On Fri, Apr 02, 2021 at 10:20:14AM +0200, Christian Brauner wrote: > > @@ -11043,6 +11046,11 @@ int dev_change_net_namespace(struct net_device > > *dev, struct net *net, const char > > goto out; > > } > > > > + /* Check that new_ifindex isn't used yet. */ > > + err = -EBUSY; > > + if (new_ifindex && __dev_get_by_index(net, new_ifindex)) > > + goto out; > > Should this maybe verify that the new_inindex isn't negative and reject > it right away? (Maybe also right where we first retrieve it?) Otherwise > __dev_get_by_index() might pointlessly walk the whole netdev list for > thet network namespace. >
I think __dev_get_by_index works fine for links with negative ifindices, but there are other places where we expect that ifindex is positive, so I think you are right, we need to check that it isn't negative here and we need to add the same check in register_netdevice too. Thanks, Andrei
