From: "Maciej Żenczykowski" <zenczykowski@gmail.com>
To: Andrei Vagin <avagin@virtuozzo.com>
Cc: "David S . Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Linux NetDev <netdev@vger.kernel.org>
Subject: Re: net: do not allow changing SO_REUSEADDR/SO_REUSEPORT on bound sockets
Date: Fri, 8 Jun 2018 03:07:30 -0700 [thread overview]
Message-ID: <CAHo-OoycbdoMO7aRW23-0B+Ev7Ow=YXy3uHmrx7FOKf2PXc4hA@mail.gmail.com> (raw)
In-Reply-To: <20180607055113.GA14073@outlook.office365.com>
I think we probably need to make sk->sk_reuse back into a boolean.
(ie. eliminate SK_FORCE_REUSE)
Then add a new tcp/udp sk->ignore_bind_conflicts boolean setting...
(ie. not just for tcp, but sol_socket) [or perhaps SO_REPAIR,
sk->repair or something]
What I'm not certain of is exactly what sorts of conflicts it should ignore...
all? probably not, still seems utterly wrong to allow creation of 2 connected
tcp sockets with identical 5-tuples.
Would it only ignore conflicts against other i_b_c sockets?
ie. set it on all sockets as we're repairing, then clear it on them
all once we're done?
and ignore all the fast caching when checking conflicts for an i_b_c socket?
For CRIU is it safe to assume we're restoring an entire namespace into
a new namespace?
Could we perhaps instead allow a new namespace to ignore bind conflicts until
we flip it into enforcing mode?
next prev parent reply other threads:[~2018-06-08 10:07 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-03 17:47 [PATCH] net: do not allow changing SO_REUSEADDR/SO_REUSEPORT on bound sockets Maciej Żenczykowski
2018-06-03 19:54 ` Christoph Paasch
2018-06-04 17:24 ` Eric Dumazet
2018-06-04 21:14 ` David Miller
2018-06-06 23:25 ` Andrei Vagin
2018-06-07 0:25 ` Maciej Żenczykowski
2018-06-07 5:51 ` Andrei Vagin
2018-06-08 10:07 ` Maciej Żenczykowski [this message]
2018-06-11 18:35 ` Andrei Vagin
2018-06-11 18:57 ` Andrei Vagin
2018-06-11 21:25 ` [PATCH] " Marc Dionne
2018-06-11 22:29 ` Maciej Żenczykowski
2018-06-11 23:09 ` Marc Dionne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHo-OoycbdoMO7aRW23-0B+Ev7Ow=YXy3uHmrx7FOKf2PXc4hA@mail.gmail.com' \
--to=zenczykowski@gmail.com \
--cc=avagin@virtuozzo.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).