Re: [PATCH] net: Allow to specify ifindex when device is moved to another namespace

From: Jakub Kicinski <kuba@kernel.org>
To: Andrei Vagin <avagin@gmail.com>
Cc: "David S. Miller" <davem@davemloft.net>,
	netdev@vger.kernel.org,
	Christian Brauner <christian.brauner@ubuntu.com>,
	Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
Subject: Re: [PATCH] net: Allow to specify ifindex when device is moved to another namespace
Date: Mon, 5 Apr 2021 15:15:07 -0700	[thread overview]
Message-ID: <20210405151507.5b8879f1@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com> (raw)
In-Reply-To: <20210405071223.138101-1-avagin@gmail.com>

On Mon,  5 Apr 2021 00:12:23 -0700 Andrei Vagin wrote:
> Currently, we can specify ifindex on link creation. This change allows
> to specify ifindex when a device is moved to another network namespace.
> 
> Even now, a device ifindex can be changed if there is another device
> with the same ifindex in the target namespace. So this change doesn't
> introduce completely new behavior, it adds more control to the process.
> 
> CRIU users want to restore containers with pre-created network devices.
> A user will provide network devices and instructions where they have to
> be restored, then CRIU will restore network namespaces and move devices
> into them. The problem is that devices have to be restored with the same
> indexes that they have before C/R.
> 
> Cc: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
> Suggested-by: Christian Brauner <christian.brauner@ubuntu.com>
> Signed-off-by: Andrei Vagin <avagin@gmail.com>

> @@ -2354,7 +2354,7 @@ static int netvsc_register_vf(struct net_device *vf_netdev)
>  	 */
>  	if (!net_eq(dev_net(ndev), dev_net(vf_netdev))) {
>  		ret = dev_change_net_namespace(vf_netdev,
> -					       dev_net(ndev), "eth%d");
> +					       dev_net(ndev), "eth%d", 0);

Given vast majority of callers pass 0 as the new param - perhaps
dev_change_net_namespace() should become a static inline wrapper
over a function with more parameters?

>  		if (ret)
>  			netdev_err(vf_netdev,
>  				   "could not move to same namespace as %s: %d\n",

> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> index 1bdcb33fb561..d51252afde0a 100644
> --- a/net/core/rtnetlink.c
> +++ b/net/core/rtnetlink.c
> @@ -2266,6 +2266,9 @@ static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[])
>  			return -EINVAL;
>  	}
>  
> +	if (tb[IFLA_NEW_IFINDEX] && nla_get_s32(tb[IFLA_NEW_IFINDEX]) <= 0)
> +		return -EINVAL;

I think you need to add IFLA_NEW_IFINDEX to ifla_policy, it used to be
an output only attribute, it's missing input validation. You can add
policy right there NLA_POLICY_MIN(NLA_S32, 0) - .min is 16 bit but it'd
get promoted correctly, I believe?

>  	if (tb[IFLA_AF_SPEC]) {
>  		struct nlattr *af;
>  		int rem, err;