int single_open_net(struct inode *inode, struct file *file,
int (*show)(struct seq_file *, void *))
{
int err;
struct net *net;
if (gr_proc_is_restricted())
return -EACCES;
err = -ENXIO;
net = get_proc_net(inode);
if (net == NULL)
goto err_net;
err = single_open(file, show, net);
if (err < 0)
goto err_open;
return 0;
err_open:
put_net(net);
err_net:
return err;
}
static int sockstat_seq_release(struct inode *inode, struct file *file)
{
struct net *net = ((struct seq_file *)file->private_data)->private;
put_net(net);
return single_release(inode, file);
}
int seq_open_net(struct inode *ino, struct file *f,
const struct seq_operations *ops, int size)
{
struct net *net;
struct seq_net_private *p;
BUG_ON(size < sizeof(*p));
/* only permit access to /proc/net/dev */
if (
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
ops != ipv6_seq_ops_addr &&
#endif
ops != &dev_seq_ops && gr_proc_is_restricted())
return -EACCES;
net = get_proc_net(ino);
if (net == NULL)
return -ENXIO;
p = __seq_open_private(f, ops, size);
if (p == NULL) {
put_net(net);
return -ENOMEM;
}
#ifdef CONFIG_NET_NS
p->net = net;
#endif
return 0;
}
static void nfulnl_instance_free_rcu(struct rcu_head *head)
{
struct nfulnl_instance *inst =
container_of(head, struct nfulnl_instance, rcu);
put_net(inst->net);
kfree(inst);
module_put(THIS_MODULE);
}
static void afs_destroy_sbi(struct afs_super_info *as)
{
if (as) {
afs_put_volume(as->cell, as->volume);
afs_put_cell(afs_net(as->net_ns), as->cell);
put_net(as->net_ns);
kfree(as);
}
}
int seq_release_net(struct inode *ino, struct file *f)
{
struct seq_file *seq;
seq = f->private_data;
put_net(seq_file_net(seq));
seq_release_private(ino, f);
return 0;
}
static int proc_tgid_net_readdir(struct file *file, struct dir_context *ctx)
{
int ret;
struct net *net;
ret = -EINVAL;
net = get_proc_task_net(file_inode(file));
if (net != NULL) {
ret = proc_readdir_de(net->proc_net, file, ctx);
put_net(net);
}
return ret;
}
void free_nsproxy(struct nsproxy *ns)
{
if (ns->mnt_ns)
put_mnt_ns(ns->mnt_ns);
if (ns->uts_ns)
put_uts_ns(ns->uts_ns);
if (ns->ipc_ns)
put_ipc_ns(ns->ipc_ns);
if (ns->pid_ns)
put_pid_ns(ns->pid_ns);
put_net(ns->net_ns);
kmem_cache_free(nsproxy_cachep, ns);
}
static int proc_tgid_net_readdir(struct file *filp, void *dirent,
filldir_t filldir)
{
int ret;
struct net *net;
ret = -EINVAL;
net = get_proc_task_net(filp->f_path.dentry->d_inode);
if (net != NULL) {
ret = proc_readdir_de(net->proc_net, filp, dirent, filldir);
put_net(net);
}
return ret;
}
void free_nsproxy(struct nsproxy *ns)
{
if (ns->mnt_ns)
put_mnt_ns(ns->mnt_ns);
if (ns->uts_ns)
put_uts_ns(ns->uts_ns);
if (ns->ipc_ns)
put_ipc_ns(ns->ipc_ns);
if (ns->pid_ns_for_children)
put_pid_ns(ns->pid_ns_for_children);
put_cgroup_ns(ns->cgroup_ns);
put_net(ns->net_ns);
kmem_cache_free(nsproxy_cachep, ns);
}
static struct dentry *proc_tgid_net_lookup(struct inode *dir,
struct dentry *dentry, struct nameidata *nd)
{
struct dentry *de;
struct net *net;
de = ERR_PTR(-ENOENT);
net = get_proc_task_net(dir);
if (net != NULL) {
de = proc_lookup_de(net->proc_net, dir, dentry);
put_net(net);
}
return de;
}
static int proc_tgid_net_getattr(struct vfsmount *mnt, struct dentry *dentry,
struct kstat *stat)
{
struct inode *inode = dentry->d_inode;
struct net *net;
net = get_proc_task_net(inode);
generic_fillattr(inode, stat);
if (net != NULL) {
stat->nlink = net->proc_net->nlink;
put_net(net);
}
return 0;
}
static int sockstat_seq_open(struct inode *inode, struct file *file)
{
int err;
struct net *net;
err = -ENXIO;
net = get_proc_net(inode);
if (net == NULL)
goto err_net;
err = single_open(file, sockstat_seq_show, net);
if (err < 0)
goto err_open;
return 0;
err_open:
put_net(net);
err_net:
return err;
}
int seq_open_net(struct inode *ino, struct file *f,
const struct seq_operations *ops, int size)
{
struct net *net;
struct seq_net_private *p;
BUG_ON(size < sizeof(*p));
net = get_proc_net(ino);
if (net == NULL)
return -ENXIO;
p = __seq_open_private(f, ops, size);
if (p == NULL) {
put_net(net);
return -ENOMEM;
}
#ifdef CONFIG_NET_NS
p->net = net;
#endif
return 0;
}
/**
* put_fs_context - Dispose of a superblock configuration context.
