Re: Add a SOCK_DESTROY operation to close sockets from userspace

Here is a an updated version. The external behaviour of this patchset is the same as v4; for more details, see that cover letter at http://www.spinics.net/lists/netdev/msg354303.html . This version fixes two bugs spotted by Eric, and implements Tom's suggestion of making the socket destroy code a

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Dec 2, 2015 at 8:30 AM, Lorenzo Colitti wrote: > On Thu, Dec 3, 2015 at 1:12 AM, Tom Herbert wrote: >> The in kernel caller would already have a pointer to the socket so the >> call would just be sk->sk_prot->destroy(sk). That call should make its >> way down to same backend function in T

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Dec 3, 2015 at 1:12 AM, Tom Herbert wrote: > The in kernel caller would already have a pointer to the socket so the > call would just be sk->sk_prot->destroy(sk). That call should make its > way down to same backend function in TCP that the diag path would use. > We need this in the kernel

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Dec 2, 2015 at 7:18 AM, Lorenzo Colitti wrote: > On Tue, Dec 1, 2015 at 11:53 AM, Tom Herbert wrote: >> This is awesome! The only thing I would suggest is to make >> sock_destroy a proto_op so that it can be called from within the >> kernel. This should be preferred to externally calling

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Tue, Dec 1, 2015 at 11:53 AM, Tom Herbert wrote: > This is awesome! The only thing I would suggest is to make > sock_destroy a proto_op so that it can be called from within the > kernel. This should be preferred to externally calling tcp_done > (hopefully we can unexport that symbol then). I'm

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Mon, Nov 30, 2015 at 6:32 PM, Lorenzo Colitti wrote: > Here is an updated version of the SOCK_DESTROY patch > incorporating some of the feedback received. > > There were two substantial concerns expressed on the approach > taken in this patch. The first was that it allows applications > to caus

Re: Add a SOCK_DESTROY operation to close sockets from userspace

Here is an updated version of the SOCK_DESTROY patch incorporating some of the feedback received. There were two substantial concerns expressed on the approach taken in this patch. The first was that it allows applications to cause the Linux TCP stack to behave improperly. I believe this is addres

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On 11/19/15 6:55 PM, Lorenzo Colitti wrote: upstream alternatives. We might even be able to show up at netdev 1.1 for some higher-bandwidth conversations. This use case would make a great talk for netdev. There are similar problems when netdev's are moved between namespaces (and VRFs). -- To

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> No, I mean something that kills connections where previously this did > not happen. The fact that this is done at the process level does not > justify that it is a right to at do connections. Besides, if you > really intend to do this then provide a privileged process a means to > close *any* ope

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Fri, Nov 20, 2015 at 9:55 AM, David Miller wrote: > Netfilter could perform signalling on skb->sk when it drops packets. > > Your example is actually a argument _for_ doing this in the kernel. > > :-) Well, I did say that was a simple example. :-) How do I make the VPN case work? In that case,

Re: Add a SOCK_DESTROY operation to close sockets from userspace

>> In this case, userspace knows that that app's connections are now >> unusable because it configured an iptables rule to block them. The >> kernel doesn't really know until it the time comes to send a packet, >> and maybe not even then. > > Netfilter could perform signalling on skb->sk when it dr

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Lorenzo Colitti Date: Fri, 20 Nov 2015 09:19:25 +0900 > In this case, userspace knows that that app's connections are now > unusable because it configured an iptables rule to block them. The > kernel doesn't really know until it the time comes to send a packet, > and maybe not even then. N

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 2:53 PM, David Miller wrote: > What I object to is userspace making reachability decisions, not > whether SOCK_DESTROY closes the socket in one way or the other. To be fair: userspace already makes reachability decisions. Using iptables and ip rules, it can configure arbit

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 4:09 PM, Lorenzo Colitti wrote: > On Fri, Nov 20, 2015 at 9:04 AM, Tom Herbert wrote: >> or to start killing connections based on some arbitrary policy when >> under memory pressure. > > You mean like the OOM killer starts killing entire processes based on > some arbitrary

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> Having comments like "look, just implement application keepalives" is > not going to work [1][2]. This is terrible, and show lack of > understanding of the problem. We are not dealing with DC communications > here. (I wish !) There's a 3rd reason: keepalives (tcp or application) are actually und

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Fri, Nov 20, 2015 at 9:04 AM, Tom Herbert wrote: > or to start killing connections based on some arbitrary policy when > under memory pressure. You mean like the OOM killer starts killing entire processes based on some arbitrary policy when under memory pressure? :-) -- To unsubscribe from thi

