uevent: add alloc_uevent_skb() helper
userspace
set the IFLA_NET_NS_{FD,PID} property to identify a target network
namespace where the device in question is to be queried.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 63 +---
1 file chang
a very
obvious point why this wasn't possible so far, I'm sorry.
Christian
Christian Brauner (1):
rtnetlink: request RTM_GETLINK by pid or fd
net/core/rtnetlink.c | 63 +---
1 file changed, 50 insertions(+), 13 deletions(-)
--
2.14.1
On Thu, Jan 18, 2018 at 09:29:14PM +0100, Jiri Benc wrote:
> On Thu, 18 Jan 2018 21:21:24 +0100, Christian Brauner wrote:
> > In such scenarios setting a netns id property is
> > not really wanted
>
> Why? I think that's what you should do if you want to avoid setns. Just
&
On Thu, Jan 25, 2018 at 01:59:06PM +0100, Christian Brauner wrote:
> On Wed, Jan 24, 2018 at 03:26:31PM +0100, Christian Brauner wrote:
> > Hi,
> >
> > Based on the previous discussion this enables passing a IFLA_IF_NETNSID
> > property along with RTM_SETLINK and RTM_
retrieval for
RTM_* requests that already support IFLA_NET_NS_{FD,PID} but get extended
to IFLA_IF_NETNSID. To perserve backwards compatibility the helpers look
for IFLA_NET_NS_{FD,PID} properties first before checking for
IFLA_IF_NETNSID.
Signed-off-by: Christian Brauner <christian.b
old behavior and report -ENODEV when either ifindex or ifname is
provided and IFLA_GROUP is set. Spotted by Wolfgang Bumiller.
Christian Brauner (3):
rtnetlink: enable IFLA_IF_NETNSID in do_setlink()
rtnetlink: enable IFLA_IF_NETNSID for RTM_SETLINK
rtnetlink: enable IFLA_IF_NETNSID
-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 54134187485b..a4d4409685e3 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2546,9 +2546,6 @@ stat
. Userpace should then fallback to other means.
- Security:
Callers must have CAP_NET_ADMIN in the owning user namespace of the
target network namespace.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog 2018-01-24:
* Preserve old behavior and report -ENODEV when
On Wed, Jan 24, 2018 at 03:26:31PM +0100, Christian Brauner wrote:
> Hi,
>
> Based on the previous discussion this enables passing a IFLA_IF_NETNSID
> property along with RTM_SETLINK and RTM_DELLINK requests. The patch for
> RTM_NEWLINK will be sent out in a separate patch since
On Wed, Jan 31, 2018 at 12:13:11AM +0800, kbuild test robot wrote:
> Hi Christian,
>
> Thank you for the patch! Yet something to improve:
>
> [auto build test ERROR on net-next/master]
>
> url:
> https://github.com/0day-ci/linux/commits/Christian-Brauner/rtnetlin
RTM_NEWLINK supports the IFLA_IF_NETNSID property since
5bb8ed075428b71492734af66230aa0c07fcc515 so we should not error out
when it is passed.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/ne
requests in question either won't allow
IFLA_IF_NETNSID requests before 4.16 is out (RTM_{NEW,SET}LINK) or don't
support IFLA_NET_NS_{PID,FD} (RTM_{DEL,GET}LINK) in the first place.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
ChangeLog v0->v1:
* report a descript
ack
* do not fail when multiple properties specifiy the same network namespace
Christian Brauner (1):
rtnetlink: require unique netns identifier
net/core/rtnetlink.c | 67
1 file changed, 67 insertions(+)
--
2.14.1
On Wed, Jan 31, 2018 at 10:30:44AM -0500, David Miller wrote:
> From: Christian Brauner <christian.brau...@ubuntu.com>
> Date: Mon, 29 Jan 2018 18:07:20 +0100
>
> > - Backwards Compatibility:
> > If userspace wants to determine whether RTM_NEWLINK supports the
>
requests in question either won't allow
IFLA_IF_NETNSID requests before 4.16 is out (RTM_{NEW,SET}LINK) or don't
support IFLA_NET_NS_{PID,FD} (RTM_{DEL,GET}LINK) in the first place.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.
from passing both IFLA_NET_NS_PID and
IFLA_NET_NS_FD since we have supported this somehow for a long time. So
the check I'm proposing is to only fail when both IFLA_IF_NETNSID, and
IFLA_NET_NS_PID or IFLA_NET_NS_FD are passed.
Thanks!
