From b854272b3c732316676e9128f7b9e6f1e1ff88b0 Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Sat, 1 Dec 2007 00:21:31 +1100 Subject: [NET]: Modify all rtnetlink methods to only work in the initial namespace (v2) Before I can enable rtnetlink to work in all network namespaces I need to be certain that something won't break. So this patch deliberately disables all of the rtnletlink methods in everything except the initial network namespace. After the methods have been audited this extra check can be disabled. Changes from v1: - added IPv6 addrlabel protection Signed-off-by: Denis V. Lunev Signed-off-by: Eric W. Biederman Signed-off-by: David S. Miller Signed-off-by: Herbert Xu --- net/ipv4/devinet.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index b42f74617bac..c0eb26a0d0bc 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -441,6 +441,7 @@ struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { + struct net *net = skb->sk->sk_net; struct nlattr *tb[IFA_MAX+1]; struct in_device *in_dev; struct ifaddrmsg *ifm; @@ -449,6 +450,9 @@ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg ASSERT_RTNL(); + if (net != &init_net) + return -EINVAL; + err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy); if (err < 0) goto errout; @@ -560,10 +564,14 @@ errout: static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { + struct net *net = skb->sk->sk_net; struct in_ifaddr *ifa; ASSERT_RTNL(); + if (net != &init_net) + return -EINVAL; + ifa = rtm_to_ifaddr(nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1174,12 +1182,16 @@ nla_put_failure: static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) { + struct net *net = skb->sk->sk_net; int idx, ip_idx; struct net_device *dev; struct in_device *in_dev; struct in_ifaddr *ifa; int s_ip_idx, s_idx = cb->args[0]; + if (net != &init_net) + return 0; + s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(&init_net, dev) { -- cgit v1.2.3 From 97c53cacf00d1f5aa04adabfebcc806ca8b22b10 Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Mon, 19 Nov 2007 22:26:51 -0800 Subject: [NET]: Make rtnetlink infrastructure network namespace aware (v3) After this patch none of the netlink callback support anything except the initial network namespace but the rtnetlink infrastructure now handles multiple network namespaces. Changes from v2: - IPv6 addrlabel processing Changes from v1: - no need for special rtnl_unlock handling - fixed IPv6 ndisc Signed-off-by: Denis V. Lunev Signed-off-by: Eric W. Biederman Signed-off-by: David S. Miller --- include/linux/rtnetlink.h | 8 +++--- include/net/net_namespace.h | 3 +++ net/bridge/br_netlink.c | 4 +-- net/core/fib_rules.c | 4 +-- net/core/neighbour.c | 4 +-- net/core/rtnetlink.c | 63 +++++++++++++++++++++++++++++++++++++-------- net/decnet/dn_dev.c | 4 +-- net/decnet/dn_route.c | 2 +- net/decnet/dn_table.c | 4 +-- net/ipv4/devinet.c | 4 +-- net/ipv4/fib_semantics.c | 4 +-- net/ipv4/ipmr.c | 4 +-- net/ipv4/route.c | 2 +- net/ipv6/addrconf.c | 14 +++++----- net/ipv6/addrlabel.c | 2 +- net/ipv6/ndisc.c | 5 ++-- net/ipv6/route.c | 6 ++--- net/sched/act_api.c | 8 +++--- net/sched/cls_api.c | 2 +- net/sched/sch_api.c | 4 +-- net/wireless/wext.c | 5 +++- 21 files changed, 102 insertions(+), 54 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h index e20dcc89a836..b014f6b7fe29 100644 --- a/include/linux/rtnetlink.h +++ b/include/linux/rtnetlink.h @@ -620,11 +620,11 @@ extern int __rtattr_parse_nested_compat(struct rtattr *tb[], int maxattr, ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL; \ __rtattr_parse_nested_compat(tb, max, rta, len); }) -extern int rtnetlink_send(struct sk_buff *skb, u32 pid, u32 group, int echo); -extern int rtnl_unicast(struct sk_buff *skb, u32 pid); -extern int rtnl_notify(struct sk_buff *skb, u32 pid, u32 group, +extern int rtnetlink_send(struct sk_buff *skb, struct net *net, u32 pid, u32 group, int echo); +extern int rtnl_unicast(struct sk_buff *skb, struct net *net, u32 pid); +extern int rtnl_notify(struct sk_buff *skb, struct net *net, u32 pid, u32 group, struct nlmsghdr *nlh, gfp_t flags); -extern void rtnl_set_sk_err(u32 group, int error); +extern void rtnl_set_sk_err(struct net *net, u32 group, int error); extern int rtnetlink_put_metrics(struct sk_buff *skb, u32 *metrics); extern int rtnl_put_cacheinfo(struct sk_buff *skb, struct dst_entry *dst, u32 id, u32 ts, u32 tsage, long expires, diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 5dd6d90b37eb..90802a668c23 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -10,6 +10,7 @@ struct proc_dir_entry; struct net_device; +struct sock; struct net { atomic_t count; /* To decided when the network * namespace should be freed. @@ -29,6 +30,8 @@ struct net { struct list_head dev_base_head; struct hlist_head *dev_name_head; struct hlist_head *dev_index_head; + + struct sock *rtnl; /* rtnetlink socket */ }; #ifdef CONFIG_NET diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index a4ffa2b63cd5..f5d69336d97b 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -97,10 +97,10 @@ void br_ifinfo_notify(int event, struct net_bridge_port *port) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net,0, RTNLGRP_LINK, NULL, GFP_ATOMIC); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_LINK, err); + rtnl_set_sk_err(&init_net, RTNLGRP_LINK, err); } /* diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index 3b20b6f0982e..0af0538343da 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -599,10 +599,10 @@ static void notify_rule_change(int event, struct fib_rule *rule, kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, pid, ops->nlgroup, nlh, GFP_KERNEL); + err = rtnl_notify(skb, &init_net, pid, ops->nlgroup, nlh, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(ops->nlgroup, err); + rtnl_set_sk_err(&init_net, ops->nlgroup, err); } static void attach_rules(struct list_head *rules, struct net_device *dev) diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 29f0a4d2008f..a8b72c1c7c8a 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -2467,10 +2467,10 @@ static void __neigh_notify(struct neighbour *n, int type, int flags) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_NEIGH, err); + rtnl_set_sk_err(&init_net, RTNLGRP_NEIGH, err); } #ifdef CONFIG_ARPD diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 4edc3dac4ccd..9efaf35934f4 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -60,7 +60,6 @@ struct rtnl_link }; static DEFINE_MUTEX(rtnl_mutex); -static struct sock *rtnl; void rtnl_lock(void) { @@ -458,8 +457,9 @@ size_t rtattr_strlcpy(char *dest, const struct rtattr *rta, size_t size) return ret; } -int rtnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo) +int rtnetlink_send(struct sk_buff *skb, struct net *net, u32 pid, unsigned group, int echo) { + struct sock *rtnl = net->rtnl; int err = 0; NETLINK_CB(skb).dst_group = group; @@ -471,14 +471,17 @@ int rtnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo) return err; } -int rtnl_unicast(struct sk_buff *skb, u32 pid) +int rtnl_unicast(struct sk_buff *skb, struct net *net, u32 pid) { + struct sock *rtnl = net->rtnl; + return nlmsg_unicast(rtnl, skb, pid); } -int rtnl_notify(struct sk_buff *skb, u32 pid, u32 group, +int rtnl_notify(struct sk_buff *skb, struct net *net, u32 pid, u32 group, struct nlmsghdr *nlh, gfp_t flags) { + struct sock *rtnl = net->rtnl; int report = 0; if (nlh) @@ -487,8 +490,10 @@ int rtnl_notify(struct sk_buff *skb, u32 pid, u32 group, return nlmsg_notify(rtnl, skb, pid, group, report, flags); } -void rtnl_set_sk_err(u32 group, int error) +void rtnl_set_sk_err(struct net *net, u32 group, int error) { + struct sock *rtnl = net->rtnl; + netlink_set_err(rtnl, 0, group, error); } @@ -1201,7 +1206,7 @@ static int rtnl_getlink(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) kfree_skb(nskb); goto errout; } - err = rtnl_unicast(nskb, NETLINK_CB(skb).pid); + err = rtnl_unicast(nskb, net, NETLINK_CB(skb).pid); errout: dev_put(dev); @@ -1252,10 +1257,10 @@ void rtmsg_ifinfo(int type, struct net_device *dev, unsigned change) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_KERNEL); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_LINK, err); + rtnl_set_sk_err(&init_net, RTNLGRP_LINK, err); } /* Protected by RTNL sempahore. */ @@ -1266,6 +1271,7 @@ static int rtattr_max; static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) { + struct net *net = skb->sk->sk_net; rtnl_doit_func doit; int sz_idx, kind; int min_len; @@ -1294,6 +1300,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) return -EPERM; if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { + struct sock *rtnl; rtnl_dumpit_func dumpit; dumpit = rtnl_get_dumpit(family, type); @@ -1301,6 +1308,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) return -EOPNOTSUPP; __rtnl_unlock(); + rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); rtnl_lock(); return err; @@ -1373,6 +1381,40 @@ static struct notifier_block rtnetlink_dev_notifier = { .notifier_call = rtnetlink_event, }; + +static int rtnetlink_net_init(struct net *net) +{ + struct sock *sk; + sk = netlink_kernel_create(net, NETLINK_ROUTE, RTNLGRP_MAX, + rtnetlink_rcv, &rtnl_mutex, THIS_MODULE); + if (!sk) + return -ENOMEM; + + /* Don't hold an extra reference on the namespace */ + put_net(sk->sk_net); + net->rtnl = sk; + return 0; +} + +static void rtnetlink_net_exit(struct net *net) +{ + struct sock *sk = net->rtnl; + if (sk) { + /* At the last minute lie and say this is a socket for the + * initial network namespace. So the socket will be safe to + * free. + */ + sk->sk_net = get_net(&init_net); + sock_put(sk); + net->rtnl = NULL; + } +} + +static struct pernet_operations rtnetlink_net_ops = { + .init = rtnetlink_net_init, + .exit = rtnetlink_net_exit, +}; + void __init rtnetlink_init(void) { int i; @@ -1385,10 +1427,9 @@ void __init rtnetlink_init(void) if (!rta_buf) panic("rtnetlink_init: cannot allocate rta_buf\n"); - rtnl = netlink_kernel_create(&init_net, NETLINK_ROUTE, RTNLGRP_MAX, - rtnetlink_rcv, &rtnl_mutex, THIS_MODULE); - if (rtnl == NULL) + if (register_pernet_subsys(&rtnetlink_net_ops)) panic("rtnetlink_init: cannot initialize rtnetlink\n"); + netlink_set_nonroot(NETLINK_ROUTE, NL_NONROOT_RECV); register_netdevice_notifier(&rtnetlink_dev_notifier); diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c index 94256845a057..39c89c682047 100644 --- a/net/decnet/dn_dev.c +++ b/net/decnet/dn_dev.c @@ -793,10 +793,10 @@ static void dn_ifaddr_notify(int event, struct dn_ifaddr *ifa) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_DECnet_IFADDR, NULL, GFP_KERNEL); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_DECnet_IFADDR, NULL, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_DECnet_IFADDR, err); + rtnl_set_sk_err(&init_net, RTNLGRP_DECnet_IFADDR, err); } static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 