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 2:33 PM, Eric Dumazet wrote: > On Thu, 2015-11-19 at 14:14 -0800, Tom Herbert wrote: >> On Thu, Nov 19, 2015 at 2:07 PM, Eric Dumazet wrote: >> > On Thu, 2015-11-19 at 13:53 -0800, Tom Herbert wrote: >> > >> >> That covers the case where the local address is removed, but t

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> Ack. With emphasis of *application*. :) The problem with application anything is that changing apps is outright impossible. There are far too many of them written by far too many people. And until you fix them all (which is infeasible) and roll those changes out (unlikely) users will continue to

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Fri, Nov 20, 2015 at 8:02 AM, Hannes Frederic Sowa wrote: > On Thu, Nov 19, 2015, at 19:27, Hannes Frederic Sowa wrote: >> I will research the semantics behind tcpdrop: >>

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 2:38 PM, Hannes Frederic Sowa wrote: > > > On Thu, Nov 19, 2015, at 23:33, Lorenzo Colitti wrote: >> On Fri, Nov 20, 2015 at 2:38 AM, Tom Herbert wrote: >> >> I actually don't have an issue with killing from user space that much. I >> >> still recommend (and actually have

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 19:27, Hannes Frederic Sowa wrote: > I will research the semantics behind tcpdrop: > Fyi, my research shows that it just sends RST and discards comp

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Fri, Nov 20, 2015 at 1:33 AM, David Miller wrote: >> Every-time I make a change in linux TCP stack, this code breaks, and >> this a real pain because Android changes need to be carried over to >> vendors. > > I'm very glad that you felt the pain enough that you finally had > to reluctantly try

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 23:33, Lorenzo Colitti wrote: > On Fri, Nov 20, 2015 at 2:38 AM, Tom Herbert wrote: > >> I actually don't have an issue with killing from user space that much. I > >> still recommend (and actually have started to look at it today) to add a > >> new substate for TCP TIMEW

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 23:31 +0100, Hannes Frederic Sowa wrote: > I thought it would be necessary to support multipathing in QUIC? It is not necessary ;) There are billions of flows sharing Internet pipes, no need to double their numbers, it wont help at all. Simply use one path with appropriate

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Fri, Nov 20, 2015 at 2:38 AM, Tom Herbert wrote: >> I actually don't have an issue with killing from user space that much. I >> still recommend (and actually have started to look at it today) to add a >> new substate for TCP TIMEWAIT and don't have any issue if we block the >> socket for 60 sec

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 14:14 -0800, Tom Herbert wrote: > On Thu, Nov 19, 2015 at 2:07 PM, Eric Dumazet wrote: > > On Thu, 2015-11-19 at 13:53 -0800, Tom Herbert wrote: > > > >> That covers the case where the local address is removed, but the not > >> the case where the network manager is informed o

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 23:15, Eric Dumazet wrote: > On Thu, 2015-11-19 at 23:09 +0100, Hannes Frederic Sowa wrote: > > > My point is the "eventually" and the very much increased latency until > > the kernel learns about new better source addresses it has available. I > > would monitor link qua

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 2:07 PM, Eric Dumazet wrote: > On Thu, 2015-11-19 at 13:53 -0800, Tom Herbert wrote: > >> That covers the case where the local address is removed, but the not >> the case where the network manager is informed of an error in the path >> and wants to signal the application. M

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 23:09 +0100, Hannes Frederic Sowa wrote: > My point is the "eventually" and the very much increased latency until > the kernel learns about new better source addresses it has available. I > would monitor link quality over time and decide source address based on > this on the

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 23:04, Eric Dumazet wrote: > On Thu, 2015-11-19 at 22:53 +0100, Hannes Frederic Sowa wrote: > > > > > You don't steer QUIC source addresses at all? I think most networking > > failures are of transient nature thus the kernel routing subsystem is > > not aware of link qu

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 13:53 -0800, Tom Herbert wrote: > That covers the case where the local address is removed, but the not > the case where the network manager is informed of an error in the path > and wants to signal the application. My understanding was that > SIOCKILLADDR would work for the f

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 22:53 +0100, Hannes Frederic Sowa wrote: > > You don't steer QUIC source addresses at all? I think most networking > failures are of transient nature thus the kernel routing subsystem is > not aware of link quality and packets get lost anyway e.g. in the air? > Thus binding

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 1:41 PM, Eric Dumazet wrote: > On Thu, 2015-11-19 at 13:29 -0800, Tom Herbert wrote: >> > We (TCP stack) compete with QUIC, based on UDP, which has no issues like >> > that. We need to allow TCP sessions being signaled of a non temporary >> > network disruption. >> > >> >>