Christian
Christian Brauner (1):
rtnetlink: require unique netns
On Sat, Feb 03, 2018 at 11:17:01AM -0800, Stephen Hemminger wrote:
> On Sat, 3 Feb 2018 14:29:04 +0100
> Christian Brauner <christian.brau...@ubuntu.com> wrote:
>
> > +static int rtnl_ensure_unique_netns_attr(const struct sock *sk,
> > +
On Sat, Feb 03, 2018 at 07:09:55PM -0700, David Ahern wrote:
> On 2/3/18 12:17 PM, Stephen Hemminger wrote:
> > On Sat, 3 Feb 2018 14:29:04 +0100
> > Christian Brauner <christian.brau...@ubuntu.com> wrote:
> >
> >> +static int rtnl_ensure_uni
requests in question either won't allow
IFLA_IF_NETNSID requests before 4.16 is out (RTM_{NEW,SET}LINK) or don't
support IFLA_NET_NS_{PID,FD} (RTM_{DEL,GET}LINK) in the first place.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
ChangeLog v1->v2:
* return errno when the
error to userspace via struct netlink_ext_ack
* do not fail when multiple properties specifiy the same network namespace
Christian Brauner (1):
rtnetlink: require unique netns identifier
net/core/rtnetlink.c | 69
1 file changed, 69 inse
. Userpace should then fallback to other means.
- Security:
Callers must have CAP_NET_ADMIN in the owning user namespace of the
target network namespace.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 6 +-
1 file changed, 1 insertion(+), 5 del
On Mon, Jan 29, 2018 at 11:31:57AM -0500, David Miller wrote:
> From: Christian Brauner <christianvanbrau...@gmail.com>
> Date: Wed, 24 Jan 2018 15:26:31 +0100
>
> > Based on the previous discussion this enables passing a IFLA_IF_NETNSID
> > property along with
Hi,
Based on the previous discussion this enables passing a IFLA_IF_NETNSID
property along with RTM_NEWLINK requests. The latter patch was missing from my
previous series to allow for some more time to test this.
Best,
Christian
Christian Brauner (1):
rtnetlink: enable IFLA_IF_NETNSID
On Tue, Feb 06, 2018 at 12:47:46AM +0300, Kirill Tkhai wrote:
> On 05.02.2018 18:55, Christian Brauner wrote:
> > Since we've added support for IFLA_IF_NETNSID for RTM_{DEL,GET,SET,NEW}LINK
> > it is possible for userspace to send us requests with three different
> > p
On Thu, Feb 8, 2018 at 8:33 PM, David Miller <da...@davemloft.net> wrote:
> From: Christian Brauner <christian.brau...@ubuntu.com>
> Date: Wed, 7 Feb 2018 13:53:20 +0100
>
>> Since we've added support for IFLA_IF_NETNSID for RTM_{DEL,GET,SET,NEW}LINK
>> it is
On Thu, Feb 8, 2018 at 5:01 PM, Stephen Hemminger
<step...@networkplumber.org> wrote:
> On Tue, 6 Feb 2018 19:39:31 +0100
> Christian Brauner <christian.brau...@ubuntu.com> wrote:
>
>> If the kernel receives a negative nsid it will automatically assign the
>>
ill select an available
nsid.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
ChangeLog v0->v1:
* introduce "auto" keyword for ip netns to automatically allocate an
available nsid
---
ip/ipnetns.c| 5 -
man/man8/ip-netns.8 | 1 +
2 files changed
On Tue, Feb 06, 2018 at 01:49:10PM +0300, Kirill Tkhai wrote:
> Hi, Christian,
>
> On 06.02.2018 02:24, Christian Brauner wrote:
> > On Tue, Feb 06, 2018 at 12:47:46AM +0300, Kirill Tkhai wrote:
> >> On 05.02.2018 18:55, Christian Brauner wrote:
> >>> Since we'
-by: Christian Brauner <christian.brau...@ubuntu.com>
---
ip/ipnetns.c| 7 +--
man/man8/ip-netns.8 | 1 +
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/ip/ipnetns.c b/ip/ipnetns.c
index 059a4220..3d140cae 100644
--- a/ip/ipnetns.c
+++ b/ip/ipnetns.c
@@ -706,7
ibutes
is also considered valid.
ChangeLog v0->v1:
* report a descriptive error to userspace via struct netlink_ext_ack
* do not fail when multiple properties specifiy the same network namespace
---
Christian Brauner (1):
rtnetlink: require unique netns identifier
net/core/rtnetli
requests. The regression potential is quite minimal since the
rtnetlink requests in question either won't allow IFLA_IF_NETNSID requests
before 4.16 is out (RTM_{NEW,SET}LINK) or don't support
IFLA_NET_NS_{PID,FD} (RTM_{DEL,GET}LINK) in the first place.
