Re: [PATCH 00/13] SCTP: Enable netns

From: Vlad Yasevich
Date: Mon Aug 06 2012 - 17:39:55 EST


On 08/06/2012 04:47 PM, David Miller wrote:
From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
Date: Mon, 06 Aug 2012 12:50:46 -0700

Vlad Yasevich <vyasevich@xxxxxxxxx> writes:


Hi Eric

Associations are looked up by ports, but then verifyed by addresses.
Also, associations belong to sockets and simply validating the socket
namespace should be sufficient.

True. Your set of patches isn't quite as likely to malfunction as it
looked at first glance. It requires address reuse which happens accross
namespaces but not too frequently.

As for validating the socket namespace I agree that is the fix and my
patchset winds up doing it.

FWIW I much prefer Eric's patch set, it was so significantly easier to
read and validate than Jan's.


Yes, but Eric's patch set is missing a very significant piece which is per-net sctp tunables/globals. I think adding that piece in will introduce some of the complexities of Jan's patch.

Also, I noticed that Eric went the route of placing sctp netns into struct net, but Jan used a generic pointer. Which one should be used? Is there some guidance?

-vlad
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/