Re: [PATCH net] net: try harder to not reuse ifindex when moving interfaces

[Thomas Haller <thaller@redhat.com>]

[-- Attachment #1: Type: text/plain, Size: 1629 bytes --]

On Thu, 2015-10-22 at 20:56 +0200, Thomas Graf wrote:
> On 10/22/15 at 07:21pm, Hannes Frederic Sowa wrote:
> > Hi Thomas,
> > 
> > On Thu, Oct 22, 2015, at 18:45, Thomas Graf wrote:
> > > I understand the race but when does it occur? Whoever creates
> > > the original interface owns it and is responsible for its
> > > lifecycle. *Iff* for some reason multiple entities manipulate
> > > the interface, then it's probably a lot safer to just use flock
> > > or something similar to serialize access entirely in user space.
> > 
> > This only works if all networking configuration programs would
> > standardize on the same flock. Also, under memory pressure we lose
> > netlink monitor messages, so we need to deal with timeouts and
> > retries
> > and manual sync up on the networking configuration, which makes
> > this
> > scheme a lot harder. For normal socket io, where we specify e.g.
> > ifindex
> > in sin6_addr, this is not really usable at all.
> 
> Again, what is the scenario where this happens? Is this being
> hit or are we talking theoretical races? I'd like to understand
> the background of this.

  ip netns add N1
  ip netns add N2

  ip netns exec N1 ip link add type dummy
  ip netns exec N2 ip link add type dummy

  ip netns exec N1 ip monitor &

  ip netns exec N1 ip link delete dummy0
  ip netns exec N2 ip link set dummy0 netns N1


Honestly, I didn't experience a concrete bug due to this.

But it's common to treat the ifindex as unique identifier.
By reusing the ifindex immediately as in the example above, it
could happen to mix up interfaces.


Thomas

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 819 bytes --]