Signed-off-by: Christian Brauner <christian.b
On Wed, Feb 07, 2018 at 12:19:25PM +0100, Jiri Benc wrote:
> On Tue, 6 Feb 2018 14:19:02 +0100, Christian Brauner wrote:
> > +/* Verify that rtnetlink requests supporting network namespace ids
> > + * do not pass additional properties potentially referring to different
> > +
is also considered valid.
ChangeLog v0->v1:
* report a descriptive error to userspace via struct netlink_ext_ack
* do not fail when multiple properties specifiy the same network namespace
---
Christian Brauner (1):
rtnetlink: require unique netns identifier
net/core/rtne
requests in question either won't allow
IFLA_IF_NETNSID requests before 4.16 is out (RTM_{NEW,SET}LINK) or don't
support IFLA_NET_NS_{PID,FD} (RTM_{DEL,GET}LINK) in the first place.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
ChangeLog v3->v4:
* Based on discussions
On Wed, Feb 07, 2018 at 04:20:01PM +0300, Kirill Tkhai wrote:
>
>
> On 07.02.2018 15:53, Christian Brauner wrote:
> > Since we've added support for IFLA_IF_NETNSID for RTM_{DEL,GET,SET,NEW}LINK
> > it is possible for userspace to send us requests with three different
>
On Thu, Aug 30, 2018 at 04:45:45PM +0200, Christian Brauner wrote:
> On Thu, Aug 30, 2018 at 11:49:31AM +0300, Kirill Tkhai wrote:
> > On 29.08.2018 21:13, Christian Brauner wrote:
> > > Hi Kirill,
> > >
> > > Thanks for the question!
> > >
> >
On Tue, Jan 23, 2018 at 05:55:27PM +0100, Nicolas Dichtel wrote:
> Le 23/01/2018 à 13:22, Jiri Benc a écrit :
> > (Christian, I'm adding back the netdev list, there's no reason not to
> > have the discussion in open.)
> >
> > On Tue, 23 Jan 2018 12:42:19 +01
On Mon, Jan 22, 2018 at 11:06:16PM +0100, Jiri Benc wrote:
> On Mon, 22 Jan 2018 22:23:54 +0100, Christian Brauner wrote:
> > That is certainly a good idea and I'm happy to send a follow-up patch
> > for that!
>
> Note that I haven't looked into that and I don't know w
On Mon, Jan 22, 2018 at 10:00:46PM +0100, Jiri Benc wrote:
> On Thu, 18 Jan 2018 21:55:53 +0100, Christian Brauner wrote:
> > A more concrete scenario is creating a network namespace, moving a
> > device into it via RTM_SETLINK which also supports IFLA_NET_NS_{FD,PID}
> > and
-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 54134187485b..a4d4409685e3 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2546,9 +2546,6 @@ stat
. Userpace should then fallback to other means.
- Security:
Callers must have CAP_NET_ADMIN in the owning user namespace of the
target network namespace.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
net/core/rtnetlink.c | 40 +---
retrieval for
RTM_* requests that already support IFLA_NET_NS_{FD,PID} but get extended
to IFLA_IF_NETNSID. To perserve backwards compatibility the helpers look
for IFLA_NET_NS_{FD,PID} properties first before checking for
IFLA_IF_NETNSID.
Signed-off-by: Christian Brauner <christian.b
Hi,
Based on the previous discussion this enables passing a IFLA_IF_NETNSID
property along with RTM_SETLINK and RTM_DELLINK requests. The patch for
RTM_NEWLINK will be sent out in a separate patch since there are more
corner-cases to think about.
Best,
Christian
Christian Brauner (3
2. Debian Sid with systemd-udevd version 237
3. Android 7.1.1 with ueventd
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v0->v1:
* Hold mutex_lock() until uevent is sent to preserve uevent message
ordering. See udev and commit for reference:
On Thu, Mar 15, 2018 at 05:14:13PM +0300, Kirill Tkhai wrote:
> On 15.03.2018 16:39, Christian Brauner wrote:
> > On Thu, Mar 15, 2018 at 12:47:30PM +0300, Kirill Tkhai wrote:
> >> CC Andrey Vagin
> >
> > Hey Kirill,
> >
> > Thanks for CCing Andrey.
