From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: netdev@vger.kernel.org
Subject: [PATCH net-next RFC v1 21/27] afnetns: add support for tcpv6
Date: Mon, 13 Mar 2017 00:01:45 +0100 [thread overview]
Message-ID: <20170312230151.5185-22-hannes@stressinduktion.org> (raw)
In-Reply-To: <20170312230151.5185-1-hannes@stressinduktion.org>
Same as the support for tcpv4, we simply add the necessary checks so we
just look at our own sockets.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
---
net/ipv6/inet6_hashtables.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c
index 8570e0e3016b65..05b71f0937e676 100644
--- a/net/ipv6/inet6_hashtables.c
+++ b/net/ipv6/inet6_hashtables.c
@@ -87,6 +87,7 @@ struct sock *__inet6_lookup_established(struct net *net,
const u16 hnum,
const int dif)
{
+ struct afnetns *afnetns;
struct sock *sk;
const struct hlist_nulls_node *node;
const __portpair ports = INET_COMBINED_PORTS(sport, hnum);
@@ -97,11 +98,15 @@ struct sock *__inet6_lookup_established(struct net *net,
unsigned int slot = hash & hashinfo->ehash_mask;
struct inet_ehash_bucket *head = &hashinfo->ehash[slot];
+ afnetns = ipv6_get_ifaddr_afnetns_rcu(net, daddr,
+ dev_get_by_index_rcu(net, dif));
begin:
sk_nulls_for_each_rcu(sk, node, &head->chain) {
if (sk->sk_hash != hash)
continue;
+ if (sock_afnetns(sk) != afnetns)
+ continue;
if (!INET6_MATCH(sk, net, saddr, daddr, ports, dif))
continue;
if (unlikely(!atomic_inc_not_zero(&sk->sk_refcnt)))
@@ -123,14 +128,15 @@ struct sock *__inet6_lookup_established(struct net *net,
EXPORT_SYMBOL(__inet6_lookup_established);
static inline int compute_score(struct sock *sk, struct net *net,
+ struct afnetns *afnetns,
const unsigned short hnum,
const struct in6_addr *daddr,
const int dif, bool exact_dif)
{
int score = -1;
- if (net_eq(sock_net(sk), net) && inet_sk(sk)->inet_num == hnum &&
- sk->sk_family == PF_INET6) {
+ if (net_eq(sock_net(sk), net) && sock_afnetns(sk) == afnetns &&
+ inet_sk(sk)->inet_num == hnum && sk->sk_family == PF_INET6) {
score = 1;
if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) {
@@ -162,10 +168,14 @@ struct sock *inet6_lookup_listener(struct net *net,
int score, hiscore = 0, matches = 0, reuseport = 0;
bool exact_dif = inet6_exact_dif_match(net, skb);
struct sock *sk, *result = NULL;
+ struct afnetns *afnetns;
u32 phash = 0;
+ afnetns = ipv6_get_ifaddr_afnetns_rcu(net, daddr, skb->dev);
+
sk_for_each(sk, &ilb->head) {
- score = compute_score(sk, net, hnum, daddr, dif, exact_dif);
+ score = compute_score(sk, net, afnetns, hnum, daddr, dif,
+ exact_dif);
if (score > hiscore) {
reuseport = sk->sk_reuseport;
if (reuseport) {
--
2.9.3
next prev parent reply other threads:[~2017-03-12 23:02 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-12 23:01 [PATCH net-next RFC v1 00/27] afnetns: new namespace type for separation on protocol level Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 01/27] afnetns: add CLONE_NEWAFNET flag Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 02/27] afnetns: basic namespace operations and representations Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 03/27] afnetns: prepare for integration into ipv4 Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 04/27] afnetns: add net_afnetns Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 05/27] afnetns: ipv6 integration Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 06/27] afnetns: put afnetns pointer into struct sock Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 07/27] ipv4: introduce ifa_find_rcu Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 08/27] afnetns: factor out inet_allow_bind Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 09/27] afnetns: add sock_afnetns Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 10/27] afnetns: add ifa_find_afnetns_rcu Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 11/27] afnetns: validate afnetns in inet_allow_bind Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 12/27] afnetns: ipv4/udp integration Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 13/27] afnetns: use inet_allow_bind in inet6_bind Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 14/27] afnetns: check for afnetns " Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 15/27] afnetns: add ipv6_get_ifaddr_afnetns_rcu Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 16/27] afnetns: add udpv6 support Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 17/27] afnetns: introduce __inet_select_addr Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 18/27] afnetns: afnetns should influence source address selection Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 19/27] afnetns: add afnetns support for tcpv4 Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 20/27] ipv6: move ipv6_get_ifaddr to vmlinux in case ipv6 is build as module Hannes Frederic Sowa
2017-03-12 23:01 ` Hannes Frederic Sowa [this message]
2017-03-12 23:01 ` [PATCH net-next RFC v1 22/27] afnetns: track owning namespace for inet_bind Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 23/27] afnetns: use user_ns from afnetns for checking for binding to port < 1024 Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 24/27] afnetns: check afnetns user_ns in inet6_bind Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 25/27] afnetns: ipv4: inherit afnetns from calling application Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 26/27] afnetns: ipv6: " Hannes Frederic Sowa
2017-03-12 23:01 ` [PATCH net-next RFC v1 27/27] afnetns: allow only whitelisted protocols to operate inside afnetns Hannes Frederic Sowa
2017-03-12 23:26 ` [PATCH net-next RFC v1 00/27] afnetns: new namespace type for separation on protocol level David Miller
2017-03-12 23:44 ` Hannes Frederic Sowa
[not found] ` <1489362279.2283.1.camel-tFNcAqjVMyqKXQKiL6tip0B+6BGkLq7r@public.gmane.org>
2017-03-13 19:56 ` Michael Kerrisk
[not found] ` <CAHO5Pa1s949dohzEEE68Ux=mXA7N7sR-U98Jwjvx1a_A5AhFEw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-03-13 22:06 ` Eric W. Biederman
2017-03-14 10:18 ` Hannes Frederic Sowa
[not found] ` <cc9229f8-a389-87cc-2512-ee00e200a7c3-tFNcAqjVMyqKXQKiL6tip0B+6BGkLq7r@public.gmane.org>
2017-03-14 17:46 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170312230151.5185-22-hannes@stressinduktion.org \
--to=hannes@stressinduktion.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.