* @fc: The context to dispose of.
*/
void put_fs_context(struct fs_context *fc)
{
struct super_block *sb;
if (fc->root) {
sb = fc->root->d_sb;
dput(fc->root);
fc->root = NULL;
deactivate_super(sb);
}
if (fc->need_free && fc->ops && fc->ops->free)
fc->ops->free(fc);
security_free_mnt_opts(&fc->security);
put_net(fc->net_ns);
put_user_ns(fc->user_ns);
put_cred(fc->cred);
kfree(fc->subtype);
put_fc_log(fc);
put_filesystem(fc->fs_type);
kfree(fc->source);
kfree(fc);
}
int sn_register_netdev(void *bar, struct sn_device *dev)
{
struct sn_conf_space *conf = bar;
int ret;
struct net *net = NULL; /* network namespace */
rtnl_lock();
if (conf->netns_fd >= 0) {
#if (LINUX_VERSION_CODE < KERNEL_VERSION(4,0,0))
log_err("'netns' option requires Linux kernel 4.0 or higher\n");
ret = -EINVAL;
goto fail_free;
#else
net = get_net_ns_by_fd(conf->netns_fd);
if (IS_ERR(net)) {
log_err("invalid or not a net namespace fd %d\n",
conf->netns_fd);
ret = PTR_ERR(net);
goto fail_free;
}
#endif
} else if (conf->container_pid) {
net = get_net_ns_by_pid(conf->container_pid);
if (IS_ERR(net)) {
log_err("cannot find namespace of pid %d\n",
conf->container_pid);
ret = PTR_ERR(net);
goto fail_free;
}
}
if (!IS_ERR_OR_NULL(net)) {
dev_net_set(dev->netdev, net);
put_net(net);
}
ret = register_netdevice(dev->netdev);
if (ret) {
log_err("%s: register_netdev() failed (ret = %d)\n",
dev->netdev->name, ret);
goto fail_free;
}
/* interface "UP" by default */
dev_open(dev->netdev);
strcpy(conf->ifname, dev->netdev->name);
log_info("%s: registered - %pM txq %d rxq %d\n",
dev->netdev->name,
dev->netdev->dev_addr,
dev->netdev->real_num_tx_queues,
dev->netdev->real_num_rx_queues);
rtnl_unlock();
return ret;
fail_free:
rtnl_unlock();
free_netdev(dev->netdev);
return ret;
}
static int vxcan_newlink(struct net *net, struct net_device *dev,
struct nlattr *tb[], struct nlattr *data[],
struct netlink_ext_ack *extack)
{
struct vxcan_priv *priv;
struct net_device *peer;
struct net *peer_net;
struct nlattr *peer_tb[IFLA_MAX + 1], **tbp = tb;
char ifname[IFNAMSIZ];
unsigned char name_assign_type;
struct ifinfomsg *ifmp = NULL;
int err;
/* register peer device */
if (data && data[VXCAN_INFO_PEER]) {
struct nlattr *nla_peer;
nla_peer = data[VXCAN_INFO_PEER];
ifmp = nla_data(nla_peer);
err = rtnl_nla_parse_ifla(peer_tb,
nla_data(nla_peer) +
sizeof(struct ifinfomsg),
nla_len(nla_peer) -
sizeof(struct ifinfomsg),
NULL);
if (err < 0)
return err;
tbp = peer_tb;
}
if (ifmp && tbp[IFLA_IFNAME]) {
nla_strlcpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
name_assign_type = NET_NAME_USER;
} else {
snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d");
name_assign_type = NET_NAME_ENUM;
}
peer_net = rtnl_link_get_net(net, tbp);
if (IS_ERR(peer_net))
return PTR_ERR(peer_net);
peer = rtnl_create_link(peer_net, ifname, name_assign_type,
&vxcan_link_ops, tbp);
if (IS_ERR(peer)) {
put_net(peer_net);
return PTR_ERR(peer);
}
if (ifmp && dev->ifindex)
peer->ifindex = ifmp->ifi_index;
err = register_netdevice(peer);
put_net(peer_net);
