[ovs-dev] [PATCH] dpif-netlink: "bonding_masters" is a reserved name

Gregory Rose gvrose8192 at gmail.com
Thu Jun 24 17:29:30 UTC 2021 


On 6/23/2021 6:35 AM, Ilya Maximets wrote:
> On 6/23/21 2:12 PM, Timothy Redaelli wrote:
>> Currently, on Linux, if you try to create a system datapath called
>> "bonding_masters", when you have bonding module loaded, you have a
>> kernel trace
>> ("sysfs: cannot create duplicate filename '/class/net/bonding_masters'").
>>
>> This trace appears since "bonding" kernel modules creates a file called
>> "/sys/class/net/bonding_masters", that prevents any network interface to
>> be called "bonding_masters".
>>
>> This commits forbid an user to create a system datapath (that is a network
>> interface) called "bonding_masters" to avoid the kernel trace and to
>> avoid that bonding module can't work if it's loaded after
>> "bonding_masters" interface is created.
>>
>> Reported-at: https://bugzilla.redhat.com/1974303
>> Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
>> ---
> 
> Hi, Timothy.  Looking at BZ linked above, I tend to agree that it's a
> kernel's bug and working around it in every userspace program that is able
> to create a network interface doesn't make much sense to me.  I think,
> kernel should just reject attempts to create network interfaces with this
> kind of names.
> 
> I can create this kind of interface with just an ip command, OVS can create
> this kind of interface, any DPDK application is able to create tap interface
> with this name, QEMU, and so on.
> 
> Simple 'ip tuntap add mode tap bonding_masters && modprobe bonding' gives
> the same call trace in a kernel.
> 
> Also, the change below will only reject creation of bridges with such name,
> but will not prevent creation of regular ports (e.g. tap interfaces) and
> having this check in 3-5 places in the code doesn't look right to me.

The proper fix is certainly in the kernel - but what the kernel should
do and what it does do are different.  I respectively disagree and think
OVS should do what it can to avoid user confusion.

There could be some documentation for the situation as well.

- Greg

> 
>>   lib/dpif-netlink.c | 8 ++++++++
>>   1 file changed, 8 insertions(+)
>>
>> diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
>> index 73d5608a8..ada1d8479 100644
>> --- a/lib/dpif-netlink.c
>> +++ b/lib/dpif-netlink.c
>> @@ -330,6 +330,14 @@ dpif_netlink_open(const struct dpif_class *class OVS_UNUSED, const char *name,
>>       uint32_t upcall_pid;
>>       int error;
>>   
>> +    /* "bonding_masters" is a reserved interface name under Linux,
>> +     * since bonding module creates /sys/class/net/bonding_masters
>> +     * and so no interface can be called "bonding_masters".
>> +     */
>> +    if (!strcmp(name, "bonding_masters")) {
>> +        return EINVAL;
>> +    }
>> +
>>       error = dpif_netlink_init();
>>       if (error) {
>>           return error;
>>
> 
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>

More information about the dev mailing list