28aeba15cf12..5d742f1420d9 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c @@ -1587,7 +1587,7 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void goto out_free; } - return rtnl_unicast(skb, NETLINK_CB(in_skb).pid); + return rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); out_free: kfree_skb(skb); diff --git a/net/decnet/dn_table.c b/net/decnet/dn_table.c index a3bdb8dd1fb2..e09d915dbd77 100644 --- a/net/decnet/dn_table.c +++ b/net/decnet/dn_table.c @@ -375,10 +375,10 @@ static void dn_rtmsg_fib(int event, struct dn_fib_node *f, int z, u32 tb_id, kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, pid, RTNLGRP_DECnet_ROUTE, nlh, GFP_KERNEL); + err = rtnl_notify(skb, &init_net, pid, RTNLGRP_DECnet_ROUTE, nlh, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_DECnet_ROUTE, err); + rtnl_set_sk_err(&init_net, RTNLGRP_DECnet_ROUTE, err); } static __inline__ int dn_hash_dump_bucket(struct sk_buff *skb, diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index c0eb26a0d0bc..6e75c884e1af 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1240,10 +1240,10 @@ static void rtmsg_ifa(int event, struct in_ifaddr* ifa, struct nlmsghdr *nlh, kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, pid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); + err = rtnl_notify(skb, &init_net, pid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV4_IFADDR, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV4_IFADDR, err); } #ifdef CONFIG_SYSCTL diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index 1351a2617dce..33ec96001d90 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -320,11 +320,11 @@ void rtmsg_fib(int event, __be32 key, struct fib_alias *fa, kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, info->pid, RTNLGRP_IPV4_ROUTE, + err = rtnl_notify(skb, &init_net, info->pid, RTNLGRP_IPV4_ROUTE, info->nlh, GFP_KERNEL); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV4_ROUTE, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV4_ROUTE, err); } /* Return the first fib alias matching TOS with diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 8e5d47a60602..11879283ad52 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -321,7 +321,7 @@ static void ipmr_destroy_unres(struct mfc_cache *c) e->error = -ETIMEDOUT; memset(&e->msg, 0, sizeof(e->msg)); - rtnl_unicast(skb, NETLINK_CB(skb).pid); + rtnl_unicast(skb, &init_net, NETLINK_CB(skb).pid); } else kfree_skb(skb); } @@ -533,7 +533,7 @@ static void ipmr_cache_resolve(struct mfc_cache *uc, struct mfc_cache *c) memset(&e->msg, 0, sizeof(e->msg)); } - rtnl_unicast(skb, NETLINK_CB(skb).pid); + rtnl_unicast(skb, &init_net, NETLINK_CB(skb).pid); } else ip_mr_forward(skb, c, 0); } diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 1d2839571d2f..e4b6fb4b1f4f 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2610,7 +2610,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void if (err <= 0) goto errout_free; - err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid); + err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); errout: return err; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 26de8ee5095b..6c8b193474ba 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -3397,7 +3397,7 @@ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, kfree_skb(skb); goto errout_ifa; } - err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid); + err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); errout_ifa: in6_ifa_put(ifa); errout: @@ -3420,10 +3420,10 @@ static void inet6_ifa_notify(int event, struct inet6_ifaddr *ifa) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV6_IFADDR, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_IFADDR, err); } static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, @@ -3628,10 +3628,10 @@ void inet6_ifinfo_notify(int event, struct inet6_dev *idev) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV6_IFADDR, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_IFADDR, err); } static inline size_t inet6_prefix_nlmsg_size(void) @@ -3697,10 +3697,10 @@ static void inet6_prefix_notify(int event, struct inet6_dev *idev, kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, 0, RTNLGRP_IPV6_PREFIX, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_IPV6_PREFIX, NULL, GFP_ATOMIC); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV6_PREFIX, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_PREFIX, err); } static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c index b9b5d5707142..6f1ca607edda 100644 --- a/net/ipv6/addrlabel.c +++ b/net/ipv6/addrlabel.c @@ -549,7 +549,7 @@ static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh, goto out; } - err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid); + err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); out: return err; } diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index b2531f80317e..b87f9d245e2e 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -1049,7 +1049,8 @@ static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt) &ipv6_hdr(ra)->saddr); nlmsg_end(skb, nlh); - err = rtnl_notify(skb, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC); + err = rtnl_notify(skb, &init_net, 0, RTNLGRP_ND_USEROPT, NULL, + GFP_ATOMIC); if (err < 0) goto errout; @@ -1059,7 +1060,7 @@ nla_put_failure: nlmsg_free(skb); err = -EMSGSIZE; errout: - rtnl_set_sk_err(RTNLGRP_ND_USEROPT, err); + rtnl_set_sk_err(&init_net, RTNLGRP_ND_USEROPT, err); } static void ndisc_router_discovery(struct sk_buff *skb) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 5e1c5796761b..d7ec4c9ffc4b 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2230,7 +2230,7 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void goto errout; } - err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid); + err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); errout: return err; } @@ -2260,10 +2260,10 @@ void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info) kfree_skb(skb); goto errout; } - err = rtnl_notify(skb, pid, RTNLGRP_IPV6_ROUTE, nlh, gfp_any()); + err = rtnl_notify(skb, &init_net, pid, RTNLGRP_IPV6_ROUTE, nlh, gfp_any()); errout: if (err < 0) - rtnl_set_sk_err(RTNLGRP_IPV6_ROUTE, err); + rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_ROUTE, err); } /* diff --git a/net/sched/act_api.c b/net/sched/act_api.c index 852829139c67..81506474a4f7 100644 --- a/net/sched/act_api.c +++ b/net/sched/act_api.c @@ -660,7 +660,7 @@ act_get_notify(u32 pid, struct nlmsghdr *n, struct tc_action *a, int event) return -EINVAL; } - return rtnl_unicast(skb, pid); + return rtnl_unicast(skb, &init_net, pid); } static struct tc_action * @@ -781,7 +781,7 @@ static int tca_action_flush(struct rtattr *rta, struct nlmsghdr *n, u32 pid) nlh->nlmsg_flags |= NLM_F_ROOT; module_put(a->ops->owner); kfree(a); - err = rtnetlink_send(skb, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); + err = rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); if (err > 0) return 0; @@ -844,7 +844,7 @@ tca_action_gd(struct rtattr *rta, struct nlmsghdr *n, u32 pid, int event) /* now do the delete */ tcf_action_destroy(head, 0); - ret = rtnetlink_send(skb, pid, RTNLGRP_TC, + ret = rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); if (ret > 0) return 0; @@ -888,7 +888,7 @@ static int tcf_add_notify(struct tc_action *a, u32 pid, u32 seq, int event, nlh->nlmsg_len = skb_tail_pointer(skb) - b; NETLINK_CB(skb).dst_group = RTNLGRP_TC; - err = rtnetlink_send(skb, pid, RTNLGRP_TC, flags&NLM_F_ECHO); + err = rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, flags&NLM_F_ECHO); if (err > 0) err = 0; return err; diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c index fdab6a530bba..80dccac769d0 100644 --- a/net/sched/cls_api.c +++ b/net/sched/cls_api.c @@ -361,7 +361,7 @@ static int tfilter_notify(struct sk_buff *oskb, struct nlmsghdr *n, return -EINVAL; } - return rtnetlink_send(skb, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); + return rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); } struct tcf_dump_args diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index f30e3f7ad885..273c628be054 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -872,7 +872,7 @@ static int qdisc_notify(struct sk_buff *oskb, struct nlmsghdr *n, } if (skb->len) - return rtnetlink_send(skb, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); + return rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); err_out: kfree_skb(skb); @@ -1103,7 +1103,7 @@ static int tclass_notify(struct sk_buff *oskb, struct nlmsghdr *n, return -EINVAL; } - return rtnetlink_send(skb, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); + return rtnetlink_send(skb, &init_net, pid, RTNLGRP_TC, n->nlmsg_flags&NLM_F_ECHO); } struct qdisc_dump_args diff --git a/net/wireless/wext.c b/net/wireless/wext.c index 47e80cc2077c..db03ed5ce055 100644 --- a/net/wireless/wext.c +++ b/net/wireless/wext.c @@ -1137,7 +1137,7 @@ static void wireless_nlevent_process(unsigned long data) struct sk_buff *skb; while ((skb = skb_dequeue(&wireless_nlevent_queue))) - rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); + rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); } static DECLARE_TASKLET(wireless_nlevent_tasklet, wireless_nlevent_process, 0); @@ -1189,6 +1189,9 @@ static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len) struct sk_buff *skb; int err; + if (dev->nd_net != &init_net) + return; + skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); if (!skb) return; -- cgit v1.2.3 From 9fa896429905eccc263ff0d5e592ecaf651af12d Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 2 Dec 2007 00:17:46 +1100 Subject: [IPV4]: Cleanup the devinet_sysctl_register I moved the call to kmalloc() from the *t declaration into the code (this is confusing when a variable is initialized with the result of some call) and removed unneeded comment near the error path. Just like I did with the neigh ctl-s. Besides, I fixed the goto's and the labels - they were indented with spaces :( Signed-off-by: Pavel Emelyanov Signed-off-by: Herbert Xu Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 6e75c884e1af..72dd0ecb1081 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1506,12 +1506,13 @@ static void devinet_sysctl_register(struct in_device *in_dev, { int i; struct net_device *dev = in_dev ? in_dev->dev : NULL; - struct devinet_sysctl_table *t = kmemdup(&devinet_sysctl, sizeof(*t), - GFP_KERNEL); + struct devinet_sysctl_table *t; char *dev_name = NULL; + t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); if (!t) - return; + goto out; + for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; t->devinet_vars[i].extra1 = p; @@ -1532,7 +1533,7 @@ static void devinet_sysctl_register(struct in_device *in_dev, */ dev_name = kstrdup(dev_name, GFP_KERNEL); if (!dev_name) - goto free; + goto free; t->devinet_dev[0].procname = dev_name; t->devinet_dev[0].child = t->devinet_vars; @@ -1542,16 +1543,16 @@ static void devinet_sysctl_register(struct in_device *in_dev, t->sysctl_header = register_sysctl_table(t->devinet_root_dir); if (!t->sysctl_header) - goto free_procname; + goto free_procname; p->sysctl = t; return; - /* error path */ - free_procname: +free_procname: kfree(dev_name); - free: +free: kfree(t); +out: return; } -- cgit v1.2.3 From 66f27a52037c89183e83689b0531412577be0101 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 2 Dec 2007 00:55:54 +1100 Subject: [IPV4]: Unify and cleanup calls to devinet_sysctl_register Currently this call is used to register sysctls for devices and for the "default" confs. The "all" sysctls are registered separately. Besides, the inet_device is passed to this function, but it is not needed there at all - just the device name and ifindex are required. Thanks to Herbert, who noticed, that this call doesn't even require the devconf pointer (the last argument) - all we need we can take from the in_device itself. The fix is to make a __devinet_sysctl_register(), which registers sysctls for all "devices" we need, including "default" and "all" :) The original devinet_sysctl_register() works with struct net_device, not the inet_device, and calls the introduced function, passing the device name and ifindex (to be used as procname and ctl_name) into it. Signed-off-by: Pavel Emelyanov Signed-off-by: Herbert Xu Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 72dd0ecb1081..a3a7d301736e 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -98,8 +98,7 @@ static BLOCKING_NOTIFIER_HEAD(inetaddr_chain); static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, int destroy); #ifdef CONFIG_SYSCTL -static void devinet_sysctl_register(struct in_device *in_dev, - struct ipv4_devconf *p); +static void devinet_sysctl_register(struct in_device *idev); static void devinet_sysctl_unregister(struct ipv4_devconf *p); #endif @@ -173,7 +172,7 @@ static struct in_device *inetdev_init(struct net_device *dev) in_dev_hold(in_dev); #ifdef CONFIG_SYSCTL - devinet_sysctl_register(in_dev, &in_dev->cnf); + devinet_sysctl_register(in_dev); #endif ip_mc_init_dev(in_dev); if (dev->flags & IFF_UP) @@ -1119,7 +1118,7 @@ static int inetdev_event(struct notifier_block *this, unsigned long event, neigh_sysctl_unregister(in_dev->arp_parms); neigh_sysctl_register(dev, in_dev->arp_parms, NET_IPV4, NET_IPV4_NEIGH, "ipv4", NULL, NULL); - devinet_sysctl_register(in_dev, &in_dev->cnf); + devinet_sysctl_register(in_dev); #endif break; } @@ -1501,13 +1500,11 @@ static struct devinet_sysctl_table { }, }; -static void devinet_sysctl_register(struct in_device *in_dev, - struct ipv4_devconf *p) +static void __devinet_sysctl_register(char *dev_name, int ctl_name, + struct ipv4_devconf *p) { int i; - struct net_device *dev = in_dev ? in_dev->dev : NULL; struct devinet_sysctl_table *t; - char *dev_name = NULL; t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); if (!t) @@ -1518,13 +1515,7 @@ static void devinet_sysctl_register(struct in_device *in_dev, t->devinet_vars[i].extra1 = p; } - if (dev) { - dev_name = dev->name; - t->devinet_dev[0].ctl_name = dev->ifindex; - } else { - dev_name = "default"; - t->devinet_dev[0].ctl_name = NET_PROTO_CONF_DEFAULT; - } + t->devinet_dev[0].ctl_name = ctl_name; /* * Make a copy of dev_name, because '.procname' is regarded as const @@ -1556,6 +1547,12 @@ out: return; } +static void devinet_sysctl_register(struct in_device *idev) +{ + return __devinet_sysctl_register(idev->dev->name, idev->dev->ifindex, + &idev->cnf); +} + static void devinet_sysctl_unregister(struct ipv4_devconf *p) { if (p->sysctl) { @@ -1577,9 +1574,10 @@ void __init devinet_init(void) rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL); rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr); #ifdef CONFIG_SYSCTL - devinet_sysctl.sysctl_header = - register_sysctl_table(devinet_sysctl.devinet_root_dir); - devinet_sysctl_register(NULL, &ipv4_devconf_dflt); + __devinet_sysctl_register("all", NET_PROTO_CONF_ALL, + &ipv4_devconf); + __devinet_sysctl_register("default", NET_PROTO_CONF_DEFAULT, + &ipv4_devconf_dflt); #endif } -- cgit v1.2.3 From bfada697bd534d2c16fd07fbef3a4924c4d4e014 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 2 Dec 2007 00:57:08 +1100 Subject: [IPV4]: Use ctl paths to register devinet sysctls This looks very much like the patch for neighbors. The path is also located on the stack and is prepared inside the function. This time, the call to the registering function is guarded with the RTNL lock, but I decided to keep it on the stack not to litter the devinet.c file with unneeded names and to make it look similar to the neighbors code. This is also intended to help us with the net namespaces and saves the vmlinux size as well - this time by more than 670 bytes. The difference from the first version is just the patch offsets, that changed due to changes in the patch #2. Signed-off-by: Pavel Emelyanov Signed-off-by: Herbert Xu Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 69 ++++++++++++++++-------------------------------------- 1 file changed, 20 insertions(+), 49 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index a3a7d301736e..9e2747aab252 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1430,11 +1430,8 @@ int ipv4_doint_and_flush_strategy(ctl_table *table, int __user *name, int nlen, static struct devinet_sysctl_table { struct ctl_table_header *sysctl_header; - ctl_table devinet_vars[__NET_IPV4_CONF_MAX]; - ctl_table devinet_dev[2]; - ctl_table devinet_conf_dir[2]; - ctl_table devinet_proto_dir[2]; - ctl_table devinet_root_dir[2]; + struct ctl_table devinet_vars[__NET_IPV4_CONF_MAX]; + char *dev_name; } devinet_sysctl = { .devinet_vars = { DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding", @@ -1466,38 +1463,6 @@ static struct devinet_sysctl_table { DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES, "promote_secondaries"), }, - .devinet_dev = { - { - .ctl_name = NET_PROTO_CONF_ALL, - .procname = "all", - .mode = 0555, - .child = devinet_sysctl.devinet_vars, - }, - }, - .devinet_conf_dir = { - { - .ctl_name = NET_IPV4_CONF, - .procname = "conf", - .mode = 0555, - .child = devinet_sysctl.devinet_dev, - }, - }, - .devinet_proto_dir = { - { - .ctl_name = NET_IPV4, - .procname = "ipv4", - .mode = 0555, - .child = devinet_sysctl.devinet_conf_dir, - }, - }, - .devinet_root_dir = { - { - .ctl_name = CTL_NET, - .procname = "net", - .mode = 0555, - .child = devinet_sysctl.devinet_proto_dir, - }, - }, }; static void __devinet_sysctl_register(char *dev_name, int ctl_name, @@ -1506,6 +1471,16 @@ static void __devinet_sysctl_register(char *dev_name, int ctl_name, int i; struct devinet_sysctl_table *t; +#define DEVINET_CTL_PATH_DEV 3 + + struct ctl_path devinet_ctl_path[] = { + { .procname = "net", .ctl_name = CTL_NET, }, + { .procname = "ipv4", .ctl_name = NET_IPV4, }, + { .procname = "conf", .ctl_name = NET_IPV4_CONF, }, + { /* to be set */ }, + { }, + }; + t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); if (!t) goto out; @@ -1515,24 +1490,20 @@ static void __devinet_sysctl_register(char *dev_name, int ctl_name, t->devinet_vars[i].extra1 = p; } - t->devinet_dev[0].ctl_name = ctl_name; - /* * Make a copy of dev_name, because '.procname' is regarded as const * by sysctl and we wouldn't want anyone to change it under our feet * (see SIOCSIFNAME). */ - dev_name = kstrdup(dev_name, GFP_KERNEL); - if (!dev_name) + t->dev_name = kstrdup(dev_name, GFP_KERNEL); + if (!t->dev_name) goto free; - t->devinet_dev[0].procname = dev_name; - t->devinet_dev[0].child = t->devinet_vars; - t->devinet_conf_dir[0].child = t->devinet_dev; - t->devinet_proto_dir[0].child = t->devinet_conf_dir; - t->devinet_root_dir[0].child = t->devinet_proto_dir; + devinet_ctl_path[DEVINET_CTL_PATH_DEV].procname = t->dev_name; + devinet_ctl_path[DEVINET_CTL_PATH_DEV].ctl_name = ctl_name; - t->sysctl_header = register_sysctl_table(t->devinet_root_dir); + t->sysctl_header = register_sysctl_paths(devinet_ctl_path, + t->devinet_vars); if (!t->sysctl_header) goto free_procname; @@ -1540,7 +1511,7 @@ static void __devinet_sysctl_register(char *dev_name, int ctl_name, return; free_procname: - kfree(dev_name); + kfree(t->dev_name); free: kfree(t); out: @@ -1559,7 +1530,7 @@ static void devinet_sysctl_unregister(struct ipv4_devconf *p) struct devinet_sysctl_table *t = p->sysctl; p->sysctl = NULL; unregister_sysctl_table(t->sysctl_header); - kfree(t->devinet_dev[0].procname); + kfree(t->dev_name); kfree(t); } } -- cgit v1.2.3 From 68dd299bc84dede6aef32e6f4777a676314f5d21 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Wed, 5 Dec 2007 01:44:58 -0800 Subject: [INET]: Merge sys.net.ipv4.ip_forward and sys.net.ipv4.conf.all.forwarding AFAIS these two entries should do the same thing - change the forwarding state on ipv4_devconf and on all the devices. I propose to merge the handlers together using ctl paths. The inet_forward_change() is static after this and I move it higher to be closer to other "propagation" helpers and to avoid diff making patches based on { and } matching :) i.e. - make them easier to read. