netlink: kill netlink_set_nonroot · tjh.dev/kernel@9785e10

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

netlink: kill netlink_set_nonroot

Replace netlink_set_nonroot by one new field `flags' in
struct netlink_kernel_cfg that is passed to netlink_kernel_create.

This patch also renames NL_NONROOT_* to NL_CFG_F_NONROOT_* since
now the flags field in nl_table is generic (so we can add more
flags if needed in the future).

Also adjust all callers in the net-next tree to use these flags
instead of netlink_set_nonroot.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Pablo Neira Ayuso and committed by

David S. Miller 13 years ago 9785e10a 16fa9e1d

+21 -25

6 changed files

expand all

include

linux

netlink.h

lib

kobject_uevent.c

net

core

rtnetlink.c

netlink

af_netlink.c

genetlink.c

security

selinux

netlink.c

+4 -5

include/linux/netlink.h

··· 176 176 extern void netlink_table_grab(void); 177 177 extern void netlink_table_ungrab(void); 178 178 179 + #define NL_CFG_F_NONROOT_RECV (1 << 0) 180 + #define NL_CFG_F_NONROOT_SEND (1 << 1) 181 + 179 182 /* optional Netlink kernel configuration parameters */ 180 183 struct netlink_kernel_cfg { 181 184 unsigned int groups; 182 185 void (*input)(struct sk_buff *skb); 183 186 struct mutex *cb_mutex; 184 187 void (*bind)(int group); 188 + unsigned int flags; 185 189 }; 186 190 187 191 extern struct sock *netlink_kernel_create(struct net *net, int unit, ··· 263 259 extern int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, 264 260 const struct nlmsghdr *nlh, 265 261 struct netlink_dump_control *control); 266 - 267 - 268 - #define NL_NONROOT_RECV 0x1 269 - #define NL_NONROOT_SEND 0x2 270 - extern void netlink_set_nonroot(int protocol, unsigned flag); 271 262 272 263 #endif /* __KERNEL__ */ 273 264

+1 -1

lib/kobject_uevent.c

··· 375 375 struct uevent_sock *ue_sk; 376 376 struct netlink_kernel_cfg cfg = { 377 377 .groups = 1, 378 + .flags = NL_CFG_F_NONROOT_RECV, 378 379 }; 379 380 380 381 ue_sk = kzalloc(sizeof(*ue_sk), GFP_KERNEL); ··· 423 422 424 423 static int __init kobject_uevent_init(void) 425 424 { 426 - netlink_set_nonroot(NETLINK_KOBJECT_UEVENT, NL_NONROOT_RECV); 427 425 return register_pernet_subsys(&uevent_net_ops); 428 426 } 429 427

+1 -1

net/core/rtnetlink.c

··· 2381 2381 .groups = RTNLGRP_MAX, 2382 2382 .input = rtnetlink_rcv, 2383 2383 .cb_mutex = &rtnl_mutex, 2384 + .flags = NL_CFG_F_NONROOT_RECV, 2384 2385 }; 2385 2386 2386 2387 sk = netlink_kernel_create(net, NETLINK_ROUTE, THIS_MODULE, &cfg); ··· 2417 2416 if (register_pernet_subsys(&rtnetlink_net_ops)) 2418 2417 panic("rtnetlink_init: cannot initialize rtnetlink\n"); 2419 2418 2420 - netlink_set_nonroot(NETLINK_ROUTE, NL_NONROOT_RECV); 2421 2419 register_netdevice_notifier(&rtnetlink_dev_notifier); 2422 2420 2423 2421 rtnl_register(PF_UNSPEC, RTM_GETLINK, rtnl_getlink,