peer_net = NULL;
if (err < 0) {
free_netdev(peer);
return err;
}
netif_carrier_off(peer);
err = rtnl_configure_link(peer, ifmp);
if (err < 0)
goto unregister_network_device;
/* register first device */
if (tb[IFLA_IFNAME])
nla_strlcpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
else
snprintf(dev->name, IFNAMSIZ, DRV_NAME "%%d");
err = register_netdevice(dev);
if (err < 0)
goto unregister_network_device;
netif_carrier_off(dev);
/* cross link the device pair */
priv = netdev_priv(dev);
rcu_assign_pointer(priv->peer, peer);
priv = netdev_priv(peer);
rcu_assign_pointer(priv->peer, dev);
return 0;
unregister_network_device:
unregister_netdevice(peer);
return err;
}
static void destroy(void)
{
put_net(ns);
pool4db_put(pool);
}
static int veth_newlink(struct net *src_net, struct net_device *dev,
struct nlattr *tb[], struct nlattr *data[])
{
int err;
struct net_device *peer;
struct veth_priv *priv;
char ifname[IFNAMSIZ];
struct nlattr *peer_tb[IFLA_MAX + 1], **tbp;
struct net *net;
/*
* create and register peer first
*
* struct ifinfomsg is at the head of VETH_INFO_PEER, but we
* skip it since no info from it is useful yet
*/
if (data != NULL && data[VETH_INFO_PEER] != NULL) {
struct nlattr *nla_peer;
nla_peer = data[VETH_INFO_PEER];
err = nla_parse(peer_tb, IFLA_MAX,
nla_data(nla_peer) + sizeof(struct ifinfomsg),
nla_len(nla_peer) - sizeof(struct ifinfomsg),
ifla_policy);
if (err < 0)
return err;
err = veth_validate(peer_tb, NULL);
if (err < 0)
return err;
tbp = peer_tb;
} else
tbp = tb;
if (tbp[IFLA_IFNAME])
nla_strlcpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
else
snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d");
net = rtnl_link_get_net(src_net, tbp);
if (IS_ERR(net))
return PTR_ERR(net);
peer = rtnl_create_link(src_net, net, ifname, &veth_link_ops, tbp);
if (IS_ERR(peer)) {
put_net(net);
return PTR_ERR(peer);
}
if (tbp[IFLA_ADDRESS] == NULL)
random_ether_addr(peer->dev_addr);
err = register_netdevice(peer);
put_net(net);
net = NULL;
if (err < 0)
goto err_register_peer;
netif_carrier_off(peer);
/*
* register dev last
*
* note, that since we've registered new device the dev's name
* should be re-allocated
*/
if (tb[IFLA_ADDRESS] == NULL)
random_ether_addr(dev->dev_addr);
if (tb[IFLA_IFNAME])
nla_strlcpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
else
snprintf(dev->name, IFNAMSIZ, DRV_NAME "%%d");
if (strchr(dev->name, '%')) {
err = dev_alloc_name(dev, dev->name);
if (err < 0)
goto err_alloc_name;
}
err = register_netdevice(dev);
if (err < 0)
goto err_register_dev;
netif_carrier_off(dev);
/*
* tie the deviced together
*/
priv = netdev_priv(dev);
priv->peer = peer;
priv = netdev_priv(peer);
priv->peer = dev;
return 0;
err_register_dev:
/* nothing to do */
err_alloc_name:
unregister_netdevice(peer);
return err;
err_register_peer:
free_netdev(peer);
return err;
}
static int veth_newlink(struct net *src_net, struct net_device *dev,
struct nlattr *tb[], struct nlattr *data[])
{
int err;
struct net_device *peer;
struct veth_priv *priv;
char ifname[IFNAMSIZ];
