tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

net: Support specifying the network namespace upon device creation.

There is no good reason to not support userspace specifying the
network namespace during device creation, and it makes it easier
to create a network device and pass it to a child network namespace
with a well known name.

We have to be careful to ensure that the target network namespace
for the new device exists through the life of the call. To keep
that logic clear I have factored out the network namespace grabbing
logic into rtnl_link_get_net.

In addtion we need to continue to pass the source network namespace
to the rtnl_link_ops.newlink method so that we can find the base
device source network namespace.

Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>

authored by

Eric W. Biederman and committed by
David S. Miller 81adee47 f7a3a1d8

+50 -23
+1 -1
drivers/net/can/dev.c
··· 674 674 return -EMSGSIZE; 675 675 } 676 676 677 - static int can_newlink(struct net_device *dev, 677 + static int can_newlink(struct net *src_net, struct net_device *dev, 678 678 struct nlattr *tb[], struct nlattr *data[]) 679 679 { 680 680 return -EOPNOTSUPP;
+2 -2
drivers/net/macvlan.c
··· 504 504 return 0; 505 505 } 506 506 507 - static int macvlan_newlink(struct net_device *dev, 507 + static int macvlan_newlink(struct net *src_net, struct net_device *dev, 508 508 struct nlattr *tb[], struct nlattr *data[]) 509 509 { 510 510 struct macvlan_dev *vlan = netdev_priv(dev); ··· 515 515 if (!tb[IFLA_LINK]) 516 516 return -EINVAL; 517 517 518 - lowerdev = __dev_get_by_index(dev_net(dev), nla_get_u32(tb[IFLA_LINK])); 518 + lowerdev = __dev_get_by_index(src_net, nla_get_u32(tb[IFLA_LINK])); 519 519 if (lowerdev == NULL) 520 520 return -ENODEV; 521 521
+12 -3
drivers/net/veth.c
··· 340 340 341 341 static struct rtnl_link_ops veth_link_ops; 342 342 343 - static int veth_newlink(struct net_device *dev, 343 + static int veth_newlink(struct net *src_net, struct net_device *dev, 344 344 struct nlattr *tb[], struct nlattr *data[]) 345 345 { 346 346 int err; ··· 348 348 struct veth_priv *priv; 349 349 char ifname[IFNAMSIZ]; 350 350 struct nlattr *peer_tb[IFLA_MAX + 1], **tbp; 351 + struct net *net; 351 352 352 353 /* 353 354 * create and register peer first ··· 381 380 else 382 381 snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d"); 383 382 384 - peer = rtnl_create_link(dev_net(dev), ifname, &veth_link_ops, tbp); 385 - if (IS_ERR(peer)) 383 + net = rtnl_link_get_net(src_net, tbp); 384 + if (IS_ERR(net)) 385 + return PTR_ERR(net); 386 + 387 + peer = rtnl_create_link(src_net, net, ifname, &veth_link_ops, tbp); 388 + if (IS_ERR(peer)) { 389 + put_net(net); 386 390 return PTR_ERR(peer); 391 + } 387 392 388 393 if (tbp[IFLA_ADDRESS] == NULL) 389 394 random_ether_addr(peer->dev_addr); 390 395 391 396 err = register_netdevice(peer); 397 + put_net(net); 398 + net = NULL; 392 399 if (err < 0) 393 400 goto err_register_peer; 394 401
+5 -3
include/net/rtnetlink.h
··· 55 55 int (*validate)(struct nlattr *tb[], 56 56 struct nlattr *data[]); 57 57 58 - int (*newlink)(struct net_device *dev, 58 + int (*newlink)(struct net *src_net, 59 + struct net_device *dev, 59 60 struct nlattr *tb[], 60 61 struct nlattr *data[]); 61 62 int (*changelink)(struct net_device *dev, ··· 84 83 extern int rtnl_link_register(struct rtnl_link_ops *ops); 85 84 extern void rtnl_link_unregister(struct rtnl_link_ops *ops); 86 85 87 - extern struct net_device *rtnl_create_link(struct net *net, char *ifname, 88 - const struct rtnl_link_ops *ops, struct nlattr *tb[]); 86 + extern struct net *rtnl_link_get_net(struct net *src_net, struct nlattr *tb[]); 87 + extern struct net_device *rtnl_create_link(struct net *src_net, struct net *net, 88 + char *ifname, const struct rtnl_link_ops *ops, struct nlattr *tb[]); 89 89 extern const struct nla_policy ifla_policy[IFLA_MAX+1]; 90 90 91 91 #define MODULE_ALIAS_RTNL_LINK(kind) MODULE_ALIAS("rtnl-link-" kind)