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 22:41, Eric Dumazet wrote: > On Thu, 2015-11-19 at 13:29 -0800, Tom Herbert wrote: > > > We (TCP stack) compete with QUIC, based on UDP, which has no issues like > > > that. We need to allow TCP sessions being signaled of a non temporary > > > network disruption. > > > >

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 13:29 -0800, Tom Herbert wrote: > > We (TCP stack) compete with QUIC, based on UDP, which has no issues like > > that. We need to allow TCP sessions being signaled of a non temporary > > network disruption. > > > > Eric, can you provide some detail on this statement? > > I d

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> We (TCP stack) compete with QUIC, based on UDP, which has no issues like > that. We need to allow TCP sessions being signaled of a non temporary > network disruption. > Eric, can you provide some detail on this statement? I don't understand why QUIC wouldn't have this same issue. Seems like it

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 19:09, David Miller wrote: > From: Tom Herbert > Date: Thu, 19 Nov 2015 09:38:37 -0800 > > > 1) We need transparency. If a third party kills a TCP connection then > > the application should be informed of specifically that. This seems > > easy enough to just pick an appro

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Tom Herbert Date: Thu, 19 Nov 2015 09:38:37 -0800 > 1) We need transparency. If a third party kills a TCP connection then > the application should be informed of specifically that. This seems > easy enough to just pick an appropriate error number as I suggested. Agreed. > 2) We need const

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 12:02 -0500, David Miller wrote: > From: Eric Dumazet > Date: Thu, 19 Nov 2015 08:47:44 -0800 > > > So if the reaction of this is "Patch is coming from Android, must be > > yet another hack", it is quite not fair. > > I have not said this. > > But the attitude of that all

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> I actually don't have an issue with killing from user space that much. I > still recommend (and actually have started to look at it today) to add a > new substate for TCP TIMEWAIT and don't have any issue if we block the > socket for 60 seconds and send RSTs to all incoming data. This way we > ca

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 17:19, Eric Dumazet wrote: > On Thu, 2015-11-19 at 10:48 -0500, David Miller wrote: > > At least if they do it this way, and someone claims that Linux TCP > > behaves outside the spec or improperly, it's not directly because of > > any code I am responsible for. > > > > Th

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Eric Dumazet Date: Thu, 19 Nov 2015 08:47:44 -0800 > So if the reaction of this is "Patch is coming from Android, must be > yet another hack", it is quite not fair. I have not said this. But the attitude of that all of a sudden we must care urgently about some Android issue they have wait

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Eric Dumazet Date: Thu, 19 Nov 2015 08:43:34 -0800 > You already rejected some of my patches, obviously. Of course, and I applied quickly all the really nice ones, many of them... :-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord..

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 11:33 -0500, David Miller wrote: > Android folks really do not care about upstream, and it is probably > bottom of their priority. Their actions consistently support this. Well, in this case they contacted me and we worked on a modern solution, candidate for upstream kernel

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 11:33 -0500, David Miller wrote: > You cannot just say "I signoff on this, it's the only reasonable > scheme, apply it." That's not how we do things here. I added my SOB because I effectively worked a lot on this patch. Not because it is a sign of "This is the only way it

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Eric Dumazet Date: Thu, 19 Nov 2015 08:19:24 -0800 > Here is the thing : > > - Android powered phones and devices have a similar code since 2008. > There is _no_ way they can avoid having this functionality. Weren't we given similar story about initial wake locks implementation? There is

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, 2015-11-19 at 10:48 -0500, David Miller wrote: > At least if they do it this way, and someone claims that Linux TCP > behaves outside the spec or improperly, it's not directly because of > any code I am responsible for. > > That's the difference, and frankly an important one to me. > > If

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Maciej Żenczykowski Date: Wed, 18 Nov 2015 23:19:03 -0800 > Privileged userspace can already make these decisions today, whether > it is by killing processes with open sockets, or by turning interfaces > up and down or by reconfiguring the firewall and/or the routing > rules/tables, or by i

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015, at 06:12, Tom Herbert wrote: > I think this solution presumes some out of band signaling about a path > failure deep in the network that is not reported via the TCP > connection. This solution is obviously only as good as the signaling, > but clearly the most general solution

Re: Add a SOCK_DESTROY operation to close sockets from userspace

> What I object to is userspace making reachability decisions, not > whether SOCK_DESTROY closes the socket in one way or the other. Privileged userspace can already make these decisions today, whether it is by killing processes with open sockets, or by turning interfaces up and down or by reconfi

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Lorenzo Colitti Date: Thu, 19 Nov 2015 14:13:48 +0900 > On Thu, Nov 19, 2015 at 12:49 PM, David Miller wrote: >> The more I think about it more the more I agree with him and dislike >> having user space make sure "it's ok", that isn't where TCP protocol >> semantic rules are implemented.