>
2. Debian Sid with systemd-udevd version 237
3. Android 7.1.1 with ueventd
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
include/net/net_namespace.h | 1 +
lib/kobject_uevent.c| 88 -
2 files changed, 88 insertions
On Thu, Mar 15, 2018 at 12:47:30PM +0300, Kirill Tkhai wrote:
> CC Andrey Vagin
Hey Kirill,
Thanks for CCing Andrey.
>
> On 15.03.2018 03:12, Christian Brauner wrote:
> > This patch adds a receive method to NETLINK_KOBJECT_UEVENT netlink sockets
> > to allow se
On Wed, Apr 04, 2018 at 05:38:02PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Wed, Apr 04, 2018 at 09:48:57PM +0200, Christian Brauner wrote:
> >> commit 07e98962fa77 ("kobject: Send hotplug events
On Thu, Apr 05, 2018 at 10:59:49PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 05, 2018 at 05:26:59PM +0300, Kirill Tkhai wrote:
> >> On 05.04.2018 17:07, Christian Brauner wrote:
> >> > O
On Thu, Apr 05, 2018 at 10:59:49PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 05, 2018 at 05:26:59PM +0300, Kirill Tkhai wrote:
> >> On 05.04.2018 17:07, Christian Brauner wrote:
> >> > O
On Mon, Apr 09, 2018 at 06:21:31PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 05, 2018 at 10:59:49PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
On Thu, Apr 05, 2018 at 05:26:59PM +0300, Kirill Tkhai wrote:
> On 05.04.2018 17:07, Christian Brauner wrote:
> > On Thu, Apr 05, 2018 at 04:01:03PM +0300, Kirill Tkhai wrote:
> >> On 04.04.2018 22:48, Christian Brauner wrote:
> >>> commit 07e98962fa77 ("kobject:
On Thu, Apr 05, 2018 at 04:01:03PM +0300, Kirill Tkhai wrote:
> On 04.04.2018 22:48, Christian Brauner wrote:
> > commit 07e98962fa77 ("kobject: Send hotplug events in all network
> > namespaces")
> >
> > enabled sending hotplug events into all network n
On Tue, Apr 10, 2018 at 10:04:46AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Mon, Apr 09, 2018 at 06:21:31PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
On Wed, Apr 11, 2018 at 11:40:14AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Tue, Apr 10, 2018 at 10:04:46AM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
On Wed, Apr 11, 2018 at 01:37:18PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Wed, Apr 11, 2018 at 11:40:14AM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.co
On Wed, Apr 11, 2018 at 02:16:23PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Wed, Apr 11, 2018 at 01:37:18PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
espace tag are now
always only sent to the initial user namespace. The regression potential
for this is near to non-existent since user namespaces can't really do
anything with interesting devices.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
lib/kobject_uevent.c | 10
On Wed, Apr 04, 2018 at 09:48:57PM +0200, Christian Brauner wrote:
> commit 07e98962fa77 ("kobject: Send hotplug events in all network namespaces")
>
> enabled sending hotplug events into all network namespaces back in 2010.
> Over time the set of uevents that get sent into
On Fri, Apr 06, 2018 at 09:45:41AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@canonical.com> writes:
>
> > On Thu, Apr 05, 2018 at 10:59:49PM -0500, Eric W. Biederman wrote:
> >> Christian Brauner <christian.brau...@canonical.com> wr
sible even if there are a lot of uevents injected into network
namespaces not owned by the initial user namespace. In addition, each
network namespace not owned by the initial user namespace does not have to
wait on any other network namespace not sharing the same user namespace.
Signed-off-by:
ts.
[1]: https://lkml.org/lkml/2018/4/4/739
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
lib/kobject_uevent.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c
index 15ea216a67ce..f5f503
for network namespaces not in the global uevent
socket list.
**A very detailed rationale is present in the commit message
[PATCH 2/2] netns: isolate seqnums to use per-netns locks**
Thanks!
