Re: [RFC PATCH net-next 0/5] netns: allow to identify peer netns
From: Eric W. Biederman <hidden>
Date: 2014-07-02 20:13:23
Nicolas Dichtel [off-list ref] writes:
The goal of this serie is to be able to multicast netlink messages with an attribute that identify a peer netns. This is needed by the userland to interpret some informations contained in netlink messages (like IFLA_LINK value, but also some other attributes in case of x-netns netdevice (see also http://thread.gmane.org/gmane.linux.network/315933/focus=316064)). Each network namespaces allocates its own ids for other netns (including itself). The user can retrieve these ids via a new netlink messages, but only if he has a FD which points to this netns. Dump is not implemented so that a user cannot get the whole netns list. The goal of this RFC is mainly to validate the principle, ie patch 1/5 and 2/5. Patch 3/5 and 4/5 shows an example of how to use these ids in rtnetlink messages. And patch 5/5 shows that the netlink messages can be symetric between a GET and a SET.
This approach fundamentally breaks process migration, and calls for a namespace of namespaces. Which means this is a major mess that really isn't going to work because it generates more problems than it solves. Eric