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- include/linux/inetdevice.h | 1 - net/ipv4/devinet.c | 66 ++++++++++++++++++++++++++++++---------------- net/ipv4/sysctl_net_ipv4.c | 65 --------------------------------------------- 3 files changed, 44 insertions(+), 88 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index d83fee2dc643..dd093ea4c489 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h @@ -135,7 +135,6 @@ extern struct in_device *inetdev_by_index(int); extern __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope); extern __be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope); extern struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, __be32 mask); -extern void inet_forward_change(void); static __inline__ int inet_ifa_match(__be32 addr, struct in_ifaddr *ifa) { diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 9e2747aab252..d1dc0150647d 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1263,6 +1263,28 @@ static void devinet_copy_dflt_conf(int i) read_unlock(&dev_base_lock); } +static void inet_forward_change(void) +{ + struct net_device *dev; + int on = IPV4_DEVCONF_ALL(FORWARDING); + + IPV4_DEVCONF_ALL(ACCEPT_REDIRECTS) = !on; + IPV4_DEVCONF_DFLT(FORWARDING) = on; + + read_lock(&dev_base_lock); + for_each_netdev(&init_net, dev) { + struct in_device *in_dev; + rcu_read_lock(); + in_dev = __in_dev_get_rcu(dev); + if (in_dev) + IN_DEV_CONF_SET(in_dev, FORWARDING, on); + rcu_read_unlock(); + } + read_unlock(&dev_base_lock); + + rt_cache_flush(0); +} + static int devinet_conf_proc(ctl_table *ctl, int write, struct file* filp, void __user *buffer, size_t *lenp, loff_t *ppos) @@ -1332,28 +1354,6 @@ static int devinet_conf_sysctl(ctl_table *table, int __user *name, int nlen, return 1; } -void inet_forward_change(void) -{ - struct net_device *dev; - int on = IPV4_DEVCONF_ALL(FORWARDING); - - IPV4_DEVCONF_ALL(ACCEPT_REDIRECTS) = !on; - IPV4_DEVCONF_DFLT(FORWARDING) = on; - - read_lock(&dev_base_lock); - for_each_netdev(&init_net, dev) { - struct in_device *in_dev; - rcu_read_lock(); - in_dev = __in_dev_get_rcu(dev); - if (in_dev) - IN_DEV_CONF_SET(in_dev, FORWARDING, on); - rcu_read_unlock(); - } - read_unlock(&dev_base_lock); - - rt_cache_flush(0); -} - static int devinet_sysctl_forward(ctl_table *ctl, int write, struct file* filp, void __user *buffer, size_t *lenp, loff_t *ppos) @@ -1536,6 +1536,27 @@ static void devinet_sysctl_unregister(struct ipv4_devconf *p) } #endif +static struct ctl_table ctl_forward_entry[] = { + { + .ctl_name = NET_IPV4_FORWARD, + .procname = "ip_forward", + .data = &ipv4_devconf.data[ + NET_IPV4_CONF_FORWARDING - 1], + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = devinet_sysctl_forward, + .strategy = devinet_conf_sysctl, + .extra1 = &ipv4_devconf, + }, + { }, +}; + +static __initdata struct ctl_path net_ipv4_path[] = { + { .procname = "net", .ctl_name = CTL_NET, }, + { .procname = "ipv4", .ctl_name = NET_IPV4, }, + { }, +}; + void __init devinet_init(void) { register_gifconf(PF_INET, inet_gifconf); @@ -1549,6 +1570,7 @@ void __init devinet_init(void) &ipv4_devconf); __devinet_sysctl_register("default", NET_PROTO_CONF_DEFAULT, &ipv4_devconf_dflt); + register_sysctl_paths(net_ipv4_path, ctl_forward_entry); #endif } diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index bfd0dec6238d..844f26fab06f 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -27,62 +27,6 @@ static int tcp_retr1_max = 255; static int ip_local_port_range_min[] = { 1, 1 }; static int ip_local_port_range_max[] = { 65535, 65535 }; -static -int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp, - void __user *buffer, size_t *lenp, loff_t *ppos) -{ - int val = IPV4_DEVCONF_ALL(FORWARDING); - int ret; - - ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos); - - if (write && IPV4_DEVCONF_ALL(FORWARDING) != val) - inet_forward_change(); - - return ret; -} - -static int ipv4_sysctl_forward_strategy(ctl_table *table, - int __user *name, int nlen, - void __user *oldval, size_t __user *oldlenp, - void __user *newval, size_t newlen) -{ - int *valp = table->data; - int new; - - if (!newval || !newlen) - return 0; - - if (newlen != sizeof(int)) - return -EINVAL; - - if (get_user(new, (int __user *)newval)) - return -EFAULT; - - if (new == *valp) - return 0; - - if (oldval && oldlenp) { - size_t len; - - if (get_user(len, oldlenp)) - return -EFAULT; - - if (len) { - if (len > table->maxlen) - len = table->maxlen; - if (copy_to_user(oldval, valp, len)) - return -EFAULT; - if (put_user(len, oldlenp)) - return -EFAULT; - } - } - - *valp = new; - inet_forward_change(); - return 1; -} - extern seqlock_t sysctl_port_range_lock; extern int sysctl_local_port_range[2]; @@ -281,15 +225,6 @@ static struct ctl_table ipv4_table[] = { .mode = 0644, .proc_handler = &proc_dointvec }, - { - .ctl_name = NET_IPV4_FORWARD, - .procname = "ip_forward", - .data = &IPV4_DEVCONF_ALL(FORWARDING), - .maxlen = sizeof(int), - .mode = 0644, - .proc_handler = &ipv4_sysctl_forward, - .strategy = &ipv4_sysctl_forward_strategy - }, { .ctl_name = NET_IPV4_DEFAULT_TTL, .procname = "ip_default_ttl", -- cgit v1.2.3 From 51602b2a5e849babd94311e555bf1ba58151b8d4 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Tue, 11 Dec 2007 02:17:40 -0800 Subject: [IPV4]: Cleanup sysctl manipulations in devinet.c This includes: * moving neigh_sysctl_(un)register calls inside devinet_sysctl_(un)register ones, as they are always called in pairs; * making __devinet_sysctl_unregister() to unregister the ipv4_devconf struct, while original devinet_sysctl_unregister() works with the in_device to handle both - devconf and neigh sysctls; * make stubs for CONFIG_SYSCTL=n case to get rid of in-code ifdefs. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 59 +++++++++++++++++++++++++++--------------------------- 1 file changed, 29 insertions(+), 30 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index d1dc0150647d..2dc2f7ed6bbe 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -99,7 +99,14 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, int destroy); #ifdef CONFIG_SYSCTL static void devinet_sysctl_register(struct in_device *idev); -static void devinet_sysctl_unregister(struct ipv4_devconf *p); +static void devinet_sysctl_unregister(struct in_device *idev); +#else +static inline void devinet_sysctl_register(struct in_device *idev) +{ +} +static inline void devinet_sysctl_unregister(struct in_device *idev) +{ +} #endif /* Locks all the inet devices. */ @@ -163,17 +170,10 @@ static struct in_device *inetdev_init(struct net_device *dev) goto out_kfree; /* Reference in_dev->dev */ dev_hold(dev); -#ifdef CONFIG_SYSCTL - neigh_sysctl_register(dev, in_dev->arp_parms, NET_IPV4, - NET_IPV4_NEIGH, "ipv4", NULL, NULL); -#endif - /* Account for reference dev->ip_ptr (below) */ in_dev_hold(in_dev); -#ifdef CONFIG_SYSCTL devinet_sysctl_register(in_dev); -#endif ip_mc_init_dev(in_dev); if (dev->flags & IFF_UP) ip_mc_up(in_dev); @@ -212,15 +212,9 @@ static void inetdev_destroy(struct in_device *in_dev) inet_free_ifa(ifa); } -#ifdef CONFIG_SYSCTL - devinet_sysctl_unregister(&in_dev->cnf); -#endif - dev->ip_ptr = NULL; -#ifdef CONFIG_SYSCTL - neigh_sysctl_unregister(in_dev->arp_parms); -#endif + devinet_sysctl_unregister(in_dev); neigh_parms_release(&arp_tbl, in_dev->arp_parms); arp_ifdown(dev); @@ -1113,13 +1107,8 @@ static int inetdev_event(struct notifier_block *this, unsigned long event, */ inetdev_changename(dev, in_dev); -#ifdef CONFIG_SYSCTL - devinet_sysctl_unregister(&in_dev->cnf); - neigh_sysctl_unregister(in_dev->arp_parms); - neigh_sysctl_register(dev, in_dev->arp_parms, NET_IPV4, - NET_IPV4_NEIGH, "ipv4", NULL, NULL); + devinet_sysctl_unregister(in_dev); devinet_sysctl_register(in_dev); -#endif break; } out: @@ -1518,21 +1507,31 @@ out: return; } +static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf) +{ + struct devinet_sysctl_table *t = cnf->sysctl; + + if (t == NULL) + return; + + cnf->sysctl = NULL; + unregister_sysctl_table(t->sysctl_header); + kfree(t->dev_name); + kfree(t); +} + static void devinet_sysctl_register(struct in_device *idev) { - return __devinet_sysctl_register(idev->dev->name, idev->dev->ifindex, + neigh_sysctl_register(idev->dev, idev->arp_parms, NET_IPV4, + NET_IPV4_NEIGH, "ipv4", NULL, NULL); + __devinet_sysctl_register(idev->dev->name, idev->dev->ifindex, &idev->cnf); } -static void devinet_sysctl_unregister(struct ipv4_devconf *p) +static void devinet_sysctl_unregister(struct in_device *idev) { - if (p->sysctl) { - struct devinet_sysctl_table *t = p->sysctl; - p->sysctl = NULL; - unregister_sysctl_table(t->sysctl_header); - kfree(t->dev_name); - kfree(t); - } + __devinet_sysctl_unregister(&idev->cnf); + neigh_sysctl_unregister(idev->arp_parms); } #endif -- cgit v1.2.3 From ea40b324d791d86a42b858d073007de4d133227e Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 16 Dec 2007 13:30:07 -0800 Subject: [IPV4]: Make __devinet_sysctl_register return an error Currently, this function is void, so failures in creating sysctls for new/renamed devices are not reported to anywhere. Fixing this is another complex (needed?) task, but this return value is needed during the namespaces creation to handle the case, when we failed to create "all" and "default" entries. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 2dc2f7ed6bbe..82def2c1c650 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1454,8 +1454,8 @@ static struct devinet_sysctl_table { }, }; -static void __devinet_sysctl_register(char *dev_name, int ctl_name, - struct ipv4_devconf *p) +static int __devinet_sysctl_register(struct net *net, char *dev_name, + int ctl_name, struct ipv4_devconf *p) { int i; struct devinet_sysctl_table *t; @@ -1497,14 +1497,14 @@ static void __devinet_sysctl_register(char *dev_name, int ctl_name, goto free_procname; p->sysctl = t; - return; + return 0; free_procname: kfree(t->dev_name); free: kfree(t); out: - return; + return -ENOBUFS; } static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf) -- cgit v1.2.3 From c0ce9fb304871daa0dd2bf0efb1b241b9fa4a279 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 16 Dec 2007 13:31:14 -0800 Subject: [IPV4]: Store the net pointer on devinet's ctl tables Some handers and strategies of devinet sysctl tables need to know the net to propagate the ctl change to all the net devices. I use the (currently unused) extra2 pointer on the tables to get it. Holding the reference on the struct net is not possible, because otherwise we'll get a net->ctl_table->net circular dependency. But since the ctl tables are unregistered during the net destruction, this is safe to get it w/o additional protection. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 82def2c1c650..8b2a44c4f82a 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1236,12 +1236,12 @@ errout: #ifdef CONFIG_SYSCTL -static void devinet_copy_dflt_conf(int i) +static void devinet_copy_dflt_conf(struct net *net, int i) { struct net_device *dev; read_lock(&dev_base_lock); - for_each_netdev(&init_net, dev) { + for_each_netdev(net, dev) { struct in_device *in_dev; rcu_read_lock(); in_dev = __in_dev_get_rcu(dev); @@ -1252,7 +1252,7 @@ static void devinet_copy_dflt_conf(int i) read_unlock(&dev_base_lock); } -static void inet_forward_change(void) +static void inet_forward_change(struct net *net) { struct net_device *dev; int on = IPV4_DEVCONF_ALL(FORWARDING); @@ -1261,7 +1261,7 @@ static void inet_forward_change(void) IPV4_DEVCONF_DFLT(FORWARDING) = on; read_lock(&dev_base_lock); - for_each_netdev(&init_net, dev) { + for_each_netdev(net, dev) { struct in_device *in_dev; rcu_read_lock(); in_dev = __in_dev_get_rcu(dev); @@ -1282,12 +1282,13 @@ static int devinet_conf_proc(ctl_table *ctl, int write, if (write) { struct ipv4_devconf *cnf = ctl->extra1; + struct net *net = ctl->extra2; int i = (int *)ctl->data - cnf->data; set_bit(i, cnf->state); if (cnf == &ipv4_devconf_dflt) - devinet_copy_dflt_conf(i); + devinet_copy_dflt_conf(net, i); } return ret; @@ -1298,6 +1299,7 @@ static int devinet_conf_sysctl(ctl_table *table, int __user *name, int nlen, void __user *newval, size_t newlen) { struct ipv4_devconf *cnf; + struct net *net; int *valp = table->data; int new; int i; @@ -1333,12 +1335,13 @@ static int devinet_conf_sysctl(ctl_table *table, int __user *name, int nlen, *valp = new; cnf = table->extra1; + net = table->extra2; i = (int *)table->data - cnf->data; set_bit(i, cnf->state); if (cnf == &ipv4_devconf_dflt) - devinet_copy_dflt_conf(i); + devinet_copy_dflt_conf(net, i); return 1; } @@ -1352,8 +1355,10 @@ static int devinet_sysctl_forward(ctl_table *ctl, int write, int ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos); if (write && *valp != val) { + struct net *net = ctl->extra2; + if (valp == &IPV4_DEVCONF_ALL(FORWARDING)) - inet_forward_change(); + inet_forward_change(net); else if (valp != &IPV4_DEVCONF_DFLT(FORWARDING)) rt_cache_flush(0); } @@ -1477,6 +1482,7 @@ static int __devinet_sysctl_register(struct net *net, char *dev_name, for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; t->devinet_vars[i].extra1 = p; + t->devinet_vars[i].extra2 = net; } /* @@ -1524,8 +1530,8 @@ static void devinet_sysctl_register(struct in_device *idev) { neigh_sysctl_register(idev->dev, idev->arp_parms, NET_IPV4, NET_IPV4_NEIGH, "ipv4", NULL, NULL); - __devinet_sysctl_register(idev->dev->name, idev->dev->ifindex, - &idev->cnf); + __devinet_sysctl_register(idev->dev->nd_net, idev->dev->name, + idev->dev->ifindex, &idev->cnf); } static void devinet_sysctl_unregister(struct in_device *idev) @@ -1546,6 +1552,7 @@ static struct ctl_table ctl_forward_entry[] = { .proc_handler = devinet_sysctl_forward, .strategy = devinet_conf_sysctl, .extra1 = &ipv4_devconf, + .extra2 = &init_net, }, { }, }; @@ -1565,9 +1572,9 @@ void __init devinet_init(void) rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL); rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr); #ifdef CONFIG_SYSCTL - __devinet_sysctl_register("all", NET_PROTO_CONF_ALL, + __devinet_sysctl_register(&init_net, "all", NET_PROTO_CONF_ALL, &ipv4_devconf); - __devinet_sysctl_register("default", NET_PROTO_CONF_DEFAULT, + __devinet_sysctl_register(&init_net, "default", NET_PROTO_CONF_DEFAULT, &ipv4_devconf_dflt); register_sysctl_paths(net_ipv4_path, ctl_forward_entry); #endif -- cgit v1.2.3 From 752d14dc6aa9d0fc8f3b25e5052596fb549e5157 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 16 Dec 2007 13:31:47 -0800 Subject: [IPV4]: Move the devinet pointers on the struct net This is the core. Add all and default pointers on the netns_ipv4 and register a new pernet subsys to initialize them. Also add the ctl_table_header to register the net.ipv4.ip_forward ctl. I don't allocate additional memory for init_net, but use global devinets. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- include/net/netns/ipv4.h | 6 +++ net/ipv4/devinet.c | 105 +++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 102 insertions(+), 9 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index ce830d57c35c..e06d7cfd6d64 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h @@ -4,6 +4,12 @@ #ifndef __NETNS_IPV4_H__ #define __NETNS_IPV4_H__ +struct ctl_table_header; +struct ipv4_devconf; + struct netns_ipv4 { + struct ctl_table_header *forw_hdr; + struct ipv4_devconf *devconf_all; + struct ipv4_devconf *devconf_dflt; }; #endif diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 8b2a44c4f82a..a2d48173828a 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -62,6 +62,7 @@ #include #include #include +#include struct ipv4_devconf ipv4_devconf = { .data = { @@ -1497,7 +1498,7 @@ static int __devinet_sysctl_register(struct net *net, char *dev_name, devinet_ctl_path[DEVINET_CTL_PATH_DEV].procname = t->dev_name; devinet_ctl_path[DEVINET_CTL_PATH_DEV].ctl_name = ctl_name; - t->sysctl_header = register_sysctl_paths(devinet_ctl_path, + t->sysctl_header = register_net_sysctl_table(net, devinet_ctl_path, t->devinet_vars); if (!t->sysctl_header) goto free_procname; @@ -1557,27 +1558,113 @@ static struct ctl_table ctl_forward_entry[] = { { }, }; -static __initdata struct ctl_path net_ipv4_path[] = { +static __net_initdata struct ctl_path net_ipv4_path[] = { { .procname = "net", .ctl_name = CTL_NET, }, { .procname = "ipv4", .ctl_name = NET_IPV4, }, { }, }; +static __net_init int devinet_init_net(struct net *net) +{ + int err; + struct ctl_table *tbl; + struct ipv4_devconf *all, *dflt; + struct ctl_table_header *forw_hdr; + + err = -ENOMEM; + all = &ipv4_devconf; + dflt = &ipv4_devconf_dflt; + tbl = ctl_forward_entry; + + if (net != &init_net) { + all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL); + if (all == NULL) + goto err_alloc_all; + + dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL); + if (dflt == NULL) + goto err_alloc_dflt; + + tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL); + if (tbl == NULL) + goto err_alloc_ctl; + + tbl[0].data = &all->data[NET_IPV4_CONF_FORWARDING - 1]; + tbl[0].extra1 = all; + tbl[0].extra2 = net; + } + +#ifdef CONFIG_SYSCTL + err = __devinet_sysctl_register(net, "all", + NET_PROTO_CONF_ALL, all); + if (err < 0) + goto err_reg_all; + + err = __devinet_sysctl_register(net, "default", + NET_PROTO_CONF_DEFAULT, dflt); + if (err < 0) + goto err_reg_dflt; + + err = -ENOMEM; + forw_hdr = register_net_sysctl_table(net, net_ipv4_path, tbl); + if (forw_hdr == NULL) + goto err_reg_ctl; +#endif + + net->ipv4.forw_hdr = forw_hdr; + net->ipv4.devconf_all = all; + net->ipv4.devconf_dflt = dflt; + return 0; + +#ifdef CONFIG_SYSCTL +err_reg_ctl: + __devinet_sysctl_unregister(dflt); +err_reg_dflt: + __devinet_sysctl_unregister(all); +err_reg_all: + if (tbl != ctl_forward_entry) + kfree(tbl); +#endif +err_alloc_ctl: + if (dflt != &ipv4_devconf_dflt) + kfree(dflt); +err_alloc_dflt: + if (all != &ipv4_devconf) + kfree(all); +err_alloc_all: + return err; +} + +static __net_exit void devinet_exit_net(struct net *net) +{ + struct ctl_table *tbl; + + tbl = net->ipv4.forw_hdr->ctl_table_arg; +#ifdef CONFIG_SYSCTL + unregister_net_sysctl_table(net->ipv4.forw_hdr); + __devinet_sysctl_unregister(net->ipv4.devconf_dflt); + __devinet_sysctl_unregister(net->ipv4.devconf_all); +#endif + kfree(tbl); + kfree(net->ipv4.devconf_dflt); + kfree(net->ipv4.devconf_all); +} + +static __net_initdata struct pernet_operations devinet_ops = { + .init = devinet_init_net, + .exit = devinet_exit_net, +}; + void __init devinet_init(void) { + register_pernet_subsys(&devinet_ops); + register_gifconf(PF_INET, inet_gifconf); register_netdevice_notifier(&ip_netdev_notifier); rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL); rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL); rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr); -#ifdef CONFIG_SYSCTL - __devinet_sysctl_register(&init_net, "all", NET_PROTO_CONF_ALL, - &ipv4_devconf); - __devinet_sysctl_register(&init_net, "default", NET_PROTO_CONF_DEFAULT, - &ipv4_devconf_dflt); - register_sysctl_paths(net_ipv4_path, ctl_forward_entry); -#endif } EXPORT_SYMBOL(in_dev_finish_destroy); -- cgit v1.2.3 From 9355bbd685bf705a7f7bd6470b92ca0562c7a661 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 16 Dec 2007 13:32:16 -0800 Subject: [IPV4]: Switch users of ipv4_devconf_dflt to use the pernet one They are all collected in the net/ipv4/devinet.c file and mostly use the IPV4_DEVCONF_DFLT macro. So I add the net parameter to it and patch users accordingly. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- net/ipv4/devinet.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index a2d48173828a..4c01c55c381d 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -83,7 +83,8 @@ static struct ipv4_devconf ipv4_devconf_dflt = { }, }; -#define IPV4_DEVCONF_DFLT(attr) IPV4_DEVCONF(ipv4_devconf_dflt, attr) +#define IPV4_DEVCONF_DFLT(net, attr) \ + IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr) static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = { [IFA_LOCAL] = { .type = NLA_U32 }, @@ -164,7 +165,8 @@ static struct in_device *inetdev_init(struct net_device *dev) if (!in_dev) goto out; INIT_RCU_HEAD(&in_dev->rcu_head); - memcpy(&in_dev->cnf, &ipv4_devconf_dflt, sizeof(in_dev->cnf)); + memcpy(&in_dev->cnf, dev->nd_net->ipv4.devconf_dflt, + sizeof(in_dev->cnf)); in_dev->cnf.sysctl = NULL; in_dev->dev = dev; if ((in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl)) == NULL) @@ -1247,7 +1249,7 @@ static void devinet_copy_dflt_conf(struct net *net, int i) rcu_read_lock(); in_dev = __in_dev_get_rcu(dev); if (in_dev && !test_bit(i, in_dev->cnf.state)) - in_dev->cnf.data[i] = ipv4_devconf_dflt.data[i]; + in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i]; rcu_read_unlock(); } read_unlock(&dev_base_lock); @@ -1259,7 +1261,7 @@ static void inet_forward_change(struct net *net) int on = IPV4_DEVCONF_ALL(FORWARDING); IPV4_DEVCONF_ALL(ACCEPT_REDIRECTS) = !on; - IPV4_DEVCONF_DFLT(FORWARDING) = on; + IPV4_DEVCONF_DFLT(net, FORWARDING) = on; read_lock(&dev_base_lock); for_each_netdev(net, dev) { @@ -1288,7 +1290,7 @@ static int devinet_conf_proc(ctl_table *ctl, int write, set_bit(i, cnf->state); - if (cnf == &ipv4_devconf_dflt) + if (cnf == net->ipv4.devconf_dflt) devinet_copy_dflt_conf(net, i); } @@ -1341,7 +1343,7 @@ static int devinet_conf_sysctl(ctl_table *table, int __user *name, int nlen, set_bit(i, cnf->state); - if (cnf == &ipv4_devconf_dflt) + if (cnf == net->ipv4.devconf_dflt) devinet_copy_dflt_conf(net, i); return 1; @@ -1360,7 +1362,7 @@ static int devinet_sysctl_forward(ctl_table *ctl, int write, if (valp == &IPV4_DEVCONF_ALL(FORWARDING)) inet_forward_change(net); - else if (valp != &IPV4_DEVCONF_DFLT(FORWARDING)) + else if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) rt_cache_flush(0); } -- cgit v1.2.3 From 586f12115264b767ea6a48ce081ca25a39c1e3dd Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sun, 16 Dec 2007 13:32:48 -0800 Subject: [IPV4]: Switch users of ipv4_devconf(_all) to use the pernet one These are scattered over the code, but almost all the "critical" places already have the proper struct net at hand except for snmp proc showing function and routing rtnl handler. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- include/linux/inetdevice.h | 12 ++++++++---- net/ipv4/arp.c | 4 ++-- net/ipv4/devinet.c | 6 +++--- net/ipv4/igmp.c | 4 ++-- net/ipv4/ipmr.c | 4 ++-- net/ipv4/proc.c | 3 ++- net/ipv4/route.c | 2 +- 7 files changed, 20 insertions(+), 15 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index 962a062b44ff..b3c5081de02d 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h @@ -44,7 +44,8 @@ struct in_device }; #define IPV4_DEVCONF(cnf, attr) ((cnf).data[NET_IPV4_CONF_ ## attr - 1]) -#define IPV4_DEVCONF_ALL(attr) IPV4_DEVCONF(ipv4_devconf, attr) +#define IPV4_DEVCONF_ALL(net, attr) \ + IPV4_DEVCONF((*(net)->ipv4.devconf_all), attr) static inline int ipv4_devconf_get(struct in_device *in_dev, int index) { @@ -71,11 +72,14 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev) ipv4_devconf_set((in_dev), NET_IPV4_CONF_ ## attr, (val)) #define IN_DEV_ANDCONF(in_dev, attr) \ - (IPV4_DEVCONF_ALL(attr) && IN_DEV_CONF_GET((in_dev), attr)) + (IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr) && \ + IN_DEV_CONF_GET((in_dev), attr)) #define IN_DEV_ORCONF(in_dev, attr) \ - (IPV4_DEVCONF_ALL(attr) || IN_DEV_CONF_GET((in_dev), attr)) + (IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr) || \ + IN_DEV_CONF_GET((in_dev), attr)) #define IN_DEV_MAXCONF(in_dev, attr) \ - (max(IPV4_DEVCONF_ALL(attr), IN_DEV_CONF_GET((in_dev), attr))) + (max(IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr), \ + IN_DEV_CONF_GET((in_dev), attr))) #define IN_DEV_FORWARD(in_dev) IN_DEV_CONF_GET((in_dev), FORWARDING) #define IN_DEV_MFORWARD(in_dev) IN_DEV_ANDCONF((in_dev), MC_FORWARDING) diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 5daf504ba3b3..1102fb3d8018 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -860,7 +860,7 @@ static int arp_process(struct sk_buff *skb) n = __neigh_lookup(&arp_tbl, &sip, dev, 0); - if (IPV4_DEVCONF_ALL(ARP_ACCEPT)) { + if (IPV4_DEVCONF_ALL(dev->nd_net, ARP_ACCEPT)) { /* Unsolicited ARP is not accepted by default. It is possible, that this option should be enabled for some devices (strip is candidate) @@ -955,7 +955,7 @@ out_of_mem: static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on) { if (dev == NULL) { - IPV4_DEVCONF_ALL(PROXY_ARP) = on; + IPV4_DEVCONF_ALL(net, PROXY_ARP) = on; return 0; } if (__in_dev_get_rtnl(dev)) { diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 4c01c55c381d..1f21f4a2df86 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1258,9 +1258,9 @@ static void devinet_copy_dflt_conf(struct net *net, int i) static void inet_forward_change(struct net *net) { struct net_device *dev; - int on = IPV4_DEVCONF_ALL(FORWARDING); + int on = IPV4_DEVCONF_ALL(net, FORWARDING); - IPV4_DEVCONF_ALL(ACCEPT_REDIRECTS) = !on; + IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on; IPV4_DEVCONF_DFLT(net, FORWARDING) = on; read_lock(&dev_base_lock); @@ -1360,7 +1360,7 @@ static int devinet_sysctl_forward(ctl_table *ctl, int write, if (write && *valp != val) { struct net *net = ctl->extra2; - if (valp == &IPV4_DEVCONF_ALL(FORWARDING)) + if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) inet_forward_change(net); else if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) rt_cache_flush(0); diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index c560a9392b1d..d3d5906e1b3d 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c @@ -130,12 +130,12 @@ */ #define IGMP_V1_SEEN(in_dev) \ - (IPV4_DEVCONF_ALL(FORCE_IGMP_VERSION) == 1 || \ + (IPV4_DEVCONF_ALL(in_dev->dev->nd_net, FORCE_IGMP_VERSION) == 1 || \ IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \ ((in_dev)->mr_v1_seen && \ time_before(jiffies, (in_dev)->mr_v1_seen))) #define IGMP_V2_SEEN(in_dev) \ - (IPV4_DEVCONF_ALL(FORCE_IGMP_VERSION) == 2 || \ + (IPV4_DEVCONF_ALL(in_dev->dev->nd_net, FORCE_IGMP_VERSION) == 2 || \ IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \ ((in_dev)->mr_v2_seen && \ time_before(jiffies, (in_dev)->mr_v2_seen))) diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 11879283ad52..9947f523862e 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -849,7 +849,7 @@ static void mrtsock_destruct(struct sock *sk) { rtnl_lock(); if (sk == mroute_socket) { - IPV4_DEVCONF_ALL(MC_FORWARDING)--; + IPV4_DEVCONF_ALL(sk->sk_net, MC_FORWARDING)--; write_lock_bh(&mrt_lock); mroute_socket=NULL; @@ -898,7 +898,7 @@ int ip_mroute_setsockopt(struct sock *sk,int optname,char __user *optval,int opt mroute_socket=sk; write_unlock_bh(&mrt_lock); - IPV4_DEVCONF_ALL(MC_FORWARDING)++; + IPV4_DEVCONF_ALL(sk->sk_net, MC_FORWARDING)++; } rtnl_unlock(); return ret; diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c index ce34b281803f..41734db677be 100644 --- a/net/ipv4/proc.c +++ b/net/ipv4/proc.c @@ -309,7 +309,8 @@ static int snmp_seq_show(struct seq_file *seq, void *v) seq_printf(seq, " %s", snmp4_ipstats_list[i].name); seq_printf(seq, "\nIp: %d %d", - IPV4_DEVCONF_ALL(FORWARDING) ? 1 : 2, sysctl_ip_default_ttl); + IPV4_DEVCONF_ALL(&init_net, FORWARDING) ? 1 : 2, + sysctl_ip_default_ttl); for (i = 0; snmp4_ipstats_list[i].name != NULL; i++) seq_printf(seq, " %lu", diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 1b70ffd12615..36c7add8de84 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2619,7 +2619,7 @@ static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event, __be32 dst = rt->rt_dst; if (MULTICAST(dst) && !LOCAL_MCAST(dst) && - IPV4_DEVCONF_ALL(MC_FORWARDING)) { + IPV4_DEVCONF_ALL(&init_net, MC_FORWARDING)) { int err = ipmr_get_route(skb, r, nowait); if (err <= 0) { if (!nowait) { -- cgit v1.2.3 From f97c1e0c6ebdb606c97b6cb5e837c6110ac5a961 Mon Sep 17 00:00:00 2001 From: Joe Perches Date: Sun, 16 Dec 2007 13:45:43 -0800 Subject: [IPV4] net/ipv4: Use ipv4_is_ Signed-off-by: Joe Perches Signed-off-by: David S. Miller --- net/ipv4/arp.c | 2 +- net/ipv4/datagram.c | 2 +- net/ipv4/devinet.c | 4 ++-- net/ipv4/fib_frontend.c | 6 +++--- net/ipv4/igmp.c | 12 ++++++------ net/ipv4/ip_gre.c | 23 ++++++++++++---------- net/ipv4/ipmr.c | 6 +++--- net/ipv4/raw.c | 2 +- net/ipv4/route.c | 52 +++++++++++++++++++++++++++---------------------- net/ipv4/udp.c | 2 +- 10 files changed, 60 insertions(+), 51 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 1102fb3d8018..fdf12d1c350e 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -777,7 +777,7 @@ static int arp_process(struct sk_buff *skb) * Check for bad requests for 127.x.x.x and requests for multicast * addresses. If this is one such, delete it. */ - if (LOOPBACK(tip) || MULTICAST(tip)) + if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip)) goto out; /* diff --git a/net/ipv4/datagram.c b/net/ipv4/datagram.c index 0301dd468cf4..0c0c73f368ce 100644 --- a/net/ipv4/datagram.c +++ b/net/ipv4/datagram.c @@ -40,7 +40,7 @@ int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) oif = sk->sk_bound_dev_if; saddr = inet->saddr; - if (MULTICAST(usin->sin_addr.s_addr)) { + if (ipv4_is_multicast(usin->sin_addr.s_addr)) { if (!oif) oif = inet->mc_index; if (!saddr) diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 1f21f4a2df86..44cb252d2f61 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -404,7 +404,7 @@ static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa) in_dev_hold(in_dev); ifa->ifa_dev = in_dev; } - if (LOOPBACK(ifa->ifa_local)) + if (ipv4_is_loopback(ifa->ifa_local)) ifa->ifa_scope = RT_SCOPE_HOST; return inet_insert_ifa(ifa); } @@ -583,7 +583,7 @@ static __inline__ int inet_abc_len(__be32 addr) { int rc = -1; /* Something else, probably a multicast. */ - if (ZERONET(addr)) + if (ipv4_is_zeronet(addr)) rc = 0; else { __u32 haddr = ntohl(addr); diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index d90b42f3630c..ac6238a3b0fd 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -167,9 +167,9 @@ static inline unsigned __inet_dev_addr_type(const struct net_device *dev, unsigned ret = RTN_BROADCAST; struct fib_table *local_table; - if (ZERONET(addr) || BADCLASS(addr)) + if (ipv4_is_zeronet(addr) || ipv4_is_badclass(addr)) return RTN_BROADCAST; - if (MULTICAST(addr)) + if (ipv4_is_multicast(addr)) return RTN_MULTICAST; #ifdef CONFIG_IP_MULTIPLE_TABLES @@ -710,7 +710,7 @@ void fib_add_ifaddr(struct in_ifaddr *ifa) if (ifa->ifa_broadcast && ifa->ifa_broadcast != htonl(0xFFFFFFFF)) fib_magic(RTM_NEWROUTE, RTN_BROADCAST, ifa->ifa_broadcast, 32, prim); - if (!ZERONET(prefix) && !(ifa->ifa_flags&IFA_F_SECONDARY) && + if (!ipv4_is_zeronet(prefix) && !(ifa->ifa_flags&IFA_F_SECONDARY) && (prefix != addr || ifa->ifa_prefixlen < 32)) { fib_magic(RTM_NEWROUTE, dev->flags&IFF_LOOPBACK ? RTN_LOCAL : RTN_UNICAST, prefix, ifa->ifa_prefixlen, prim); diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index d3d5906e1b3d..285d26218a51 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c @@ -1742,7 +1742,7 @@ int ip_mc_join_group(struct sock *sk , struct ip_mreqn *imr) int ifindex; int count = 0; - if (!MULTICAST(addr)) + if (!ipv4_is_multicast(addr)) return -EINVAL; rtnl_lock(); @@ -1855,7 +1855,7 @@ int ip_mc_source(int add, int omode, struct sock *sk, struct int leavegroup = 0; int i, j, rv; - if (!MULTICAST(addr)) + if (!ipv4_is_multicast(addr)) return -EINVAL; rtnl_lock(); @@ -1985,7 +1985,7 @@ int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) struct ip_sf_socklist *newpsl, *psl; int leavegroup = 0; - if (!MULTICAST(addr)) + if (!ipv4_is_multicast(addr)) return -EINVAL; if (msf->imsf_fmode != MCAST_INCLUDE && msf->imsf_fmode != MCAST_EXCLUDE) @@ -2068,7 +2068,7 @@ int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, struct inet_sock *inet = inet_sk(sk); struct ip_sf_socklist *psl; - if (!MULTICAST(addr)) + if (!ipv4_is_multicast(addr)) return -EINVAL; rtnl_lock(); @@ -2130,7 +2130,7 @@ int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, if (psin->sin_family != AF_INET) return -EINVAL; addr = psin->sin_addr.s_addr; - if (!MULTICAST(addr)) + if (!ipv4_is_multicast(addr)) return -EINVAL; rtnl_lock(); @@ -2180,7 +2180,7 @@ int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, int dif) struct ip_sf_socklist *psl; int i; - if (!MULTICAST(loc_addr)) + if (!ipv4_is_multicast(loc_addr)) return 1; for (pmc=inet->mc_list; pmc; pmc=pmc->next) { diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 0832f6e028b8..8b81deb8ff1f 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -176,7 +176,8 @@ static struct ip_tunnel * ipgre_tunnel_lookup(__be32 remote, __be32 local, __be3 } for (t = tunnels_l[h1]; t; t = t->next) { if (local == t->parms.iph.saddr || - (local == t->parms.iph.daddr && MULTICAST(local))) { + (local == t->parms.iph.daddr && + ipv4_is_multicast(local))) { if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) return t; } @@ -201,7 +202,7 @@ static struct ip_tunnel **__ipgre_bucket(struct ip_tunnel_parm *parms) if (local) prio |= 1; - if (remote && !MULTICAST(remote)) { + if (remote && !ipv4_is_multicast(remote)) { prio |= 2; h ^= HASH(remote); } @@ -367,7 +368,8 @@ static void ipgre_err(struct sk_buff *skb, u32 info) read_lock(&ipgre_lock); t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((__be32*)p) + (grehlen>>2) - 1) : 0); - if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) + if (t == NULL || t->parms.iph.daddr == 0 || + ipv4_is_multicast(t->parms.iph.daddr)) goto out; if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) @@ -619,7 +621,7 @@ static int ipgre_rcv(struct sk_buff *skb) skb_postpull_rcsum(skb, skb_transport_header(skb), offset); skb->pkt_type = PACKET_HOST; #ifdef CONFIG_NET_IPGRE_BROADCAST - if (MULTICAST(iph->daddr)) { + if (ipv4_is_multicast(iph->daddr)) { /* Looped back packet, drop it! */ if (((struct rtable*)skb->dst)->fl.iif == 0) goto drop; @@ -783,7 +785,8 @@ static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) struct rt6_info *rt6 = (struct