From: Dan Smith <danms@us.ibm.com>
To: David Miller <davem@davemloft.net>
Cc: containers@lists.osdl.org, netdev@vger.kernel.org
Subject: Re: [PATCH 2/4] [RFC] Add sock_create_kern_net()
Date: Wed, 28 Apr 2010 08:06:06 -0700 [thread overview]
Message-ID: <871vdz1ush.fsf@caffeine.danplanet.com> (raw)
In-Reply-To: 20100427.171844.77354120.davem@davemloft.net
Hi,
DM> If you can create netlink sockets in a remote NS you can also make
DM> changes there, and the whole point is to disallow changes.
DM> So maybe you won't be making changes, but others will think about
DM> using this and doing so.
I would be making changes on restart, because I insert routes. As has
been pointed out, Eric's setns() patches allow this sort of violation
from userspace even :)
Following that example, I could have the checkpointing task stash the
current nsproxy and temporarily jump to the destination netns to do
the checkpoint. I'll cook up something to look at...
Thanks Dave!
--
Dan Smith
IBM Linux Technology Center
email: danms@us.ibm.com
next prev parent reply other threads:[~2010-04-28 15:06 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-23 14:55 Checkpoint and Restart of INET routing information Dan Smith
[not found] ` <1272034539-19899-1-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-04-23 14:55 ` [PATCH 1/4] Fix acquiring socket lock before reading RTNETLINK response Dan Smith
[not found] ` <1272034539-19899-2-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-04-23 15:24 ` Dan Smith
2010-04-23 14:55 ` [PATCH 2/4] [RFC] Add sock_create_kern_net() Dan Smith
2010-04-28 0:18 ` David Miller
2010-04-28 2:18 ` Vlad Yasevich
2010-04-28 15:06 ` Dan Smith [this message]
2010-04-28 11:44 ` jamal
2010-04-28 13:38 ` Dan Smith
2010-04-23 14:55 ` [PATCH 3/4] C/R: Make rtnl_open() and rtnl_do() take and pass a netns pointer Dan Smith
2010-04-23 14:55 ` [PATCH 4/4] C/R: inet4 and inet6 unicast routes Dan Smith
2010-04-28 14:24 ` Checkpoint and Restart of INET routing information Daniel Lezcano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871vdz1ush.fsf@caffeine.danplanet.com \
--to=danms@us.ibm.com \
--cc=containers@lists.osdl.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.