From: ebiederm@xmission.com (Eric W. Biederman)
To: Jan Ariyasu <jan.ariyasu@gmail.com>
Cc: Vlad Yasevich <vyasevich@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
linux-sctp@vger.kernel.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, Jan Ariyasu <jan.ariyasu@hp.com>
Subject: Re: [PATCH 00/13] SCTP: Enable netns
Date: Mon, 06 Aug 2012 18:20:08 +0000 [thread overview]
Message-ID: <87mx27rig7.fsf@xmission.com> (raw)
In-Reply-To: <1344115837-6150-1-git-send-email-jan.ariyasu@hp.com> (Jan Ariyasu's message of "Sat, 4 Aug 2012 15:30:37 -0600")
Jan Ariyasu <jan.ariyasu@gmail.com> writes:
> The following set of patches enable network-namespaces for the SCTP protocol.
>
> The multitude of global parameters are stored in a net_generic
> structure, and the bulk of the patches enable the protocol to access
> the parameters on a per-namespace basis. The first five patches
> enable netns handling of the protocol, procfs and sysfs.
I am going to do something to muddy the waters here, that I had hoped to
avoid when I saw your patchset.
A few weeks ago I wanted to play with sctp and also made a network
namespace enabled version. I am not deeply attached to my changes,
however when comparing the differences I realized that your code fails
to make the lookup of associations per network namespace.
Given that we only have source and destination port to lookup
assoications by this almost guarantees one network namespace can
accidentially use the association of another network namespace meerly
by reusing the same ports.
The downside with my version is that it does not make all of the sctp
tunables per network namespace the way yours does, but making all of
the tunables per network namespace should be straight forward from
my base.
My patchset also misses some nice to haves like making the association
id allocation per network namespace. It is not important for
correctness of the code but it might allow an information leak between
namespaces.
So Jan I am going to send my patchset and hopefully you can rebase your
changes to make all of the tunables per network namespace on top of
mine.
Since my patchset is half the size of your I think that is the most
reasonable way to go.
Eric
WARNING: multiple messages have this Message-ID (diff)
From: ebiederm@xmission.com (Eric W. Biederman)
To: Jan Ariyasu <jan.ariyasu@gmail.com>
Cc: Vlad Yasevich <vyasevich@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
linux-sctp@vger.kernel.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, Jan Ariyasu <jan.ariyasu@hp.com>
Subject: Re: [PATCH 00/13] SCTP: Enable netns
Date: Mon, 06 Aug 2012 11:20:08 -0700 [thread overview]
Message-ID: <87mx27rig7.fsf@xmission.com> (raw)
In-Reply-To: <1344115837-6150-1-git-send-email-jan.ariyasu@hp.com> (Jan Ariyasu's message of "Sat, 4 Aug 2012 15:30:37 -0600")
Jan Ariyasu <jan.ariyasu@gmail.com> writes:
> The following set of patches enable network-namespaces for the SCTP protocol.
>
> The multitude of global parameters are stored in a net_generic
> structure, and the bulk of the patches enable the protocol to access
> the parameters on a per-namespace basis. The first five patches
> enable netns handling of the protocol, procfs and sysfs.
I am going to do something to muddy the waters here, that I had hoped to
avoid when I saw your patchset.
A few weeks ago I wanted to play with sctp and also made a network
namespace enabled version. I am not deeply attached to my changes,
however when comparing the differences I realized that your code fails
to make the lookup of associations per network namespace.
Given that we only have source and destination port to lookup
assoications by this almost guarantees one network namespace can
accidentially use the association of another network namespace meerly
by reusing the same ports.
The downside with my version is that it does not make all of the sctp
tunables per network namespace the way yours does, but making all of
the tunables per network namespace should be straight forward from
my base.
My patchset also misses some nice to haves like making the association
id allocation per network namespace. It is not important for
correctness of the code but it might allow an information leak between
namespaces.
So Jan I am going to send my patchset and hopefully you can rebase your
changes to make all of the tunables per network namespace on top of
mine.
Since my patchset is half the size of your I think that is the most
reasonable way to go.