+2 -2
net/8021q/vlan_netlink.c
··· 119 119 return 0; 120 120 } 121 121 122 - static int vlan_newlink(struct net_device *dev, 122 + static int vlan_newlink(struct net *src_net, struct net_device *dev, 123 123 struct nlattr *tb[], struct nlattr *data[]) 124 124 { 125 125 struct vlan_dev_info *vlan = vlan_dev_info(dev); ··· 131 131 132 132 if (!tb[IFLA_LINK]) 133 133 return -EINVAL; 134 - real_dev = __dev_get_by_index(dev_net(dev), nla_get_u32(tb[IFLA_LINK])); 134 + real_dev = __dev_get_by_index(src_net, nla_get_u32(tb[IFLA_LINK])); 135 135 if (!real_dev) 136 136 return -ENODEV; 137 137
+27 -11
net/core/rtnetlink.c
··· 733 733 [IFLA_INFO_DATA] = { .type = NLA_NESTED }, 734 734 }; 735 735 736 + struct net *rtnl_link_get_net(struct net *src_net, struct nlattr *tb[]) 737 + { 738 + struct net *net; 739 + /* Examine the link attributes and figure out which 740 + * network namespace we are talking about. 741 + */ 742 + if (tb[IFLA_NET_NS_PID]) 743 + net = get_net_ns_by_pid(nla_get_u32(tb[IFLA_NET_NS_PID])); 744 + else 745 + net = get_net(src_net); 746 + return net; 747 + } 748 + EXPORT_SYMBOL(rtnl_link_get_net); 749 + 736 750 static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[]) 737 751 { 738 752 if (dev) { ··· 770 756 int err; 771 757 772 758 if (tb[IFLA_NET_NS_PID]) { 773 - struct net *net; 774 - net = get_net_ns_by_pid(nla_get_u32(tb[IFLA_NET_NS_PID])); 759 + struct net *net = rtnl_link_get_net(dev_net(dev), tb); 775 760 if (IS_ERR(net)) { 776 761 err = PTR_ERR(net); 777 762 goto errout; ··· 989 976 return 0; 990 977 } 991 978 992 - struct net_device *rtnl_create_link(struct net *net, char *ifname, 993 - const struct rtnl_link_ops *ops, struct nlattr *tb[]) 979 + struct net_device *rtnl_create_link(struct net *src_net, struct net *net, 980 + char *ifname, const struct rtnl_link_ops *ops, struct nlattr *tb[]) 994 981 { 995 982 int err; 996 983 struct net_device *dev; ··· 998 985 unsigned int real_num_queues = 1; 999 986 1000 987 if (ops->get_tx_queues) { 1001 - err = ops->get_tx_queues(net, tb, &num_queues, 988 + err = ops->get_tx_queues(src_net, tb, &num_queues, 1002 989 &real_num_queues); 1003 990 if (err) 1004 991 goto err; ··· 1008 995 if (!dev) 1009 996 goto err; 1010 997 998 + dev_net_set(dev, net); 999 + dev->rtnl_link_ops = ops; 1011 1000 dev->real_num_tx_queues = real_num_queues; 1001 + 1012 1002 if (strchr(dev->name, '%')) { 1013 1003 err = dev_alloc_name(dev, dev->name); 1014 1004 if (err < 0) 1015 1005 goto err_free; 1016 1006 } 1017 - 1018 - dev_net_set(dev, net); 1019 - dev->rtnl_link_ops = ops; 1020 1007 1021 1008 if (tb[IFLA_MTU]) 1022 1009 dev->mtu = nla_get_u32(tb[IFLA_MTU]); ··· 1096 1083 1097 1084 if (1) { 1098 1085 struct nlattr *attr[ops ? ops->maxtype + 1 : 0], **data = NULL; 1086 + struct net *dest_net; 1099 1087 1100 1088 if (ops) { 1101 1089 if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) { ··· 1161 1147 if (!ifname[0]) 1162 1148 snprintf(ifname, IFNAMSIZ, "%s%%d", ops->kind); 1163 1149 1164 - dev = rtnl_create_link(net, ifname, ops, tb); 1150 + dest_net = rtnl_link_get_net(net, tb); 1151 + dev = rtnl_create_link(net, dest_net, ifname, ops, tb); 1165 1152 1166 1153 if (IS_ERR(dev)) 1167 1154 err = PTR_ERR(dev); 1168 1155 else if (ops->newlink) 1169 - err = ops->newlink(dev, tb, data); 1156 + err = ops->newlink(net, dev, tb, data); 1170 1157 else 1171 1158 err = register_netdevice(dev); 1172 - 1173 1159 if (err < 0 && !IS_ERR(dev)) 1174 1160 free_netdev(dev); 1161 + 1162 + put_net(dest_net); 1175 1163 return err; 1176 1164 } 1177 1165 }
+1 -1
net/ipv4/ip_gre.c
··· 1483 1483 dev->features |= NETIF_F_NETNS_LOCAL; 1484 1484 } 1485 1485 1486 - static int ipgre_newlink(struct net_device *dev, struct nlattr *tb[], 1486 + static int ipgre_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[], 1487 1487 struct nlattr *data[]) 1488 1488 { 1489 1489 struct ip_tunnel *nt;