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Thu, Nov 19, 2015 at 12:49 PM, David Miller wrote: > What if we implemented this the other way. The operations that make > the sockets no longer connected to the world, close them. The route > delete during address removal does the socket scan and then the done > calls on those sockets. In m

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015 at 7:49 PM, David Miller wrote: > From: Hannes Frederic Sowa > Date: Wed, 18 Nov 2015 21:43:36 +0100 > >> Basically my concern is the same one I tried to express in the other >> patch about Florian's patch "[PATCH -next] net: tcp: move to >> timewait when receiving data post

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Hannes Frederic Sowa Date: Wed, 18 Nov 2015 21:43:36 +0100 > Basically my concern is the same one I tried to express in the other > patch about Florian's patch "[PATCH -next] net: tcp: move to > timewait when receiving data post active-close": we could give the > socket back way too early s

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015, at 21:35, David Miller wrote: > From: Lorenzo Colitti > Date: Wed, 18 Nov 2015 19:47:21 +0900 > > > On Wed, Nov 18, 2015 at 7:19 PM, Hannes Frederic Sowa > > wrote: > >> I bet there will soon be a timewaitd which handles the not configurable > >> (David has rejected all tho

Re: Add a SOCK_DESTROY operation to close sockets from userspace

From: Lorenzo Colitti Date: Wed, 18 Nov 2015 19:47:21 +0900 > On Wed, Nov 18, 2015 at 7:19 PM, Hannes Frederic Sowa > wrote: >> I bet there will soon be a timewaitd which handles the not configurable >> (David has rejected all those patches so far) timeout of TIME_WAIT >> sockets. And I bet it w

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015, at 16:32, Hannes Frederic Sowa wrote: > On Wed, Nov 18, 2015, at 16:16, Eric Dumazet wrote: > > On Wed, 2015-11-18 at 15:56 +0100, Hannes Frederic Sowa wrote: > > > On Wed, Nov 18, 2015, at 15:45, Lorenzo Colitti wrote: > > > > On Wed, Nov 18, 2015 at 10:31 PM, Hannes Frederi

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015, at 16:16, Eric Dumazet wrote: > On Wed, 2015-11-18 at 15:56 +0100, Hannes Frederic Sowa wrote: > > On Wed, Nov 18, 2015, at 15:45, Lorenzo Colitti wrote: > > > On Wed, Nov 18, 2015 at 10:31 PM, Hannes Frederic Sowa > > > wrote: > > > > I was not saying using tcp_close literal

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, 2015-11-18 at 15:56 +0100, Hannes Frederic Sowa wrote: > On Wed, Nov 18, 2015, at 15:45, Lorenzo Colitti wrote: > > On Wed, Nov 18, 2015 at 10:31 PM, Hannes Frederic Sowa > > wrote: > > > I was not saying using tcp_close literally, sorry for not making that > > > clear, but just model the

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015, at 15:45, Lorenzo Colitti wrote: > On Wed, Nov 18, 2015 at 10:31 PM, Hannes Frederic Sowa > wrote: > > I was not saying using tcp_close literally, sorry for not making that > > clear, but just model the state transitions after tcp_close. At least it > > seems like a normal cl

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015 at 10:31 PM, Hannes Frederic Sowa wrote: > I was not saying using tcp_close literally, sorry for not making that > clear, but just model the state transitions after tcp_close. At least it > seems like a normal close to me. But it shouldn't be a normal close. Consider calling

Re: Add a SOCK_DESTROY operation to close sockets from userspace

Hello, On Wed, Nov 18, 2015, at 14:04, Lorenzo Colitti wrote: > On Wed, Nov 18, 2015 at 8:19 PM, Hannes Frederic Sowa > wrote: > > I was wondering why you didn't use tcp_close function, because still we > > could have the address and we would like to do a proper shutdown of the > > connection. Wh

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015 at 8:19 PM, Hannes Frederic Sowa wrote: > I was wondering why you didn't use tcp_close function, because still we > could have the address and we would like to do a proper shutdown of the > connection. While this patchset wants to tear down sockets for addresses > no longer al

