From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stephen Hemminger Subject: Re: switching network namespace midway Date: Mon, 29 Oct 2012 07:23:41 -0700 Message-ID: <20121029072341.158e6412@nehalam.linuxnetplumber.net> References: <878vavshhp.fsf@xmission.com> <20121024212116.GG15034@kvack.org> <87ip9zqqlv.fsf@xmission.com> <20121025143811.GH15034@kvack.org> <20121025092105.5119b8bf@nehalam.linuxnetplumber.net> <877gqb883y.fsf@xmission.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: Benjamin LaHaise , rsa , netdev@vger.kernel.org To: ebiederm@xmission.com (Eric W. Biederman) Return-path: Received: from mail.vyatta.com ([76.74.103.46]:60116 "EHLO mail.vyatta.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754546Ab2J2OYb (ORCPT ); Mon, 29 Oct 2012 10:24:31 -0400 In-Reply-To: <877gqb883y.fsf@xmission.com> Sender: netdev-owner@vger.kernel.org List-ID: On Sat, 27 Oct 2012 22:43:13 -0700 ebiederm@xmission.com (Eric W. Biederman) wrote: > Stephen Hemminger writes: > > > I noticed that the L2TP sockets are not being moved to the correct name > > space. > > > > Something like this is probably needed. > > This is almost right. > > There needs to be a line in l2tp_tunnel_create that verifies > the network namespace of the socket derived from a file descriptor > and the passed in network namespace match. > > For the l2tp_tunnel_sock_create case where we have a socket that is not > exported to userspace using sk_change_net seems appropriate to avoid > reference counting problems. And it may be worth moving that work into > sk_create_kern. But we need a network namespace hook that will lookup > all l2tp tunnel sockets when a network namespace is being destroyed and > remove them. I think we can hit this bug with rmmod as well. Since I don't use netns or L2TP for real, someone else needs to take up the crusade here.