Christian
Christian Brauner (2):
netns: restrict uevents
netns: isolate seqnums to use per-netns locks
On Wed, Apr 18, 2018 at 11:55:52AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@ubuntu.com> writes:
>
> > Now that it's possible to have a different set of uevents in different
> > network namespaces, per-network namespace uevent sequence nu
On Fri, Apr 20, 2018 at 03:56:28PM +0200, Christian Brauner wrote:
> On Wed, Apr 18, 2018 at 11:52:47PM +0200, Christian Brauner wrote:
> > On Wed, Apr 18, 2018 at 11:55:52AM -0500, Eric W. Biederman wrote:
> > > Christian Brauner <christian.brau...@ubuntu.com> writes:
>
On Fri, Apr 20, 2018 at 06:16:44PM +0200, Christian Brauner wrote:
> On Fri, Apr 20, 2018 at 03:56:28PM +0200, Christian Brauner wrote:
> > On Wed, Apr 18, 2018 at 11:52:47PM +0200, Christian Brauner wrote:
> > > On Wed, Apr 18, 2018 at 11:55:52AM -0500, Eric W. Biederman wrote:
On Wed, Apr 18, 2018 at 11:52:47PM +0200, Christian Brauner wrote:
> On Wed, Apr 18, 2018 at 11:55:52AM -0500, Eric W. Biederman wrote:
> > Christian Brauner <christian.brau...@ubuntu.com> writes:
> >
> > > Now that it's possible to have a different set of ueve
On Tue, Apr 24, 2018 at 03:39:25PM -0400, David Miller wrote:
> From: Christian Brauner <christian.brau...@ubuntu.com>
> Date: Mon, 23 Apr 2018 12:24:43 +0200
>
> > + #ifdef CONFIG_NET
> > + seqnum = get_ns_uevent_seqnum_by_vpid();
> > + #else
>
sample estimates:
mean of x mean of y
207.2632 164.0330
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v1->v2:
* non-functional change: fix indendation for C directives in
kernel/ksysfs.c
Changelog v0->v1:
* add detailed test results to
it message for
[PATCH 2/2] netns: isolate seqnums to use per-netns locks
Thanks!
Christian
Christian Brauner (2):
netns: restrict uevents
netns: isolate seqnums to use per-netns locks
include/linux/kobject.h | 2 +
include/net/net_namespace.h | 3 +
kernel/ksysfs.c | 11
ts.
[1]: https://lkml.org/lkml/2018/4/4/739
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v1->v2:
* patch unchanged
Changelog v0->v1:
* patch unchanged
---
lib/kobject_uevent.c | 18 --
1 file changed, 12 insertions(+), 6 d
On Tue, Apr 24, 2018 at 04:52:20PM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brau...@ubuntu.com> writes:
>
> > Now that it's possible to have a different set of uevents in different
> > network namespaces, per-network namespace uevent sequence nu
ing logic to
kobj_bcast_filter(). But since we care about performance improvements as
well I can come up with a patch that moves this logic out of
kobj_bcast_filter().
Christian
[1]: https://www.spinics.net/lists/netdev/msg494487.html
>
> Eric
>
> Christian Brauner <christian.brau..
the global uevent
socket list from the locking for network namespaces not in the global
uevent socket list.
A very detailed rationale including performance test results is
present in the commit message for
[PATCH 2/2] netns: isolate seqnums to use per-netns locks
Thanks!
Christian
ts.
[1]: https://lkml.org/lkml/2018/4/4/739
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v0->v1:
* patch unchanged
---
lib/kobject_uevent.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/lib/kobject_uevent.c b/lib/
On Mon, Apr 23, 2018 at 10:39:50AM +0800, kbuild test robot wrote:
> Hi Christian,
>
> Thank you for the patch! Yet something to improve:
>
> [auto build test ERROR on net-next/master]
>
> url:
> https://github.com/0day-ci/linux/commits/Christian-Brauner/netns-u
sample estimates:
mean of x mean of y
207.2632 164.0330
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v0->v1:
* add detailed test results to the commit message
* account for kernels compiled without CONFIG_NET
---
include/linux/kobject.h |
__list_del_entry_valid() in its call chain which
will validate that the element is a member of the list. If it isn't it will
take care that the list is not modified.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
Changelog v3->v4:
* non-functional change: remove return from function
needed to append the uevent sequence number.
Testing:
This patch has been tested and verified to work with the following udev
implementations:
1. CentOS 6 with udevd version 147
2. Debian Sid with systemd-udevd version 237
3. Android 7.1.1 with ueventd
Signed-off-by: Christian Brauner
On Mon, Mar 19, 2018 at 02:53:09PM +0300, Kirill Tkhai wrote:
> Thanks for doing this. One small comment below.
>
> On 17.03.2018 14:08, Christian Brauner wrote:
> > This commit adds struct uevent_sock to struct net. Since struct uevent_sock
> > records the position
the space
needed to append the uevent sequence number.
Testing:
This patch has been tested and verified to work with the following udev
implementations:
1. CentOS 6 with udevd version 147
2. Debian Sid with systemd-udevd version 237
3. Android 7.1.1 with ueventd
Signed-off-by: Christian Brauner
1 - 100 of 172 matches
Mail list logo