[Devel] Re: [PATCHSET] 2.6.20-rc4-mm1-lxc2
Daniel Lezcano
dlezcano at fr.ibm.com
Tue Jan 16 15:48:27 PST 2007
Cedric Le Goater wrote:
> All,
>
> We've been gathering and porting patches related to namespaces in
> a lxc patchset for a while now. Mostly working on the network
> namespace which will require some extra work to be usable.
>
> * It's available here :
>
> http://www.sr71.net/patches/2.6.20/2.6.20-rc4-mm1-lxc2/
>
> * Caveats :
>
> namespace syscalls are still under construction.
>
> network namespace is broken :
>
> . the nsproxy backpointer in net_ns is flaky.
> . the push_net_ns() and pop_net_ns() can be called under
> irq and are using current. this seems inappropriate.
> . there is a race on ->nsproxy between push_net_ns() and
> exit_task_namespaces()
Hi Dmitry,
we are experiencing NULL address access when using the nsproxy in
push_net_ns function without any unshare.
It appears the exit_task_namespace function sets current->nsproxy to
NULL and we are interrupted by an incoming packet. The netif_receive_skb
does push_net_ns(dev->net_ns). The push_net_ns function retrieves the
current->nsproxy to use it. But it was previously set to NULL by the
exit_task_namespace function.
The bug can be reproduced with the following command launched from
another host.
while $(true); do ssh myaddress ls > /dev/null && echo -n .; done
After a time (between 1 second - 3 minutes), the kernel panics.
I think this will be very hard to fix and perhaps we should redesign
some part. Instead of using nsproxy swapping, perhaps we should pass
net_ns as parameter to functions, but that will breaks a lot of API.
What is your feeling on that ?
Regards.
-- Daniel.
_______________________________________________
Containers mailing list
Containers at lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
More information about the Devel
mailing list