From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Ahern <dsahern@gmail.com>
Subject: Re: How to identify net namespace in kernel messages?
Date: Mon, 6 Nov 2017 09:21:32 +0900
Message-ID: <83dd4cb9-1f99-02a1-39e8-68751e4ee9d5@gmail.com>
References: <3dcdb5aa-cb48-dcf7-f8f4-80e9c36810aa@virtuozzo.com>
 <7B8FCA41-D41E-47B1-A5D3-37E8A9C55BE3@remlab.net>
 <27b9b208-4434-77e7-41e3-53453cc35863@virtuozzo.com>
 <20171105.214821.2002998388023407180.davem@davemloft.net>
 <a7e5f770-f88f-6e93-d054-d7ce879e5569@virtuozzo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: netdev@vger.kernel.org
To: Vasily Averin <vvs@virtuozzo.com>,
        David Miller <davem@davemloft.net>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-pf0-f196.google.com ([209.85.192.196]:48435 "EHLO
        mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750817AbdKFAVl (ORCPT
        <rfc822;netdev@vger.kernel.org>); Sun, 5 Nov 2017 19:21:41 -0500
Received: by mail-pf0-f196.google.com with SMTP id b79so6432466pfk.5
        for <netdev@vger.kernel.org>; Sun, 05 Nov 2017 16:21:41 -0800 (PST)
In-Reply-To: <a7e5f770-f88f-6e93-d054-d7ce879e5569@virtuozzo.com>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On 11/6/17 5:56 AM, Vasily Averin wrote:
> On 2017-11-05 15:48, David Miller wrote:
>> From: Vasily Averin <vvs@virtuozzo.com>
>>> I doubt that pointer to freed net have value for someone except
>>> developers, on the other hand it helps to speed up the problem
>>> investigation.
>>
>> Any kernel pointer printed has value to attackers.
> 
> David, could you please advise how to identify net namespace in kernel messages?
> 
> In OpenVz we got many requests from host admins, they need to understand
> which container triggered the message. In such cases we have added our custom
> Container Id, but mainline lacks it.
> 
> I expected that mainline can use net pointer for such purposes,
> nfsd does it for example:
> 
>  NFSD: starting 90-second grace period (net ffff880e307fe240)
> 
> Now you recommend do not use net pointer.
> However could you please advise some alternative?
> 

Perf now exports the device and inode. see perf_ns_link_info and its use.