Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ebtables: Enable locking for concurrent ebtables processes #1294

Closed
wants to merge 2 commits into from
Closed

ebtables: Enable locking for concurrent ebtables processes #1294

wants to merge 2 commits into from

Conversation

ecsv
Copy link
Contributor

@ecsv ecsv commented Jan 3, 2018

These changes are to enable locking to avoid problems when multiple ebtables processes try to modify the kernel data structures at the same time. Not using a lock can result in not applied modifications (add/delete) in the kernel.

During one of my tests, such a concurrency problem resulted in a node which was suppressing all RADVs. The reason for that was an empty RADV_FILTER. This could be fixed by restarting gluon-radv-filterd (when no other ebtables process was running at the same time).

These are required for the PRs #838 and #1113.

ecsv and others added 2 commits January 3, 2018 16:45
@ecsv
ebtables: Use flock() for --concurrent option
f4dd913 
The previous locking mechanism was not atomic, hence it was possible
that a killed ebtables process would leave the lock file in place which
in turn made future ebtables processes wait indefinitely for the lock to
become free.

Fix this by using flock(). This also simplifies code quite a bit because
there is no need for a custom signal handler or an __exit routine
anymore.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
@T-X @ecsv
gluon-ebtables: Enable concurrent ebtables updates
1fc17fd 
This enables the ebtables internal locking mechanism which
will avoid race conditions between multiple, concurrent
ebtables calls.

This is a preparation for the upcoming gluon-arp-limiter
daemon, to avoid issues if upon restarting gluon-ebtables
the gluon-arp-limiter daemon tries to modify the tables.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
@rotanid rotanid added 0. type: enhancement The changeset is an enhancement 0. type: bug This is a bug labels Jan 3, 2018
@rotanid rotanid requested a review from neocturne January 3, 2018 16:01
@neocturne
Copy link
Member

Rebased and applied.

@neocturne neocturne closed this Jan 3, 2018
@ecsv ecsv deleted the ebtables_lock branch January 3, 2018 19:04
@rotanid rotanid mentioned this pull request Jan 3, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jplitza jplitza jplitza approved these changes

@neocturne neocturne Awaiting requested review from neocturne

Assignees
No one assigned
Labels
0. type: bug This is a bug 0. type: enhancement The changeset is an enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ecsv @neocturne @jplitza @rotanid @T-X