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, 2015-11-18 at 12:19 +0100, Hannes Frederic Sowa wrote: > On Wed, Nov 18, 2015, at 11:47, Lorenzo Colitti wrote: > > On Wed, Nov 18, 2015 at 7:19 PM, Hannes Frederic Sowa > > wrote: > > > I bet there will soon be a timewaitd which handles the not configurable > > > (David has rejected all t

RE: Add a SOCK_DESTROY operation to close sockets from userspace

From: Maciej Zenczykowski > Sent: 18 November 2015 03:57 > I don't know what the right fix is... > > However, speaking as an end user with laptops on wifi and/or home > gateways on dialup connections where the IP address occasionally (or > constantly) changes, I find it very frustrating that by de

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015, at 11:47, Lorenzo Colitti wrote: > On Wed, Nov 18, 2015 at 7:19 PM, Hannes Frederic Sowa > wrote: > > I bet there will soon be a timewaitd which handles the not configurable > > (David has rejected all those patches so far) timeout of TIME_WAIT > > sockets. And I bet it will

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015 at 7:19 PM, Hannes Frederic Sowa wrote: > I bet there will soon be a timewaitd which handles the not configurable > (David has rejected all those patches so far) timeout of TIME_WAIT > sockets. And I bet it will be used. :/ No, SOCK_DESTROY has no effect on TCP_TIME_WAIT sock

Re: Add a SOCK_DESTROY operation to close sockets from userspace

Hi, On Wed, Nov 18, 2015, at 05:04, Eric Dumazet wrote: > On Tue, 2015-11-17 at 19:27 -0800, Stephen Hemminger wrote: > > > I understand why you might want this, but it smells like the same > > kind of problems that the "forced unmount" patch had which eventually > > led to it not being accepted

Re: Add a SOCK_DESTROY operation to close sockets from userspace

Hello, On Wed, Nov 18, 2015, at 02:43, Lorenzo Colitti wrote: > This patch series adds the ability for a privileged process to > destroy sockets belonging to other userspace processes via the > sock_diag interface, and implements that for TCP sockets. > > This functionality is needed on laptops a

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Tue, Nov 17, 2015 at 8:23 PM, Lorenzo Colitti wrote: > On Wed, Nov 18, 2015 at 12:56 PM, Tom Herbert wrote: >>> The patch series only implements SOCK_DESTROY for TCP sockets, >>> but the mechanism can be extended to any protocol family that >>> supports the sock_diag interface. >>> >> I assume

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, Nov 18, 2015 at 12:56 PM, Tom Herbert wrote: >> The patch series only implements SOCK_DESTROY for TCP sockets, >> but the mechanism can be extended to any protocol family that >> supports the sock_diag interface. >> > I assume that SIOCKILLADDR was restricted to only closing connections >

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Tue, 2015-11-17 at 19:27 -0800, Stephen Hemminger wrote: > I understand why you might want this, but it smells like the same > kind of problems that the "forced unmount" patch had which eventually > led to it not being accepted in mainline. Lots of corner > cases and race conditions waiting to

Re: Add a SOCK_DESTROY operation to close sockets from userspace

I don't know what the right fix is... However, speaking as an end user with laptops on wifi and/or home gateways on dialup connections where the IP address occasionally (or constantly) changes, I find it very frustrating that by default as IP addresses get removed from interfaces all the related s

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Tue, Nov 17, 2015 at 5:43 PM, Lorenzo Colitti wrote: > This patch series adds the ability for a privileged process to > destroy sockets belonging to other userspace processes via the > sock_diag interface, and implements that for TCP sockets. > > This functionality is needed on laptops and mobi

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On 18 November 2015 at 12:34, Erik Kline wrote: > > > On 18 November 2015 at 12:27, Stephen Hemminger > wrote: >> >> On Wed, 18 Nov 2015 10:43:40 +0900 >> Lorenzo Colitti wrote: >> >> > This patch series adds the ability for a privileged process to >> > destroy sockets belonging to other userspa

Re: Add a SOCK_DESTROY operation to close sockets from userspace

On Wed, 18 Nov 2015 10:43:40 +0900 Lorenzo Colitti wrote: > This patch series adds the ability for a privileged process to > destroy sockets belonging to other userspace processes via the > sock_diag interface, and implements that for TCP sockets. > > This functionality is needed on laptops and

Add a SOCK_DESTROY operation to close sockets from userspace

This patch series adds the ability for a privileged process to destroy sockets belonging to other userspace processes via the sock_diag interface, and implements that for TCP sockets. This functionality is needed on laptops and mobile hosts to ensure that network switches / disconnects do not resu