From: Jonas Bonn <jonas@norrbonn.se>
To: nicolas.dichtel@6wind.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: davem@davemloft.net, Jonas Bonn <jonas@norrbonn.se>
Subject: [PATCH v2 5/5] net: namespace: allow setting NSIDs outside current namespace
Date: Wed, 6 Nov 2019 06:39:23 +0100 [thread overview]
Message-ID: <20191106053923.10414-6-jonas@norrbonn.se> (raw)
In-Reply-To: <20191106053923.10414-1-jonas@norrbonn.se>
Currently it is only possible to move an interface to a new namespace if
the destination namespace has an ID in the interface's current namespace.
If the interface already resides outside of the current namespace, then
we may need to assign the destination namespace an ID in the interface's
namespace in order to effect the move.
This patch allows namespace ID's to be created outside of the current
namespace. With this, the following is possible:
i) Our namespace is 'A'.
ii) The interface resides in namespace 'B'
iii) We can assign an ID for NS 'A' in NS 'B'
iv) We can then move the interface into our own namespace.
and
i) Our namespace is 'A'; namespaces 'B' and 'C' also exist
ii) We can assign an ID for namespace 'C' in namespace 'B'
iii) We can then create a VETH interface directly in namespace 'B' with
the other end in 'C', all without ever leaving namespace 'A'
Signed-off-by: Jonas Bonn <jonas@norrbonn.se>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
---
net/core/net_namespace.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index 6d3e4821b02d..0071f395098d 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -724,6 +724,7 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh,
struct nlattr *tb[NETNSA_MAX + 1];
struct nlattr *nla;
struct net *peer;
+ struct net *target = NULL;
int nsid, err;
err = nlmsg_parse_deprecated(nlh, sizeof(struct rtgenmsg), tb,
@@ -752,6 +753,21 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh,
return PTR_ERR(peer);
}
+ if (tb[NETNSA_TARGET_NSID]) {
+ int id = nla_get_s32(tb[NETNSA_TARGET_NSID]);
+
+ target = rtnl_get_net_ns_capable(NETLINK_CB(skb).sk, id);
+ if (IS_ERR(target)) {
+ NL_SET_BAD_ATTR(extack, tb[NETNSA_TARGET_NSID]);
+ NL_SET_ERR_MSG(extack,
+ "Target netns reference is invalid");
+ err = PTR_ERR(target);
+ goto out;
+ }
+
+ net = target;
+ }
+
spin_lock_bh(&net->nsid_lock);
if (__peernet2id(net, peer) >= 0) {
spin_unlock_bh(&net->nsid_lock);
@@ -773,6 +789,9 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh,
NL_SET_BAD_ATTR(extack, tb[NETNSA_NSID]);
NL_SET_ERR_MSG(extack, "The specified nsid is already used");
}
+
+ if (target)
+ put_net(target);
out:
put_net(peer);
return err;
--
2.20.1
next prev parent reply other threads:[~2019-11-06 5:39 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-06 5:39 [PATCH v2 0/5] Add namespace awareness to Netlink methods Jonas Bonn
2019-11-06 5:39 ` [PATCH v2 1/5] rtnetlink: allow RTM_SETLINK to reference other namespaces Jonas Bonn
2019-11-06 23:38 ` Jakub Kicinski
2019-11-06 5:39 ` [PATCH v2 2/5] rtnetlink: skip namespace change if already effect Jonas Bonn
2019-11-06 5:39 ` [PATCH v2 3/5] rtnetlink: allow RTM_NEWLINK to act upon interfaces in arbitrary namespaces Jonas Bonn
2019-11-06 5:39 ` [PATCH v2 4/5] net: ipv4: allow setting address on interface outside current namespace Jonas Bonn
2019-11-06 21:06 ` Nicolas Dichtel
2019-11-06 5:39 ` Jonas Bonn [this message]
2019-11-06 22:12 ` [PATCH v2 0/5] Add namespace awareness to Netlink methods David Ahern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191106053923.10414-6-jonas@norrbonn.se \
--to=jonas@norrbonn.se \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=nicolas.dichtel@6wind.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.