From: Christian Brauner <christian@brauner.io>
To: netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: davem@davemloft.net, kuznet@ms2.inr.ac.ru,
yoshfuji@linux-ipv6.org, pombredanne@nexb.com,
kstewart@linuxfoundation.org, gregkh@linuxfoundation.org,
dsahern@gmail.com, fw@strlen.de, ktkhai@virtuozzo.com,
lucien.xin@gmail.com, jakub.kicinski@netronome.com,
jbenc@redhat.com, nicolas.dichtel@6wind.com,
Christian Brauner <christian.brauner@ubuntu.com>
Subject: [PATCH net-next 0/5] rtnetlink: add IFA_IF_NETNSID for RTM_GETADDR
Date: Wed, 29 Aug 2018 01:18:54 +0200 [thread overview]
Message-ID: <20180828231859.29758-1-christian@brauner.io> (raw)
From: Christian Brauner <christian.brauner@ubuntu.com>
Hey,
A while back we introduced and enabled IFLA_IF_NETNSID in
RTM_{DEL,GET,NEW}LINK requests (cf. [1], [2], [3], [4], [5]). This has led
to signficant performance increases since it allows userspace to avoid
taking the hit of a setns(netns_fd, CLONE_NEWNET), then getting the
interfaces from the netns associated with the netns_fd. Especially when a
lot of network namespaces are in use, using setns() becomes increasingly
problematic when performance matters.
Usually, RTML_GETLINK requests are followed by RTM_GETADDR requests (cf.
getifaddrs() style functions and friends). But currently, RTM_GETADDR
requests do not support a similar property like IFLA_IF_NETNSID for
RTM_*LINK requests.
This is problematic since userspace can retrieve interfaces from another
network namespace by sending a IFLA_IF_NETNSID property along but
RTM_GETLINK request but is still forced to use the legacy setns() style of
retrieving interfaces in RTM_GETADDR requests.
The goal of this series is to make it possible to perform RTM_GETADDR
requests on different network namespaces. To this end a new IFA_IF_NETNSID
property for RTM_*ADDR requests is introduced. It can be used to send a
network namespace identifier along in RTM_*ADDR requests. The network
namespace identifier will be used to retrieve the target network namespace
in which the request is supposed to be fulfilled. This aligns the behavior
of RTM_*ADDR requests with the behavior of RTM_*LINK requests.
Security:
- The caller must have assigned a valid network namespace identifier for
the target network namespace.
- The caller must have CAP_NET_ADMIN in the owning user namespace of the
target network namespace.
Thanks!
Christian
[1]: commit 7973bfd8758d ("rtnetlink: remove check for IFLA_IF_NETNSID")
[2]: commit 5bb8ed075428 ("rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK")
[3]: commit b61ad68a9fe8 ("rtnetlink: enable IFLA_IF_NETNSID for RTM_DELLINK")
[4]: commit c310bfcb6e1b ("rtnetlink: enable IFLA_IF_NETNSID for RTM_SETLINK")
[5]: commit 7c4f63ba8243 ("rtnetlink: enable IFLA_IF_NETNSID in do_setlink()")
Christian Brauner (5):
rtnetlink: add rtnl_get_net_ns_capable()
if_addr: add IFA_IF_NETNSID
ipv4: enable IFA_IF_NETNSID for RTM_GETADDR
ipv6: enable IFA_IF_NETNSID for RTM_GETADDR
rtnetlink: move type calculation out of loop
include/net/rtnetlink.h | 1 +
include/uapi/linux/if_addr.h | 1 +
net/core/rtnetlink.c | 15 +++++---
net/ipv4/devinet.c | 38 +++++++++++++++-----
net/ipv6/addrconf.c | 70 ++++++++++++++++++++++++++++--------
5 files changed, 97 insertions(+), 28 deletions(-)
--
2.17.1
next reply other threads:[~2018-08-28 23:19 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-28 23:18 Christian Brauner [this message]
2018-08-28 23:18 ` [PATCH net-next 1/5] rtnetlink: add rtnl_get_net_ns_capable() Christian Brauner
2018-08-28 23:18 ` [PATCH net-next 2/5] if_addr: add IFA_IF_NETNSID Christian Brauner
2018-08-28 23:18 ` [PATCH net-next 3/5] ipv4: enable IFA_IF_NETNSID for RTM_GETADDR Christian Brauner
2018-08-28 23:18 ` [PATCH net-next 4/5] ipv6: " Christian Brauner
2018-08-30 18:41 ` kbuild test robot
2018-09-03 1:18 ` Christian Brauner
2018-08-28 23:18 ` [PATCH net-next 5/5] rtnetlink: move type calculation out of loop Christian Brauner
2018-08-29 8:30 ` [PATCH net-next 0/5] rtnetlink: add IFA_IF_NETNSID for RTM_GETADDR Kirill Tkhai
2018-08-29 18:13 ` Christian Brauner
2018-08-30 8:49 ` Kirill Tkhai
2018-08-30 14:45 ` Christian Brauner
2018-08-30 15:49 ` Nicolas Dichtel
2018-09-01 0:58 ` David Miller
2018-09-01 18:47 ` Christian Brauner
2018-09-02 9:58 ` Jiri Benc
2018-09-03 7:50 ` Nicolas Dichtel
2018-09-03 9:32 ` Christian Brauner
2018-09-01 1:34 ` Christian Brauner
2018-09-03 13:41 ` Kirill Tkhai
2018-09-03 13:50 ` Jiri Benc
2018-09-03 14:53 ` Kirill Tkhai
2018-09-03 14:22 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180828231859.29758-1-christian@brauner.io \
--to=christian@brauner.io \
--cc=christian.brauner@ubuntu.com \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=fw@strlen.de \
--cc=gregkh@linuxfoundation.org \
--cc=jakub.kicinski@netronome.com \
--cc=jbenc@redhat.com \
--cc=kstewart@linuxfoundation.org \
--cc=ktkhai@virtuozzo.com \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=nicolas.dichtel@6wind.com \
--cc=pombredanne@nexb.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.