rt6_info*)skb->dst; if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { - if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || + if ((tunnel->parms.iph.daddr && + !ipv4_is_multicast(tunnel->parms.iph.daddr)) || rt6->rt6i_dst.plen == 128) { rt6->rt6i_flags |= RTF_MODIFIED; skb->dst->metrics[RTAX_MTU-1] = mtu; @@ -1009,7 +1012,7 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) t = netdev_priv(dev); - if (MULTICAST(p.iph.daddr)) + if (ipv4_is_multicast(p.iph.daddr)) nflags = IFF_BROADCAST; else if (p.iph.daddr) nflags = IFF_POINTOPOINT; @@ -1143,7 +1146,7 @@ static int ipgre_header(struct sk_buff *skb, struct net_device *dev, memcpy(&iph->daddr, daddr, 4); return t->hlen; } - if (iph->daddr && !MULTICAST(iph->daddr)) + if (iph->daddr && !ipv4_is_multicast(iph->daddr)) return t->hlen; return -t->hlen; @@ -1166,7 +1169,7 @@ static int ipgre_open(struct net_device *dev) { struct ip_tunnel *t = netdev_priv(dev); - if (MULTICAST(t->parms.iph.daddr)) { + if (ipv4_is_multicast(t->parms.iph.daddr)) { struct flowi fl = { .oif = t->parms.link, .nl_u = { .ip4_u = { .daddr = t->parms.iph.daddr, @@ -1189,7 +1192,7 @@ static int ipgre_open(struct net_device *dev) static int ipgre_close(struct net_device *dev) { struct ip_tunnel *t = netdev_priv(dev); - if (MULTICAST(t->parms.iph.daddr) && t->mlink) { + if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) { struct in_device *in_dev = inetdev_by_index(t->mlink); if (in_dev) { ip_mc_dec_group(in_dev, t->parms.iph.daddr); @@ -1236,7 +1239,7 @@ static int ipgre_tunnel_init(struct net_device *dev) if (iph->daddr) { #ifdef CONFIG_NET_IPGRE_BROADCAST - if (MULTICAST(iph->daddr)) { + if (ipv4_is_multicast(iph->daddr)) { if (!iph->saddr) return -EINVAL; dev->flags = IFF_BROADCAST; diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 9947f523862e..772daf77878f 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -749,7 +749,7 @@ static int ipmr_mfc_add(struct mfcctl *mfc, int mrtsock) return 0; } - if (!MULTICAST(mfc->mfcc_mcastgrp.s_addr)) + if (!ipv4_is_multicast(mfc->mfcc_mcastgrp.s_addr)) return -EINVAL; c=ipmr_cache_alloc(); @@ -1461,7 +1461,7 @@ int pim_rcv_v1(struct sk_buff * skb) b. packet is not a NULL-REGISTER c. packet is not truncated */ - if (!MULTICAST(encap->daddr) || + if (!ipv4_is_multicast(encap->daddr) || encap->tot_len == 0 || ntohs(encap->tot_len) + sizeof(*pim) > skb->len) goto drop; @@ -1517,7 +1517,7 @@ static int pim_rcv(struct sk_buff * skb) /* check if the inner packet is destined to mcast group */ encap = (struct iphdr *)(skb_transport_header(skb) + sizeof(struct pimreghdr)); - if (!MULTICAST(encap->daddr) || + if (!ipv4_is_multicast(encap->daddr) || encap->tot_len == 0 || ntohs(encap->tot_len) + sizeof(*pim) > skb->len) goto drop; diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c index 2ff8214a530b..5aec5a5e5f16 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c @@ -530,7 +530,7 @@ static int raw_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, if (msg->msg_flags & MSG_DONTROUTE) tos |= RTO_ONLINK; - if (MULTICAST(daddr)) { + if (ipv4_is_multicast(daddr)) { if (!ipc.oif) ipc.oif = inet->mc_index; if (!saddr) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 36c7add8de84..1cc6c23cf758 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -1154,7 +1154,8 @@ void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw, return; if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) - || MULTICAST(new_gw) || BADCLASS(new_gw) || ZERONET(new_gw)) + || ipv4_is_multicast(new_gw) || ipv4_is_badclass(new_gw) + || ipv4_is_zeronet(new_gw)) goto reject_redirect; if (!IN_DEV_SHARED_MEDIA(in_dev)) { @@ -1633,12 +1634,12 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, if (in_dev == NULL) return -EINVAL; - if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr) || - skb->protocol != htons(ETH_P_IP)) + if (ipv4_is_multicast(saddr) || ipv4_is_badclass(saddr) || + ipv4_is_loopback(saddr) || skb->protocol != htons(ETH_P_IP)) goto e_inval; - if (ZERONET(saddr)) { - if (!LOCAL_MCAST(daddr)) + if (ipv4_is_zeronet(saddr)) { + if (!ipv4_is_local_multicast(daddr)) goto e_inval; spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); } else if (fib_validate_source(saddr, 0, tos, 0, @@ -1680,7 +1681,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, } #ifdef CONFIG_IP_MROUTE - if (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev)) + if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev)) rth->u.dst.input = ip_mr_input; #endif RT_CACHE_STAT_INC(in_slow_mc); @@ -1890,7 +1891,8 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, by fib_lookup. */ - if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr)) + if (ipv4_is_multicast(saddr) || ipv4_is_badclass(saddr) || + ipv4_is_loopback(saddr)) goto martian_source; if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0)) @@ -1899,10 +1901,11 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, /* Accept zero addresses only to limited broadcast; * I even do not know to fix it or not. Waiting for complains :-) */ - if (ZERONET(saddr)) + if (ipv4_is_zeronet(saddr)) goto martian_source; - if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr)) + if (ipv4_is_badclass(daddr) || ipv4_is_zeronet(daddr) || + ipv4_is_loopback(daddr)) goto martian_destination; /* @@ -1949,7 +1952,7 @@ brd_input: if (skb->protocol != htons(ETH_P_IP)) goto e_inval; - if (ZERONET(saddr)) + if (ipv4_is_zeronet(saddr)) spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); else { err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst, @@ -2079,7 +2082,7 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr, Note, that multicast routers are not affected, because route cache entry is created eventually. */ - if (MULTICAST(daddr)) { + if (ipv4_is_multicast(daddr)) { struct in_device *in_dev; rcu_read_lock(); @@ -2088,7 +2091,8 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr, ip_hdr(skb)->protocol); if (our #ifdef CONFIG_IP_MROUTE - || (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev)) + || (!ipv4_is_local_multicast(daddr) && + IN_DEV_MFORWARD(in_dev)) #endif ) { rcu_read_unlock(); @@ -2114,14 +2118,14 @@ static inline int __mkroute_output(struct rtable **result, u32 tos = RT_FL_TOS(oldflp); int err = 0; - if (LOOPBACK(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK)) + if (ipv4_is_loopback(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK)) return -EINVAL; if (fl->fl4_dst == htonl(0xFFFFFFFF)) res->type = RTN_BROADCAST; - else if (MULTICAST(fl->fl4_dst)) + else if (ipv4_is_multicast(fl->fl4_dst)) res->type = RTN_MULTICAST; - else if (BADCLASS(fl->fl4_dst) || ZERONET(fl->fl4_dst)) + else if (ipv4_is_badclass(fl->fl4_dst) || ipv4_is_zeronet(fl->fl4_dst)) return -EINVAL; if (dev_out->flags & IFF_LOOPBACK) @@ -2201,7 +2205,7 @@ static inline int __mkroute_output(struct rtable **result, #ifdef CONFIG_IP_MROUTE if (res->type == RTN_MULTICAST) { if (IN_DEV_MFORWARD(in_dev) && - !LOCAL_MCAST(oldflp->fl4_dst)) { + !ipv4_is_local_multicast(oldflp->fl4_dst)) { rth->u.dst.input = ip_mr_input; rth->u.dst.output = ip_mc_output; } @@ -2271,9 +2275,9 @@ static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp) if (oldflp->fl4_src) { err = -EINVAL; - if (MULTICAST(oldflp->fl4_src) || - BADCLASS(oldflp->fl4_src) || - ZERONET(oldflp->fl4_src)) + if (ipv4_is_multicast(oldflp->fl4_src) || + ipv4_is_badclass(oldflp->fl4_src) || + ipv4_is_zeronet(oldflp->fl4_src)) goto out; /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */ @@ -2290,7 +2294,8 @@ static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp) */ if (oldflp->oif == 0 - && (MULTICAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF))) { + && (ipv4_is_multicast(oldflp->fl4_dst) || + oldflp->fl4_dst == htonl(0xFFFFFFFF))) { /* Special hack: user can direct multicasts and limited broadcast via necessary interface without fiddling with IP_MULTICAST_IF or IP_PKTINFO. @@ -2327,14 +2332,15 @@ static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp) goto out; /* Wrong error code */ } - if (LOCAL_MCAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF)) { + if (ipv4_is_local_multicast(oldflp->fl4_dst) || + oldflp->fl4_dst == htonl(0xFFFFFFFF)) { if (!fl.fl4_src) fl.fl4_src = inet_select_addr(dev_out, 0, RT_SCOPE_LINK); goto make_route; } if (!fl.fl4_src) { - if (MULTICAST(oldflp->fl4_dst)) + if (ipv4_is_multicast(oldflp->fl4_dst)) fl.fl4_src = inet_select_addr(dev_out, 0, fl.fl4_scope); else if (!oldflp->fl4_dst) @@ -2618,7 +2624,7 @@ static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event, #ifdef CONFIG_IP_MROUTE __be32 dst = rt->rt_dst; - if (MULTICAST(dst) && !LOCAL_MCAST(dst) && + if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) && IPV4_DEVCONF_ALL(&init_net, MC_FORWARDING)) { int err = ipmr_get_route(skb, r, nowait); if (err <= 0) { diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 3d6021585658..1ce6b60b7f93 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -626,7 +626,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, connected = 0; } - if (MULTICAST(daddr)) { + if (ipv4_is_multicast(daddr)) { if (!ipc.oif) ipc.oif = inet->mc_index; if (!saddr) -- cgit v1.2.3 From 2a75de0c1de2dde9ef41aeb45a21048681421b8a Mon Sep 17 00:00:00 2001 From: Eric Dumazet Date: Sat, 5 Jan 2008 23:08:49 -0800 Subject: [NETNS]: Should build with CONFIG_SYSCTL=n Previous NETNS patches broke CONFIG_SYSCTL=n case Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller --- include/net/netns/ipv4.h | 2 ++ net/ipv4/devinet.c | 17 ++++++++++------- 2 files changed, 12 insertions(+), 7 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index e06d7cfd6d64..61a28ff9440a 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h @@ -8,7 +8,9 @@ struct ctl_table_header; struct ipv4_devconf; struct netns_ipv4 { +#ifdef CONFIG_SYSCTL struct ctl_table_header *forw_hdr; +#endif struct ipv4_devconf *devconf_all; struct ipv4_devconf *devconf_dflt; }; diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 44cb252d2f61..03db15b10309 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1542,7 +1542,6 @@ static void devinet_sysctl_unregister(struct in_device *idev) __devinet_sysctl_unregister(&idev->cnf); neigh_sysctl_unregister(idev->arp_parms); } -#endif static struct ctl_table ctl_forward_entry[] = { { @@ -1565,18 +1564,20 @@ static __net_initdata struct ctl_path net_ipv4_path[] = { { .procname = "ipv4", .ctl_name = NET_IPV4, }, { }, }; +#endif static __net_init int devinet_init_net(struct net *net) { int err; - struct ctl_table *tbl; struct ipv4_devconf *all, *dflt; +#ifdef CONFIG_SYSCTL + struct ctl_table *tbl = ctl_forward_entry; struct ctl_table_header *forw_hdr; +#endif err = -ENOMEM; all = &ipv4_devconf; dflt = &ipv4_devconf_dflt; - tbl = ctl_forward_entry; if (net != &init_net) { all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL); @@ -1587,6 +1588,7 @@ static __net_init int devinet_init_net(struct net *net) if (dflt == NULL) goto err_alloc_dflt; +#ifdef CONFIG_SYSCTL tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL); if (tbl == NULL) goto err_alloc_ctl; @@ -1594,6 +1596,7 @@ static __net_init int devinet_init_net(struct net *net) tbl[0].data = &all->data[NET_IPV4_CONF_FORWARDING - 1]; tbl[0].extra1 = all; tbl[0].extra2 = net; +#endif } #ifdef CONFIG_SYSCTL @@ -1611,9 +1614,9 @@ static __net_init int devinet_init_net(struct net *net) forw_hdr = register_net_sysctl_table(net, net_ipv4_path, tbl); if (forw_hdr == NULL) goto err_reg_ctl; + net->ipv4.forw_hdr = forw_hdr; #endif - net->ipv4.forw_hdr = forw_hdr; net->ipv4.devconf_all = all; net->ipv4.devconf_dflt = dflt; return 0; @@ -1626,8 +1629,8 @@ err_reg_dflt: err_reg_all: if (tbl != ctl_forward_entry) kfree(tbl); -#endif err_alloc_ctl: +#endif if (dflt != &ipv4_devconf_dflt) kfree(dflt); err_alloc_dflt: @@ -1639,15 +1642,15 @@ err_alloc_all: static __net_exit void devinet_exit_net(struct net *net) { +#ifdef CONFIG_SYSCTL struct ctl_table *tbl; tbl = net->ipv4.forw_hdr->ctl_table_arg; -#ifdef CONFIG_SYSCTL unregister_net_sysctl_table(net->ipv4.forw_hdr); __devinet_sysctl_unregister(net->ipv4.devconf_dflt); __devinet_sysctl_unregister(net->ipv4.devconf_all); -#endif kfree(tbl); +#endif kfree(net->ipv4.devconf_dflt); kfree(net->ipv4.devconf_all); } -- cgit v1.2.3 From 9bd85e32644d4d3744117b0a196ad4382f8acf35 Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Mon, 14 Jan 2008 23:05:55 -0800 Subject: [IPV4]: Remove extra argument from arp_ignore. arp_ignore has two arguments: dev & in_dev. dev is used for inet_confirm_addr calling only. inet_confirm_addr, in turn, either gets in_dev from the device passed or iterates over all network devices if the device passed is NULL. It seems logical to directly pass in_dev into inet_confirm_addr. Signed-off-by: Denis V. Lunev Signed-off-by: David S. Miller --- include/linux/inetdevice.h | 2 +- net/ipv4/arp.c | 11 +++++------ net/ipv4/devinet.c | 17 ++++++----------- 3 files changed, 12 insertions(+), 18 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index b3c5081de02d..45f373107530 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h @@ -135,7 +135,7 @@ extern int devinet_ioctl(unsigned int cmd, void __user *); extern void devinet_init(void); extern struct in_device *inetdev_by_index(int); extern __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope); -extern __be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope); +extern __be32 inet_confirm_addr(struct in_device *in_dev, __be32 dst, __be32 local, int scope); extern struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, __be32 mask); static __inline__ int inet_ifa_match(__be32 addr, struct in_ifaddr *ifa) diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 357e8987146b..6f0827b2b154 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -382,8 +382,7 @@ static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb) read_unlock_bh(&neigh->lock); } -static int arp_ignore(struct in_device *in_dev, struct net_device *dev, - __be32 sip, __be32 tip) +static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) { int scope; @@ -403,7 +402,7 @@ static int arp_ignore(struct in_device *in_dev, struct net_device *dev, case 3: /* Do not reply for scope host addresses */ sip = 0; scope = RT_SCOPE_LINK; - dev = NULL; + in_dev = NULL; break; case 4: /* Reserved */ case 5: @@ -415,7 +414,7 @@ static int arp_ignore(struct in_device *in_dev, struct net_device *dev, default: return 0; } - return !inet_confirm_addr(dev, sip, tip, scope); + return !inet_confirm_addr(in_dev, sip, tip, scope); } static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) @@ -807,7 +806,7 @@ static int arp_process(struct sk_buff *skb) if (sip == 0) { if (arp->ar_op == htons(ARPOP_REQUEST) && inet_addr_type(&init_net, tip) == RTN_LOCAL && - !arp_ignore(in_dev,dev,sip,tip)) + !arp_ignore(in_dev, sip, tip)) arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha, dev->dev_addr, sha); goto out; @@ -825,7 +824,7 @@ static int arp_process(struct sk_buff *skb) int dont_send = 0; if (!dont_send) - dont_send |= arp_ignore(in_dev,dev,sip,tip); + dont_send |= arp_ignore(in_dev,sip,tip); if (!dont_send && IN_DEV_ARPFILTER(in_dev)) dont_send |= arp_filter(sip,tip,dev); if (!dont_send) diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 03db15b10309..dc1665a2b075 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -968,24 +968,19 @@ static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, /* * Confirm that local IP address exists using wildcards: - * - dev: only on this interface, 0=any interface + * - in_dev: only on this interface, 0=any interface * - dst: only in the same subnet as dst, 0=any dst * - local: address, 0=autoselect the local address * - scope: maximum allowed scope value for the local address */ -__be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope) +__be32 inet_confirm_addr(struct in_device *in_dev, + __be32 dst, __be32 local, int scope) { __be32 addr = 0; - struct in_device *in_dev; - - if (dev) { - rcu_read_lock(); - if ((in_dev = __in_dev_get_rcu(dev))) - addr = confirm_addr_indev(in_dev, dst, local, scope); - rcu_read_unlock(); + struct net_device *dev; - return addr; - } + if (in_dev != NULL) + return confirm_addr_indev(in_dev, dst, local, scope); read_lock(&dev_base_lock); rcu_read_lock(); -- cgit v1.2.3 From 39a6d06300128d32f361f4f790beba0ca83730eb Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Mon, 14 Jan 2008 23:06:19 -0800 Subject: [NETNS]: Process inet_confirm_addr in the correct namespace. inet_confirm_addr can be called with NULL in_dev from arp_ignore iff scope is RT_SCOPE_LINK. Lets always pass the device and check for RT_SCOPE_LINK scope inside inet_confirm_addr. This let us take network namespace from in_device a need for an additional argument. Signed-off-by: Denis V. Lunev Signed-off-by: David S. Miller --- net/ipv4/arp.c | 1 - net/ipv4/devinet.c | 6 ++++-- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 6f0827b2b154..b2c19cb12063 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -402,7 +402,6 @@ static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) case 3: /* Do not reply for scope host addresses */ sip = 0; scope = RT_SCOPE_LINK; - in_dev = NULL; break; case 4: /* Reserved */ case 5: diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index dc1665a2b075..e381edb19b23 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -978,13 +978,15 @@ __be32 inet_confirm_addr(struct in_device *in_dev, { __be32 addr = 0; struct net_device *dev; + struct net *net; - if (in_dev != NULL) + if (scope != RT_SCOPE_LINK) return confirm_addr_indev(in_dev, dst, local, scope); + net = in_dev->dev->nd_net; read_lock(&dev_base_lock); rcu_read_lock(); - for_each_netdev(&init_net, dev) { + for_each_netdev(net, dev) { if ((in_dev = __in_dev_get_rcu(dev))) { addr = confirm_addr_indev(in_dev, dst, local, scope); if (addr) -- cgit v1.2.3 From 7fee0ca23711ce1a6b13d3ab78915809a72a59ec Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Mon, 21 Jan 2008 17:32:38 -0800 Subject: [NETNS]: Add netns parameter to inetdev_by_index. Signed-off-by: Denis V. Lunev Signed-off-by: David S. Miller --- include/linux/inetdevice.h | 2 +- net/ipv4/devinet.c | 6 +++--- net/ipv4/fib_semantics.c | 2 +- net/ipv4/igmp.c | 4 ++-- net/ipv4/ip_gre.c | 3 ++- 5 files changed, 9 insertions(+), 8 deletions(-) (limited to 'net/ipv4/devinet.c') diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index 45f373107530..e74a2ee8ee2a 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h @@ -133,7 +133,7 @@ extern struct net_device *ip_dev_find(__be32 addr); extern int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b); extern int devinet_ioctl(unsigned int cmd, void __user *); extern void devinet_init(void); -extern struct in_device *inetdev_by_index(int); +extern struct in_device *inetdev_by_index(struct net *, int); extern __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope); extern __be32 inet_confirm_addr(struct in_device *in_dev, __be32 dst, __be32 local, int scope); extern struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, __be32 mask); diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index e381edb19b23..21f71bf912d5 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -409,12 +409,12 @@ static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa) return inet_insert_ifa(ifa); } -struct in_device *inetdev_by_index(int ifindex) +struct in_device *inetdev_by_index(struct net *net, int ifindex) { struct net_device *dev; struct in_device *in_dev = NULL; read_lock(&dev_base_lock); - dev = __dev_get_by_index(&init_net, ifindex); + dev = __dev_get_by_index(net, ifindex); if (dev) in_dev = in_dev_get(dev); read_unlock(&dev_base_lock); @@ -454,7 +454,7 @@ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg goto errout; ifm = nlmsg_data(nlh); - in_dev = inetdev_by_index(ifm->ifa_index); + in_dev = inetdev_by_index(net, ifm->ifa_index); if (in_dev == NULL) { err = -ENODEV; goto errout; diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index ecd91c60975f..8b47e112ae5c 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -583,7 +583,7 @@ out: if (nh->nh_flags&(RTNH_F_PERVASIVE|RTNH_F_ONLINK)) return -EINVAL; - in_dev = inetdev_by_index(nh->nh_oif); + in_dev = inetdev_by_index(&init_net, nh->nh_oif); if (in_dev == NULL) return -ENODEV; if (!(in_dev->dev->flags&IFF_UP)) { diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index 016cfdb184f3..928bc3284554 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c @@ -1389,7 +1389,7 @@ static struct in_device * ip_mc_find_dev(struct ip_mreqn *imr) struct in_device *idev = NULL; if (imr->imr_ifindex) { - idev = inetdev_by_index(imr->imr_ifindex); + idev = inetdev_by_index(&init_net, imr->imr_ifindex); if (idev) __in_dev_put(idev); return idev; @@ -2222,7 +2222,7 @@ void ip_mc_drop_socket(struct sock *sk) struct in_device *in_dev; inet->mc_list = iml->next; - in_dev = inetdev_by_index(iml->multi.imr_ifindex); + in_dev = inetdev_by_index(&init_net, iml->multi.imr_ifindex); (void) ip_mc_leave_src(sk, iml, in_dev); if (in_dev != NULL) { ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr); diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 8b81deb8ff1f..a74983d8c89c 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -1193,7 +1193,8 @@ static int ipgre_close(struct net_device *dev) { struct ip_tunnel *t = netdev_priv(dev); if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) { - struct in_device *in_dev = inetdev_by_index(t->mlink); + struct in_device *in_dev; + in_dev = inetdev_by_index(dev->nd_net, t->mlink); if (in_dev) { ip_mc_dec_group(in_dev, t->parms.iph.daddr); in_dev_put(in_dev); -- cgit v1.2.3