Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp2150727ybx; Fri, 8 Nov 2019 00:22:08 -0800 (PST) X-Google-Smtp-Source: APXvYqwoCM8BdVDcve7YnBEvjr9bJyJxAAHqUlcu5sa22hdpz4VcNnSHhpelyokWeR9RiA6BxKFp X-Received: by 2002:a50:898a:: with SMTP id g10mr8796286edg.191.1573201328252; Fri, 08 Nov 2019 00:22:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573201328; cv=none; d=google.com; s=arc-20160816; b=cQ3y/2n3KXSTLwseGZVyqwAyK2wKSsT684Yw++SBY7YyY7SVRki6BiHw6jze32eUzX c4i+rSaD64/5JZfxo2nJURAEz4bZ0H+npLg2K8c1eSELYDxy9OmhuWfI1YDJdQOZ15Rj Vy1w1qK8M/IC0789Ic7XfnwdqTQz7ykJq5iaFVfh0C3Kr3Rt+GUfaO51NihPjsjEUJ4V WrxlcAeq4N+UqfvfEnDd9I7YnyIJYB1VoEJ5HAUb1ZRc59lrh+IDnpsJIbAWGp9t019r qZhod5C2oKGnp79Bx8IhkkH6fsFqF4TEo6FJ/WDZJXJ9CQSIBWxg1zB0i7+Duc/PWgxT Ufqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=QG9zESozXuPqax0Su22O3OuOKh63DOSfZk/pA62adHY=; b=QVTN4sBigwHEOPyepwbr/n9EZvtoRW0mjGKGExKtRBFAVLdop09yUYdP5rt6FM8lXF hR6bdIvvzJIbyhj8K4KS8bb3rHMuplzLC1DzSp+ugZkxmbngU/PAuWSMkMJ0puDJHlC1 OC/SO8+YWSA52UznVl4yLMZ94OnuQCeSX9/h2i7CKvvgWmKKmT9v3NISsMlSESVyW5f/ xttnLwwEmv01uy+1SxA+M8XNc5NGcjduHSGWYtTtaZarEFOYwqc2uOxe+ragvb7PPZv+ eKuI345bewxgV9HweaAcoUEK9A3hZgzi0l66WGc13abfZDbXkUJoVul3xpb9hvdCuxp9 dvuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@norrbonn-se.20150623.gappssmtp.com header.s=20150623 header.b=tb4SJdKV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i9si2501108ejc.266.2019.11.08.00.21.44; Fri, 08 Nov 2019 00:22:08 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@norrbonn-se.20150623.gappssmtp.com header.s=20150623 header.b=tb4SJdKV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730224AbfKHIUo (ORCPT + 99 others); Fri, 8 Nov 2019 03:20:44 -0500 Received: from mail-lj1-f194.google.com ([209.85.208.194]:32994 "EHLO mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725975AbfKHIUo (ORCPT ); Fri, 8 Nov 2019 03:20:44 -0500 Received: by mail-lj1-f194.google.com with SMTP id t5so5272043ljk.0 for ; Fri, 08 Nov 2019 00:20:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=norrbonn-se.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=QG9zESozXuPqax0Su22O3OuOKh63DOSfZk/pA62adHY=; b=tb4SJdKVM/w0afIl2iDuSX1FsRMT3D5VW7rb46sbKMYFjCDJ7FG4wbT+OmmYHd9Np+ mAn67I7zY5tlX5PbhNUT9ZUgvP5KhWQDjKCATuXQa8qTt0eOnlE3Pqa610+pSZrmYtDs 6PkyyKCSTj7M+vwQ4+/OFkc29lK/eXpbnf2vjAmCIBAjzcxy2doAC8x0Tqut3x2C+7zT nP+XezvW/C+sH7/eLPd7VC652IqObU6nbzKPRE9jRYarWSJsUhkF4+YySPGDBK0rdxPe Y+GnIwsIx320akOFEEnwpR2jHL0sR5N/QQbq9YnBnKfiFkYtmPQPKN+W8PdUopjyyQcJ 2LnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=QG9zESozXuPqax0Su22O3OuOKh63DOSfZk/pA62adHY=; b=HXCs7XrJ1PfEzCbTqGRnV0TqSOiQPjlZ2pZRiq8BSDynXf4ZzQaungKh9H0djvJe2/ u9JFmriIF7AsjGsgHzQw6+5nOzzQNv7BfkB54WrZBn6McVbnwgl8BHFeTwatmJeq7A+X O1QSQbH9ZJ/DJaUNUBDyk+r0buFOQsKW59qeAQ8WwagVHQ6nkquGg33XNm5gYzKuWaBv mYbns/6Irc++H1sseWrCI0EvXDfW9d1iojgoHUZ/znJ9t0m6KtNIhbojqJXB/UjabO6E NzarnbRv6FFNuXZ+72M717H4Ld5AZ06YcQ8d1dpVcuvztLHULHa2iqO1+vpAQVZcqR0z SUpg== X-Gm-Message-State: APjAAAWIjPpljNcmgJr5ctQLNBNR6cr8B/QGnbdrieBubSJFx4pZ+JXU 6gzlEnvxbgl8o5j/nhdwfVaoTA== X-Received: by 2002:a2e:8595:: with SMTP id b21mr286960lji.155.1573201242525; Fri, 08 Nov 2019 00:20:42 -0800 (PST) Received: from [10.0.156.104] ([195.22.87.57]) by smtp.gmail.com with ESMTPSA id 68sm2523544ljf.26.2019.11.08.00.20.41 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 08 Nov 2019 00:20:41 -0800 (PST) Subject: Re: [PATCH v3 1/6] rtnetlink: allow RTM_SETLINK to reference other namespaces To: =?UTF-8?B?TWFoZXNoIEJhbmRld2FyICjgpK7gpLngpYfgpLYg4KSs4KSC4KSh4KWH4KS1?= =?UTF-8?B?4KS+4KSwKQ==?= Cc: nicolas.dichtel@6wind.com, linux-netdev , linux-kernel@vger.kernel.org, David Miller References: <20191107132755.8517-1-jonas@norrbonn.se> <20191107132755.8517-2-jonas@norrbonn.se> From: Jonas Bonn Message-ID: Date: Fri, 8 Nov 2019 09:20:40 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Mahesh, On 07/11/2019 21:36, Mahesh Bandewar (महेश बंडेवार) wrote: > On Thu, Nov 7, 2019 at 5:30 AM Jonas Bonn wrote: >> >> >> + /* A hack to preserve kernel<->userspace interface. >> + * It was previously allowed to pass the IFLA_TARGET_NETNSID >> + * attribute as a way to _set_ the network namespace. In this >> + * case, the device interface was assumed to be in the _current_ >> + * namespace. >> + * If the device cannot be found in the target namespace then we >> + * assume that the request is to set the device in the current >> + * namespace and thus we attempt to find the device there. >> + */ > Could this bypasses the ns_capable() check? i.e. if the target is > "foo" but your current ns is bar. The process may be "capable" is foo > but the interface is not found in foo but present in bar and ends up > modifying it (especially when you are not capable in bar)? I don't think so. There was never any capable-check for the "current" namespace so there's no change in that regard. I do think there is an issue with this hack that I can't see any workaround for. If the user specifies an interface (by name or index) for another namespace that doesn't exist, there's a potential problem if that name/index happens to exist in the "current" namespace. In that case, one many end up inadvertently modifying the interface in the current namespace. I don't see how to avoid that while maintaining the backwards compatibility. My absolute preference would be to drop this compat-hack altogether. iproute2 doesn't use a bare TARGET_NETNSID in this manner (for changing namespaces) and I didn't find any other users by a quick search of other prominent Netlink users: systemd, network-manager, connman. This compat-hack is there for the _potential ab-user_ of the interface, not for any known such. > >> + if (!dev && tgt_net) { >> + net = sock_net(skb->sk); >> + if (ifm->ifi_index > 0) >> + dev = __dev_get_by_index(net, ifm->ifi_index); >> + else if (tb[IFLA_IFNAME]) >> + dev = __dev_get_by_name(net, ifname); >> + } /Jonas