struct nlattr *peer_tb[IFLA_MAX + 1], **tbp;
struct ifinfomsg *ifmp;
struct net *net;
/*
* create and register peer first
*/
if (data != NULL && data[VETH_INFO_PEER] != NULL) {
struct nlattr *nla_peer;
nla_peer = data[VETH_INFO_PEER];
ifmp = nla_data(nla_peer);
err = nla_parse(peer_tb, IFLA_MAX,
nla_data(nla_peer) + sizeof(struct ifinfomsg),
nla_len(nla_peer) - sizeof(struct ifinfomsg),
ifla_policy);
if (err < 0)
return err;
err = veth_validate(peer_tb, NULL);
if (err < 0)
return err;
tbp = peer_tb;
} else {
ifmp = NULL;
tbp = tb;
}
if (tbp[IFLA_IFNAME])
nla_strlcpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
else
snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d");
net = rtnl_link_get_net(src_net, tbp);
if (IS_ERR(net))
return PTR_ERR(net);
peer = rtnl_create_link(net, ifname, &veth_link_ops, tbp);
if (IS_ERR(peer)) {
put_net(net);
return PTR_ERR(peer);
}
if (tbp[IFLA_ADDRESS] == NULL)
eth_hw_addr_random(peer);
if (ifmp && (dev->ifindex != 0))
peer->ifindex = ifmp->ifi_index;
err = register_netdevice(peer);
put_net(net);
net = NULL;
if (err < 0)
goto err_register_peer;
netif_carrier_off(peer);
err = rtnl_configure_link(peer, ifmp);
if (err < 0)
goto err_configure_peer;
/*
* register dev last
*
* note, that since we've registered new device the dev's name
* should be re-allocated
*/
if (tb[IFLA_ADDRESS] == NULL)
eth_hw_addr_random(dev);
if (tb[IFLA_IFNAME])
nla_strlcpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
else
snprintf(dev->name, IFNAMSIZ, DRV_NAME "%%d");
err = register_netdevice(dev);
if (err < 0)
goto err_register_dev;
netif_carrier_off(dev);
/*
* tie the deviced together
*/
priv = netdev_priv(dev);
rcu_assign_pointer(priv->peer, peer);
priv = netdev_priv(peer);
rcu_assign_pointer(priv->peer, dev);
return 0;
err_register_dev:
/* nothing to do */
err_configure_peer:
unregister_netdevice(peer);
return err;
err_register_peer:
free_netdev(peer);
return err;
}
int sn_register_netdev(void *bar, struct sn_device *dev)
{
struct sn_conf_space *conf = bar;
int ret;
rtnl_lock();
ret = register_netdevice(dev->netdev);
if (ret) {
log_err("%s: register_netdev() failed (ret = %d)\n",
dev->netdev->name, ret);
goto fail_free;
}
if (conf->container_pid) {
struct net *net = NULL; /* network namespace */
net = get_net_ns_by_pid(conf->container_pid);
if (IS_ERR(net)) {
log_err("%s: cannot find namespace of pid %d\n",
dev->netdev->name,
conf->container_pid);
ret = PTR_ERR(net);
goto fail_unregister;
}
ret = dev_change_net_namespace(dev->netdev, net, NULL);
put_net(net);
if (ret) {
log_err("%s: fail to change namespace\n",
dev->netdev->name);
goto fail_unregister;
}
}
/* interface "UP" by default */
dev_open(dev->netdev);
strcpy(conf->ifname, dev->netdev->name);
log_info("%s: registered - %pM txq %d rxq %d\n",
dev->netdev->name,
dev->netdev->dev_addr,
dev->netdev->real_num_tx_queues,
dev->netdev->real_num_rx_queues);
rtnl_unlock();
return ret;
fail_unregister:
unregister_netdevice(dev->netdev);
fail_free:
rtnl_unlock();
free_netdev(dev->netdev);
return ret;
}