+13 -15

net/netlink/af_netlink.c

··· 121 121 struct nl_pid_hash hash; 122 122 struct hlist_head mc_list; 123 123 struct listeners __rcu *listeners; 124 - unsigned int nl_nonroot; 124 + unsigned int flags; 125 125 unsigned int groups; 126 126 struct mutex *cb_mutex; 127 127 struct module *module; ··· 536 536 if (--nl_table[sk->sk_protocol].registered == 0) { 537 537 kfree(nl_table[sk->sk_protocol].listeners); 538 538 nl_table[sk->sk_protocol].module = NULL; 539 + nl_table[sk->sk_protocol].bind = NULL; 540 + nl_table[sk->sk_protocol].flags = 0; 539 541 nl_table[sk->sk_protocol].registered = 0; 540 542 } 541 543 } else if (nlk->subscriptions) { ··· 598 596 599 597 static inline int netlink_capable(const struct socket *sock, unsigned int flag) 600 598 { 601 - return (nl_table[sock->sk->sk_protocol].nl_nonroot & flag) || 599 + return (nl_table[sock->sk->sk_protocol].flags & flag) || 602 600 capable(CAP_NET_ADMIN); 603 601 } 604 602 ··· 661 659 662 660 /* Only superuser is allowed to listen multicasts */ 663 661 if (nladdr->nl_groups) { 664 - if (!netlink_capable(sock, NL_NONROOT_RECV)) 662 + if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV)) 665 663 return -EPERM; 666 664 err = netlink_realloc_groups(sk); 667 665 if (err) ··· 723 721 return -EINVAL; 724 722 725 723 /* Only superuser is allowed to send multicasts */ 726 - if (nladdr->nl_groups && !netlink_capable(sock, NL_NONROOT_SEND)) 724 + if (nladdr->nl_groups && !netlink_capable(sock, NL_CFG_F_NONROOT_SEND)) 727 725 return -EPERM; 728 726 729 727 if (!nlk->pid) ··· 1246 1244 break; 1247 1245 case NETLINK_ADD_MEMBERSHIP: 1248 1246 case NETLINK_DROP_MEMBERSHIP: { 1249 - if (!netlink_capable(sock, NL_NONROOT_RECV)) 1247 + if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV)) 1250 1248 return -EPERM; 1251 1249 err = netlink_realloc_groups(sk); 1252 1250 if (err) ··· 1378 1376 dst_group = ffs(addr->nl_groups); 1379 1377 err = -EPERM; 1380 1378 if ((dst_group || dst_pid) && 1381 - !netlink_capable(sock, NL_NONROOT_SEND)) 1379 + !netlink_capable(sock, NL_CFG_F_NONROOT_SEND)) 1382 1380 goto out; 1383 1381 } else { 1384 1382 dst_pid = nlk->dst_pid; ··· 1582 1580 rcu_assign_pointer(nl_table[unit].listeners, listeners); 1583 1581 nl_table[unit].cb_mutex = cb_mutex; 1584 1582 nl_table[unit].module = module; 1585 - nl_table[unit].bind = cfg ? cfg->bind : NULL; 1583 + if (cfg) { 1584 + nl_table[unit].bind = cfg->bind; 1585 + nl_table[unit].flags = cfg->flags; 1586 + } 1586 1587 nl_table[unit].registered = 1; 1587 1588 } else { 1588 1589 kfree(listeners); ··· 1683 1678 __netlink_clear_multicast_users(ksk, group); 1684 1679 netlink_table_ungrab(); 1685 1680 } 1686 - 1687 - void netlink_set_nonroot(int protocol, unsigned int flags) 1688 - { 1689 - if ((unsigned int)protocol < MAX_LINKS) 1690 - nl_table[protocol].nl_nonroot = flags; 1691 - } 1692 - EXPORT_SYMBOL(netlink_set_nonroot); 1693 1681 1694 1682 struct nlmsghdr * 1695 1683 __nlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, int type, int len, int flags) ··· 2148 2150 rcu_assign_pointer(nl_table[NETLINK_USERSOCK].listeners, listeners); 2149 2151 nl_table[NETLINK_USERSOCK].module = THIS_MODULE; 2150 2152 nl_table[NETLINK_USERSOCK].registered = 1; 2151 - nl_table[NETLINK_USERSOCK].nl_nonroot = NL_NONROOT_SEND; 2153 + nl_table[NETLINK_USERSOCK].flags = NL_CFG_F_NONROOT_SEND; 2152 2154 2153 2155 netlink_table_ungrab(); 2154 2156 }

+1 -2

net/netlink/genetlink.c

··· 918 918 struct netlink_kernel_cfg cfg = { 919 919 .input = genl_rcv, 920 920 .cb_mutex = &genl_mutex, 921 + .flags = NL_CFG_F_NONROOT_RECV, 921 922 }; 922 923 923 924 /* we'll bump the group number right afterwards */ ··· 955 954 err = genl_register_family_with_ops(&genl_ctrl, &genl_ctrl_ops, 1); 956 955 if (err < 0) 957 956 goto problem; 958 - 959 - netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV); 960 957 961 958 err = register_pernet_subsys(&genl_pernet_ops); 962 959 if (err)

+1 -1

security/selinux/netlink.c

··· 113 113 { 114 114 struct netlink_kernel_cfg cfg = { 115 115 .groups = SELNLGRP_MAX, 116 + .flags = NL_CFG_F_NONROOT_RECV, 116 117 }; 117 118 118 119 selnl = netlink_kernel_create(&init_net, NETLINK_SELINUX, 119 120 THIS_MODULE, &cfg); 120 121 if (selnl == NULL) 121 122 panic("SELinux: Cannot create netlink socket."); 122 - netlink_set_nonroot(NETLINK_SELINUX, NL_NONROOT_RECV); 123 123 return 0; 124 124 } 125 125