From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jiri Pirko Subject: Re: [patch net] net: forbid netdev used by mirred tc act from being moved to another netns Date: Tue, 14 Nov 2017 06:17:52 +0100 Message-ID: <20171114051752.GA1890@nanopsycho> References: <20171113140541.1128-1-jiri@resnulli.us> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Linux Kernel Network Developers , David Miller , Jamal Hadi Salim , mlxsw@mellanox.com, Ido Schimmel , Eric Dumazet , Willem de Bruijn , tcharding , John Fastabend , Jakub Kicinski , Daniel Borkmann To: Cong Wang Return-path: Received: from mail-wr0-f194.google.com ([209.85.128.194]:49849 "EHLO mail-wr0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750714AbdKNFRy (ORCPT ); Tue, 14 Nov 2017 00:17:54 -0500 Received: by mail-wr0-f194.google.com with SMTP id o88so16361880wrb.6 for ; Mon, 13 Nov 2017 21:17:54 -0800 (PST) Content-Disposition: inline In-Reply-To: Sender: netdev-owner@vger.kernel.org List-ID: Mon, Nov 13, 2017 at 08:53:57PM CET, xiyou.wangcong@gmail.com wrote: >On Mon, Nov 13, 2017 at 6:05 AM, Jiri Pirko wrote: >> From: Jiri Pirko >> >> Currently, user may choose to move device that is used by mirred action >> to another network namespace. That is wrong as the action still remains >> in the original namespace and references non-existing ifindex. > >It is a pure display issue, the action itself should function well >because we only use ifindex to lookup netdevice once and >we save the netdevice pointer in action. > >If you really want to fix it, just tell iprout2 to display netnsid together >with ifindex. It is not only display issue. I think it is wrong to let a netdevice dissapear from underneath the mirred action. You certainly cannot add an action mirred with device from another net namespace. So should we allow that?