Eric
next prev parent reply other threads:[~2012-08-06 18:20 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-04 21:30 [PATCH 00/13] SCTP: Enable netns Jan Ariyasu
2012-08-04 21:30 ` Jan Ariyasu
2012-08-04 23:57 ` David Miller
2012-08-04 23:57 ` David Miller
2012-08-06 18:20 ` Eric W. Biederman [this message]
2012-08-06 18:20 ` Eric W. Biederman
2012-08-06 18:38 ` [PATCH net-next 0/9] sctp: Basic support for network namespaces Eric W. Biederman
2012-08-06 18:38 ` Eric W. Biederman
2012-08-06 18:39 ` [PATCH net-next 1/9] sctp: Make the port hash table use struct net in it's key Eric W. Biederman
2012-08-06 18:39 ` Eric W. Biederman
2012-08-15 3:18 ` Vlad Yasevich
2012-08-15 3:18 ` Vlad Yasevich
2012-08-06 18:40 ` [PATCH net-next 2/9] sctp: Make the endpoint hashtable handle multiple network namespaces Eric W. Biederman
2012-08-06 18:40 ` Eric W. Biederman
2012-08-15 3:18 ` Vlad Yasevich
2012-08-15 3:18 ` Vlad Yasevich
2012-08-06 18:41 ` [PATCH net-next 3/9] sctp: Make the association " Eric W. Biederman
2012-08-06 18:41 ` Eric W. Biederman
2012-08-15 3:18 ` Vlad Yasevich
2012-08-15 3:18 ` Vlad Yasevich
2012-08-06 18:42 ` [PATCH net-next 4/9] sctp: Make the address lists per network namespace Eric W. Biederman
2012-08-06 18:42 ` Eric W. Biederman
2012-08-15 3:19 ` Vlad Yasevich
2012-08-15 3:19 ` Vlad Yasevich
2012-08-06 18:43 ` [PATCH net-next 5/9] sctp: Make the ctl_sock " Eric W. Biederman
2012-08-06 18:43 ` Eric W. Biederman
2012-08-15 3:19 ` Vlad Yasevich
2012-08-15 3:19 ` Vlad Yasevich
2012-08-06 18:44 ` [PATCH net-next 6/9] sctp: Move the percpu sockets counter out of sctp_proc_init Eric W. Biederman
2012-08-06 18:44 ` Eric W. Biederman
2012-08-15 3:19 ` Vlad Yasevich
2012-08-15 3:19 ` Vlad Yasevich
2012-08-06 18:45 ` [PATCH net-next 7/9] sctp: Make the proc files per network namespace Eric W. Biederman
2012-08-06 18:45 ` Eric W. Biederman
2012-08-15 3:19 ` Vlad Yasevich
2012-08-15 3:19 ` Vlad Yasevich
2012-08-06 18:46 ` [PATCH net-next 8/9] sctp: Enable sctp in all network namespaces Eric W. Biederman
2012-08-06 18:46 ` Eric W. Biederman
2012-08-15 3:20 ` Vlad Yasevich
2012-08-15 3:20 ` Vlad Yasevich
2012-08-06 18:47 ` [PATCH net-next 9/9] sctp: Make the mib per network namespace Eric W. Biederman
2012-08-06 18:47 ` Eric W. Biederman
2012-08-15 3:20 ` Vlad Yasevich
2012-08-15 3:20 ` Vlad Yasevich
2012-08-07 17:17 ` [PATCH net-next 0/7] sctp: network namespace support Part 2: per net tunables Eric W. Biederman
2012-08-07 17:17 ` Eric W. Biederman
2012-08-07 17:23 ` [PATCH net-next 1/7] sctp: Add infrastructure for per net sysctls Eric W. Biederman
2012-08-07 17:23 ` Eric W. Biederman
2012-08-15 3:20 ` Vlad Yasevich
2012-08-15 3:20 ` Vlad Yasevich
2012-08-07 17:25 ` [PATCH net-next 2/7] sctp: Push struct net down to sctp_chunk_event_lookup Eric W. Biederman
2012-08-07 17:25 ` Eric W. Biederman
2012-08-07 17:26 ` [PATCH net-next 3/7] sctp: Push struct net down into sctp_transport_init Eric W. Biederman
2012-08-07 17:26 ` Eric W. Biederman
2012-08-07 17:27 ` [PATCH net-next 4/7] sctp: Push struct net down into sctp_in_scope Eric W. Biederman
2012-08-07 17:27 ` Eric W. Biederman
2012-08-07 17:28 ` [PATCH net-next 5/7] sctp: Push struct net down into all of the state machine functions Eric W. Biederman
2012-08-07 17:29 ` [PATCH net-next 6/7] sctp: Push struct net down into sctp_verify_ext_param Eric W. Biederman
2012-08-07 17:29 ` Eric W. Biederman
2012-08-07 17:29 ` [PATCH net-next 7/7] sctp: Make sysctl tunables per net Eric W. Biederman
2012-08-07 17:29 ` Eric W. Biederman
2012-08-09 6:20 ` [PATCH net-next 0/7] sctp: network namespace support Part 2: per net tunables David Miller
2012-08-09 6:20 ` David Miller
2012-08-09 14:07 ` Vlad Yasevich
2012-08-09 14:07 ` Vlad Yasevich
2012-08-14 21:14 ` David Miller
2012-08-14 21:14 ` David Miller
2012-08-15 3:16 ` Vlad Yasevich
2012-08-15 3:16 ` Vlad Yasevich
2012-08-15 3:21 ` Vlad Yasevich
2012-08-15 3:21 ` Vlad Yasevich
2012-08-15 6:10 ` David Miller
2012-08-15 6:10 ` David Miller
2012-08-06 19:21 ` [PATCH 00/13] SCTP: Enable netns Vlad Yasevich
2012-08-06 19:21 ` Vlad Yasevich
2012-08-06 19:50 ` Eric W. Biederman
2012-08-06 19:50 ` Eric W. Biederman
2012-08-06 20:06 ` Vlad Yasevich
2012-08-06 20:06 ` Vlad Yasevich
2012-08-06 20:47 ` David Miller
2012-08-06 20:47 ` David Miller
2012-08-06 21:39 ` Vlad Yasevich
2012-08-06 21:39 ` Vlad Yasevich
2012-08-06 23:06 ` Eric W. Biederman
2012-08-06 23:06 ` Eric W. Biederman
2012-08-15 3:23 ` Vlad Yasevich
2012-08-15 3:23 ` Vlad Yasevich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mx27rig7.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=davem@davemloft.net \
--cc=jan.ariyasu@gmail.com \
--cc=jan.ariyasu@hp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sctp@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=vyasevich@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.