Pavel Emelyanov <xemul@xxxxxxxxxx> writes: > I remember that I promised to prepare the wait-extending patch. But I > haven't manage to find time for this, sorry :( In a month or two I will > finish one time-hungry task and hopefully be able to do it. > > As far as this particular patch is concerned. > > All the virtual devices we have now in namespaces (vlan and tunnels) > kill themselves *before* this code is called. But even if we try to > move this destruction from modules to here, we'll be in a tricky > situation, when the e.g. ipip module has already kfree-d the net_ipip > structure, while none of ipip devices are released yet. > > If we try to look in the future - if we ever have a virtual device > driver, that will be able to create its devices in namespace, we'll > have to destroy all these devices *before* (or inside) this driver's > net->exit callback is called, but this patch dies the ->dellink call > at the very end, i.e. *after* any potential ->exit callback. > > Eric - did you see any device, that was ->dellink-ed by this patch? macvlan, veth, and dummy interfaces. Basically everything I use this deletes the virtual interfaces, instead of sending them back to the initial network namespace. >From the looks of the code vlans are also be handled. Things like tun/tap and ipip are handled in the exit methods and I have no problem with that, although I do wonder if we are handling moving or refusing to move them between namespaces properly. For devices that don't need a dedicated virtual interface in every network namespace this certainly looks like the easiest way to handle them, as the driver doesn't need to a thing about network namespaces and the right thing just happens. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers