[mirror_frr.git] / lib / netns_linux.c

/*
 * NS functions.
 * Copyright (C) 2014 6WIND S.A.
 *
 * This file is part of GNU Zebra.
 *
 * GNU Zebra is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published
 * by the Free Software Foundation; either version 2, or (at your
 * option) any later version.
 *
 * GNU Zebra is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; see the file COPYING; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <zebra.h>

#ifdef HAVE_NETNS
#undef _GNU_SOURCE
#define _GNU_SOURCE

#include <sched.h>
#endif

/* for basename */
#include <libgen.h>

#include "if.h"
#include "ns.h"
#include "log.h"
#include "memory.h"
#include "command.h"
#include "vty.h"
#include "vrf.h"
#include "lib_errors.h"

DEFINE_MTYPE_STATIC(LIB, NS, "NetNS Context")
DEFINE_MTYPE_STATIC(LIB, NS_NAME, "NetNS Name")

/* default NS ID value used when VRF backend is not NETNS */
#define NS_DEFAULT_INTERNAL 0

static inline int ns_compare(const struct ns *ns, const struct ns *ns2);
static struct ns *ns_lookup_name_internal(const char *name);

RB_GENERATE(ns_head, ns, entry, ns_compare)

struct ns_head ns_tree = RB_INITIALIZER(&ns_tree);

static struct ns *default_ns;
static int ns_current_ns_fd;
static int ns_default_ns_fd;

static int ns_debug;

struct ns_map_nsid {
	RB_ENTRY(ns_map_nsid) id_entry;
	ns_id_t ns_id_external;
	ns_id_t ns_id;
};

static inline int ns_map_compare(const struct ns_map_nsid *a,
				   const struct ns_map_nsid *b)
{
	return (a->ns_id - b->ns_id);
}

RB_HEAD(ns_map_nsid_head, ns_map_nsid);
RB_PROTOTYPE(ns_map_nsid_head, ns_map_nsid, id_entry, ns_map_compare);
RB_GENERATE(ns_map_nsid_head, ns_map_nsid, id_entry, ns_map_compare);
struct ns_map_nsid_head ns_map_nsid_list = RB_INITIALIZER(&ns_map_nsid_list);

static ns_id_t ns_id_external_numbering;


#ifndef CLONE_NEWNET
#define CLONE_NEWNET 0x40000000
/* New network namespace (lo, device, names sockets, etc) */
#endif

#ifndef HAVE_SETNS
static inline int setns(int fd, int nstype)
{
#ifdef __NR_setns
	return syscall(__NR_setns, fd, nstype);
#else
	errno = EINVAL;
	return -1;
#endif
}
#endif /* !HAVE_SETNS */

#ifdef HAVE_NETNS
static int have_netns_enabled = -1;
#endif /* HAVE_NETNS */

/* default NS ID value used when VRF backend is not NETNS */
#define NS_DEFAULT_INTERNAL 0

static int have_netns(void)
{
#ifdef HAVE_NETNS
	if (have_netns_enabled < 0) {
		int fd = open(NS_DEFAULT_NAME, O_RDONLY);

		if (fd < 0)
			have_netns_enabled = 0;
		else {
			have_netns_enabled = 1;
			close(fd);
		}
	}
	return have_netns_enabled;
#else
	return 0;
#endif
}

/* Holding NS hooks  */
struct ns_master {
	int (*ns_new_hook)(struct ns *ns);
	int (*ns_delete_hook)(struct ns *ns);
	int (*ns_enable_hook)(struct ns *ns);
	int (*ns_disable_hook)(struct ns *ns);
} ns_master = {
	0,
};

static int ns_is_enabled(struct ns *ns);

static inline int ns_compare(const struct ns *a, const struct ns *b)
{
	return (a->ns_id - b->ns_id);
}

/* Look up a NS by identifier. */
static struct ns *ns_lookup_internal(ns_id_t ns_id)
{
	struct ns ns;

	ns.ns_id = ns_id;
	return RB_FIND(ns_head, &ns_tree, &ns);
}

/* Look up a NS by name */
static struct ns *ns_lookup_name_internal(const char *name)
{
	struct ns *ns = NULL;

	RB_FOREACH (ns, ns_head, &ns_tree) {
		if (ns->name != NULL) {
			if (strcmp(name, ns->name) == 0)
				return ns;
		}
	}
	return NULL;
}

static struct ns *ns_get_created_internal(struct ns *ns, char *name,
					  ns_id_t ns_id)
{
	int created = 0;
	/*
	 * Initialize interfaces.
	 */
	if (!ns && !name && ns_id != NS_UNKNOWN)
		ns = ns_lookup_internal(ns_id);
	if (!ns && name)
		ns = ns_lookup_name_internal(name);
	if (!ns) {
		ns = XCALLOC(MTYPE_NS, sizeof(struct ns));
		ns->ns_id = ns_id;
		if (name)
			ns->name = XSTRDUP(MTYPE_NS_NAME, name);
		ns->fd = -1;
		RB_INSERT(ns_head, &ns_tree, ns);
		created = 1;
	}
	if (ns_id != ns->ns_id) {
		RB_REMOVE(ns_head, &ns_tree, ns);
		ns->ns_id = ns_id;
		RB_INSERT(ns_head, &ns_tree, ns);
	}
	if (!created)
		return ns;
	if (ns_debug) {
		if (ns->ns_id != NS_UNKNOWN)
			zlog_info("NS %u is created.", ns->ns_id);
		else
			zlog_info("NS %s is created.", ns->name);
	}
	if (ns_master.ns_new_hook)
		(*ns_master.ns_new_hook)(ns);
	return ns;
}

/*
 * Enable a NS - that is, let the NS be ready to use.
 * The NS_ENABLE_HOOK callback will be called to inform
 * that they can allocate resources in this NS.
 *
 * RETURN: 1 - enabled successfully; otherwise, 0.
 */
static int ns_enable_internal(struct ns *ns, void (*func)(ns_id_t, void *))
{
	if (!ns_is_enabled(ns)) {
		if (have_netns()) {
			ns->fd = open(ns->name, O_RDONLY);
		} else {
			ns->fd = -2;
			/* Remember ns_enable_hook has been called */
			errno = -ENOTSUP;
		}

		if (!ns_is_enabled(ns)) {
			flog_err_sys(EC_LIB_SYSTEM_CALL,
				     "Can not enable NS %u: %s!", ns->ns_id,
				     safe_strerror(errno));
			return 0;
		}

		/* Non default NS. leave */
		if (ns->ns_id == NS_UNKNOWN) {
			flog_err(EC_LIB_NS,
				 "Can not enable NS %s %u: Invalid NSID",
				 ns->name, ns->ns_id);
			return 0;
		}
		if (func)
			func(ns->ns_id, (void *)ns->vrf_ctxt);
		if (ns_debug) {
			if (have_netns())
				zlog_info("NS %u is associated with NETNS %s.",
					  ns->ns_id, ns->name);
			zlog_info("NS %u is enabled.", ns->ns_id);
		}
		/* zebra first receives NS enable event,
		 * then VRF enable event
		 */
		if (ns_master.ns_enable_hook)
			(*ns_master.ns_enable_hook)(ns);
	}

	return 1;
}

/*
 * Check whether the NS is enabled - that is, whether the NS
 * is ready to allocate resources. Currently there's only one
 * type of resource: socket.
 */
static int ns_is_enabled(struct ns *ns)
{
	if (have_netns())
		return ns && ns->fd >= 0;
	else
		return ns && ns->fd == -2 && ns->ns_id == NS_DEFAULT;
}

/*
 * Disable a NS - that is, let the NS be unusable.
 * The NS_DELETE_HOOK callback will be called to inform
 * that they must release the resources in the NS.
 */
static void ns_disable_internal(struct ns *ns)
{
	if (ns_is_enabled(ns)) {
		if (ns_debug)
			zlog_info("NS %u is to be disabled.", ns->ns_id);

		if (ns_master.ns_disable_hook)
			(*ns_master.ns_disable_hook)(ns);

		if (have_netns())
			close(ns->fd);

		ns->fd = -1;
	}
}

/* VRF list existance check by name. */
static struct ns_map_nsid *ns_map_nsid_lookup_by_nsid(ns_id_t ns_id)
{
	struct ns_map_nsid ns_map;

	ns_map.ns_id = ns_id;
	return RB_FIND(ns_map_nsid_head, &ns_map_nsid_list, &ns_map);
}

ns_id_t ns_map_nsid_with_external(ns_id_t ns_id, bool map)
{
	struct ns_map_nsid *ns_map;
	vrf_id_t ns_id_external;

	ns_map = ns_map_nsid_lookup_by_nsid(ns_id);
	if (ns_map && !map) {
		ns_id_external = ns_map->ns_id_external;
		RB_REMOVE(ns_map_nsid_head, &ns_map_nsid_list, ns_map);
		return ns_id_external;
	}
	if (ns_map)
		return ns_map->ns_id_external;
	ns_map = XCALLOC(MTYPE_NS, sizeof(struct ns_map_nsid));
	/* increase vrf_id
	 * default vrf is the first one : 0
	 */
	ns_map->ns_id_external = ns_id_external_numbering++;
	ns_map->ns_id = ns_id;
	RB_INSERT(ns_map_nsid_head, &ns_map_nsid_list, ns_map);
	return ns_map->ns_id_external;
}

struct ns *ns_get_created(struct ns *ns, char *name, ns_id_t ns_id)
{
	return ns_get_created_internal(ns, name, ns_id);
}

int ns_have_netns(void)
{
	return have_netns();
}

/* Delete a NS. This is called in ns_terminate(). */
void ns_delete(struct ns *ns)
{
	if (ns_debug)
		zlog_info("NS %u is to be deleted.", ns->ns_id);

	ns_disable(ns);

	if (ns_master.ns_delete_hook)
		(*ns_master.ns_delete_hook)(ns);

	/*
	 * I'm not entirely sure if the vrf->iflist
	 * needs to be moved into here or not.
	 */
	// if_terminate (&ns->iflist);

	RB_REMOVE(ns_head, &ns_tree, ns);
	XFREE(MTYPE_NS_NAME, ns->name);

	XFREE(MTYPE_NS, ns);
}

/* Look up the data pointer of the specified VRF. */
void *ns_info_lookup(ns_id_t ns_id)
{
	struct ns *ns = ns_lookup_internal(ns_id);

	return ns ? ns->info : NULL;
}

/* Look up a NS by name */
struct ns *ns_lookup_name(const char *name)
{
	return ns_lookup_name_internal(name);
}

int ns_enable(struct ns *ns, void (*func)(ns_id_t, void *))
{
	return ns_enable_internal(ns, func);
}

void ns_disable(struct ns *ns)
{
	return ns_disable_internal(ns);
}

struct ns *ns_lookup(ns_id_t ns_id)
{
	return ns_lookup_internal(ns_id);
}

void ns_walk_func(int (*func)(struct ns *))
{
	struct ns *ns = NULL;

	RB_FOREACH (ns, ns_head, &ns_tree)
		func(ns);
}

const char *ns_get_name(struct ns *ns)
{
	if (!ns)
		return NULL;
	return ns->name;
}

/* Add a NS hook. Please add hooks before calling ns_init(). */
void ns_add_hook(int type, int (*func)(struct ns *))
{
	switch (type) {
	case NS_NEW_HOOK:
		ns_master.ns_new_hook = func;
		break;
	case NS_DELETE_HOOK:
		ns_master.ns_delete_hook = func;
		break;
	case NS_ENABLE_HOOK:
		ns_master.ns_enable_hook = func;
		break;
	case NS_DISABLE_HOOK:
		ns_master.ns_disable_hook = func;
		break;
	default:
		break;
	}
}

/*
 * NS realization with NETNS
 */

char *ns_netns_pathname(struct vty *vty, const char *name)
{
	static char pathname[PATH_MAX];
	char *result;
	char *check_base;

	if (name[0] == '/') /* absolute pathname */
		result = realpath(name, pathname);
	else {
		/* relevant pathname */
		char tmp_name[PATH_MAX];

		snprintf(tmp_name, PATH_MAX, "%s/%s", NS_RUN_DIR, name);
		result = realpath(tmp_name, pathname);
	}

	if (!result) {
		if (vty)
			vty_out(vty, "Invalid pathname for %s: %s\n",
				pathname,
				safe_strerror(errno));
		else
			flog_warn(EC_LIB_LINUX_NS,
				  "Invalid pathname for %s: %s", pathname,
				  safe_strerror(errno));
		return NULL;
	}
	check_base = basename(pathname);
	if (check_base != NULL && strlen(check_base) + 1 > NS_NAMSIZ) {
		if (vty)
			vty_out(vty, "NS name (%s) invalid: too long (>%d)\n",
				check_base, NS_NAMSIZ - 1);
		else
			flog_warn(EC_LIB_LINUX_NS,
				  "NS name (%s) invalid: too long (>%d)",
				  check_base, NS_NAMSIZ - 1);
		return NULL;
	}
	return pathname;
}

void ns_init(void)
{
	static int ns_initialised;

	ns_debug = 0;
	/* silently return as initialisation done */
	if (ns_initialised == 1)
		return;
	errno = 0;
	if (have_netns())
		ns_default_ns_fd = open(NS_DEFAULT_NAME, O_RDONLY);
	else {
		ns_default_ns_fd = -1;
		default_ns = NULL;
	}
	ns_current_ns_fd = -1;
	ns_initialised = 1;
}

/* Initialize NS module. */
void ns_init_management(ns_id_t default_ns_id, ns_id_t internal_ns)
{
	int fd;

	ns_init();
	default_ns = ns_get_created_internal(NULL, NULL, default_ns_id);
	if (!default_ns) {
		flog_err(EC_LIB_NS, "%s: failed to create the default NS!",
			 __func__);
		exit(1);
	}
	if (have_netns()) {
		fd = open(NS_DEFAULT_NAME, O_RDONLY);
		default_ns->fd = fd;
	}
	default_ns->internal_ns_id = internal_ns;

	/* Set the default NS name. */
	default_ns->name = XSTRDUP(MTYPE_NS_NAME, NS_DEFAULT_NAME);
	if (ns_debug)
		zlog_info("%s: default NSID is %u", __func__,
			  default_ns->ns_id);

	/* Enable the default NS. */
	if (!ns_enable(default_ns, NULL)) {
		flog_err(EC_LIB_NS, "%s: failed to enable the default NS!",
			 __func__);
		exit(1);
	}
}

/* Terminate NS module. */
void ns_terminate(void)
{
	struct ns *ns;

	while (!RB_EMPTY(ns_head, &ns_tree)) {
		ns = RB_ROOT(ns_head, &ns_tree);

		ns_delete(ns);
	}
}

int ns_switch_to_netns(const char *name)
{
	int ret;
	int fd;

	if (name == NULL)
		return -1;
	if (ns_default_ns_fd == -1)
		return -1;
	fd = open(name, O_RDONLY);
	if (fd == -1) {
		errno = EINVAL;
		return -1;
	}
	ret = setns(fd, CLONE_NEWNET);
	ns_current_ns_fd = fd;
	close(fd);
	return ret;
}

/* returns 1 if switch() was not called before
 * return status of setns() otherwise
 */
int ns_switchback_to_initial(void)
{
	if (ns_current_ns_fd != -1 && ns_default_ns_fd != -1) {
		int ret;

		ret = setns(ns_default_ns_fd, CLONE_NEWNET);
		ns_current_ns_fd = -1;
		return ret;
	}
	/* silently ignore if setns() is not called */
	return 1;
}

/* Create a socket for the NS. */
int ns_socket(int domain, int type, int protocol, ns_id_t ns_id)
{
	struct ns *ns = ns_lookup(ns_id);
	int ret;

	if (!ns || !ns_is_enabled(ns)) {
		errno = EINVAL;
		return -1;
	}
	if (have_netns()) {
		ret = (ns_id != NS_DEFAULT) ? setns(ns->fd, CLONE_NEWNET) : 0;
		if (ret >= 0) {
			ret = socket(domain, type, protocol);
			if (ns_id != NS_DEFAULT) {
				setns(ns_lookup(NS_DEFAULT)->fd, CLONE_NEWNET);
				ns_current_ns_fd = ns_id;
			}
		}
	} else
		ret = socket(domain, type, protocol);

	return ret;
}

ns_id_t ns_get_default_id(void)
{
	if (default_ns)
		return default_ns->ns_id;
	return NS_DEFAULT_INTERNAL;
}
Commit	Line	Data
32bcb8b0 DS	1	/*
	2	* NS functions.
	3	* Copyright (C) 2014 6WIND S.A.
	4	*
	5	* This file is part of GNU Zebra.
	6	*
	7	* GNU Zebra is free software; you can redistribute it and/or modify
	8	* it under the terms of the GNU General Public License as published
	9	* by the Free Software Foundation; either version 2, or (at your
	10	* option) any later version.
	11	*
	12	* GNU Zebra is distributed in the hope that it will be useful, but
	13	* WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	15	* General Public License for more details.
	16	*
896014f4 DL	17	* You should have received a copy of the GNU General Public License along
	18	* with this program; see the file COPYING; if not, write to the Free Software
	19	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
32bcb8b0 DS	20	*/
	21
	22	#include <zebra.h>
	23
13460c44	24	#ifdef HAVE_NETNS
d62a17ae	25	#undef _GNU_SOURCE
13460c44 FL	26	#define _GNU_SOURCE
	27
	28	#include <sched.h>
	29	#endif
	30
4691b65a PG	31	/* for basename */
	32	#include <libgen.h>
	33
32bcb8b0 DS	34	#include "if.h"
32bcb8b0 DS	35	#include "ns.h"
32bcb8b0 DS	36	#include "log.h"
32bcb8b0 DS	37	#include "memory.h"
13460c44 FL	38	#include "command.h"
13460c44 FL	39	#include "vty.h"
b95c1883	40	#include "vrf.h"
481bc15f	41	#include "lib_errors.h"
13460c44	42
b95c1883 PG	43	DEFINE_MTYPE_STATIC(LIB, NS, "NetNS Context")
b95c1883 PG	44	DEFINE_MTYPE_STATIC(LIB, NS_NAME, "NetNS Name")
13460c44	45
c214a6e9 PG	46	/* default NS ID value used when VRF backend is not NETNS */
	47	#define NS_DEFAULT_INTERNAL 0
	48
e26aedbe PG	49	static inline int ns_compare(const struct ns ns, const struct ns ns2);
e26aedbe PG	50	static struct ns ns_lookup_name_internal(const char name);
c7fdd84f	51
d62a17ae	52	RB_GENERATE(ns_head, ns, entry, ns_compare)
c7fdd84f	53
d62a17ae	54	struct ns_head ns_tree = RB_INITIALIZER(&ns_tree);
13460c44	55
ec31f30d	56	static struct ns *default_ns;
ce1be369 PG	57	static int ns_current_ns_fd;
	58	static int ns_default_ns_fd;
	59
a2c999f2 PG	60	static int ns_debug;
a2c999f2 PG	61
03aff2d8 PG	62	struct ns_map_nsid {
	63	RB_ENTRY(ns_map_nsid) id_entry;
	64	ns_id_t ns_id_external;
	65	ns_id_t ns_id;
	66	};
	67
1ea16e09	68	static inline int ns_map_compare(const struct ns_map_nsid *a,
03aff2d8 PG	69	const struct ns_map_nsid *b)
	70	{
	71	return (a->ns_id - b->ns_id);
	72	}
	73
	74	RB_HEAD(ns_map_nsid_head, ns_map_nsid);
	75	RB_PROTOTYPE(ns_map_nsid_head, ns_map_nsid, id_entry, ns_map_compare);
	76	RB_GENERATE(ns_map_nsid_head, ns_map_nsid, id_entry, ns_map_compare);
	77	struct ns_map_nsid_head ns_map_nsid_list = RB_INITIALIZER(&ns_map_nsid_list);
	78
	79	static ns_id_t ns_id_external_numbering;
	80
	81
13460c44	82	#ifndef CLONE_NEWNET
e26aedbe PG	83	#define CLONE_NEWNET 0x40000000
e26aedbe PG	84	/* New network namespace (lo, device, names sockets, etc) */
13460c44 FL	85	#endif
	86
	87	#ifndef HAVE_SETNS
	88	static inline int setns(int fd, int nstype)
	89	{
	90	#ifdef __NR_setns
d62a17ae	91	return syscall(__NR_setns, fd, nstype);
13460c44	92	#else
281da0a9	93	errno = EINVAL;
d62a17ae	94	return -1;
13460c44 FL	95	#endif
13460c44 FL	96	}
e26aedbe	97	#endif /* !HAVE_SETNS */
13460c44	98
c253dcb5	99	#ifdef HAVE_NETNS
c253dcb5	100	static int have_netns_enabled = -1;
13460c44 FL	101	#endif /* HAVE_NETNS */
13460c44 FL	102
ec31f30d PG	103	/* default NS ID value used when VRF backend is not NETNS */
	104	#define NS_DEFAULT_INTERNAL 0
	105
c253dcb5 ND	106	static int have_netns(void)
	107	{
	108	#ifdef HAVE_NETNS
d62a17ae	109	if (have_netns_enabled < 0) {
	110	int fd = open(NS_DEFAULT_NAME, O_RDONLY);
	111
	112	if (fd < 0)
	113	have_netns_enabled = 0;
	114	else {
	115	have_netns_enabled = 1;
	116	close(fd);
	117	}
	118	}
	119	return have_netns_enabled;
c253dcb5	120	#else
d62a17ae	121	return 0;
c253dcb5 ND	122	#endif
	123	}
	124
32bcb8b0	125	/* Holding NS hooks */
d62a17ae	126	struct ns_master {
3347430b PG	127	int (ns_new_hook)(struct ns ns);
	128	int (ns_delete_hook)(struct ns ns);
	129	int (ns_enable_hook)(struct ns ns);
	130	int (ns_disable_hook)(struct ns ns);
d62a17ae	131	} ns_master = {
	132	0,
	133	};
	134
	135	static int ns_is_enabled(struct ns *ns);
d62a17ae	136
e26aedbe	137	static inline int ns_compare(const struct ns a, const struct ns b)
32bcb8b0	138	{
d62a17ae	139	return (a->ns_id - b->ns_id);
32bcb8b0 DS	140	}
32bcb8b0 DS	141
32bcb8b0	142	/* Look up a NS by identifier. */
e26aedbe	143	static struct ns *ns_lookup_internal(ns_id_t ns_id)
32bcb8b0	144	{
d62a17ae	145	struct ns ns;
32bcb8b0	146
e26aedbe PG	147	ns.ns_id = ns_id;
e26aedbe PG	148	return RB_FIND(ns_head, &ns_tree, &ns);
81c9005f PG	149	}
81c9005f PG	150
b95c1883	151	/* Look up a NS by name */
e26aedbe	152	static struct ns ns_lookup_name_internal(const char name)
b95c1883 PG	153	{
	154	struct ns *ns = NULL;
	155
c485b14b	156	RB_FOREACH (ns, ns_head, &ns_tree) {
b95c1883 PG	157	if (ns->name != NULL) {
	158	if (strcmp(name, ns->name) == 0)
	159	return ns;
	160	}
	161	}
	162	return NULL;
	163	}
	164
e26aedbe PG	165	static struct ns ns_get_created_internal(struct ns ns, char *name,
e26aedbe PG	166	ns_id_t ns_id)
32bcb8b0	167	{
e26aedbe PG	168	int created = 0;
	169	/*
	170	* Initialize interfaces.
	171	*/
	172	if (!ns && !name && ns_id != NS_UNKNOWN)
	173	ns = ns_lookup_internal(ns_id);
	174	if (!ns && name)
	175	ns = ns_lookup_name_internal(name);
	176	if (!ns) {
	177	ns = XCALLOC(MTYPE_NS, sizeof(struct ns));
	178	ns->ns_id = ns_id;
	179	if (name)
	180	ns->name = XSTRDUP(MTYPE_NS_NAME, name);
	181	ns->fd = -1;
	182	RB_INSERT(ns_head, &ns_tree, ns);
	183	created = 1;
	184	}
	185	if (ns_id != ns->ns_id) {
	186	RB_REMOVE(ns_head, &ns_tree, ns);
	187	ns->ns_id = ns_id;
	188	RB_INSERT(ns_head, &ns_tree, ns);
	189	}
	190	if (!created)
	191	return ns;
a2c999f2 PG	192	if (ns_debug) {
	193	if (ns->ns_id != NS_UNKNOWN)
	194	zlog_info("NS %u is created.", ns->ns_id);
	195	else
	196	zlog_info("NS %s is created.", ns->name);
	197	}
e26aedbe	198	if (ns_master.ns_new_hook)
996c9314	199	(*ns_master.ns_new_hook)(ns);
e26aedbe	200	return ns;
32bcb8b0 DS	201	}
	202
	203	/*
	204	* Enable a NS - that is, let the NS be ready to use.
	205	* The NS_ENABLE_HOOK callback will be called to inform
	206	* that they can allocate resources in this NS.
	207	*
	208	* RETURN: 1 - enabled successfully; otherwise, 0.
	209	*/
e26aedbe	210	static int ns_enable_internal(struct ns ns, void (func)(ns_id_t, void *))
32bcb8b0	211	{
d62a17ae	212	if (!ns_is_enabled(ns)) {
	213	if (have_netns()) {
	214	ns->fd = open(ns->name, O_RDONLY);
	215	} else {
e26aedbe PG	216	ns->fd = -2;
e26aedbe PG	217	/* Remember ns_enable_hook has been called */
d62a17ae	218	errno = -ENOTSUP;
	219	}
	220
	221	if (!ns_is_enabled(ns)) {
450971aa	222	flog_err_sys(EC_LIB_SYSTEM_CALL,
09c866e3 QY	223	"Can not enable NS %u: %s!", ns->ns_id,
09c866e3 QY	224	safe_strerror(errno));
d62a17ae	225	return 0;
	226	}
	227
697d3ec7 PG	228	/* Non default NS. leave */
697d3ec7 PG	229	if (ns->ns_id == NS_UNKNOWN) {
450971aa	230	flog_err(EC_LIB_NS,
1c50c1c0 QY	231	"Can not enable NS %s %u: Invalid NSID",
1c50c1c0 QY	232	ns->name, ns->ns_id);
697d3ec7 PG	233	return 0;
697d3ec7 PG	234	}
e26aedbe PG	235	if (func)
e26aedbe PG	236	func(ns->ns_id, (void *)ns->vrf_ctxt);
a2c999f2 PG	237	if (ns_debug) {
	238	if (have_netns())
	239	zlog_info("NS %u is associated with NETNS %s.",
	240	ns->ns_id, ns->name);
	241	zlog_info("NS %u is enabled.", ns->ns_id);
	242	}
697d3ec7 PG	243	/* zebra first receives NS enable event,
	244	* then VRF enable event
	245	*/
d62a17ae	246	if (ns_master.ns_enable_hook)
3347430b	247	(*ns_master.ns_enable_hook)(ns);
d62a17ae	248	}
	249
	250	return 1;
32bcb8b0 DS	251	}
32bcb8b0 DS	252
e26aedbe PG	253	/*
	254	* Check whether the NS is enabled - that is, whether the NS
	255	* is ready to allocate resources. Currently there's only one
	256	* type of resource: socket.
	257	*/
	258	static int ns_is_enabled(struct ns *ns)
	259	{
	260	if (have_netns())
	261	return ns && ns->fd >= 0;
	262	else
	263	return ns && ns->fd == -2 && ns->ns_id == NS_DEFAULT;
	264	}
	265
32bcb8b0 DS	266	/*
	267	* Disable a NS - that is, let the NS be unusable.
	268	* The NS_DELETE_HOOK callback will be called to inform
	269	* that they must release the resources in the NS.
	270	*/
e26aedbe	271	static void ns_disable_internal(struct ns *ns)
32bcb8b0	272	{
d62a17ae	273	if (ns_is_enabled(ns)) {
a2c999f2	274	if (ns_debug)
996c9314	275	zlog_info("NS %u is to be disabled.", ns->ns_id);
32bcb8b0	276
d62a17ae	277	if (ns_master.ns_disable_hook)
3347430b	278	(*ns_master.ns_disable_hook)(ns);
13460c44	279
d62a17ae	280	if (have_netns())
d62a17ae	281	close(ns->fd);
c253dcb5	282
d62a17ae	283	ns->fd = -1;
d62a17ae	284	}
32bcb8b0 DS	285	}
32bcb8b0 DS	286
03aff2d8 PG	287	/* VRF list existance check by name. */
	288	static struct ns_map_nsid *ns_map_nsid_lookup_by_nsid(ns_id_t ns_id)
	289	{
	290	struct ns_map_nsid ns_map;
	291
	292	ns_map.ns_id = ns_id;
1ea16e09	293	return RB_FIND(ns_map_nsid_head, &ns_map_nsid_list, &ns_map);
03aff2d8 PG	294	}
03aff2d8 PG	295
f0295a54	296	ns_id_t ns_map_nsid_with_external(ns_id_t ns_id, bool map)
03aff2d8 PG	297	{
	298	struct ns_map_nsid *ns_map;
	299	vrf_id_t ns_id_external;
	300
	301	ns_map = ns_map_nsid_lookup_by_nsid(ns_id);
f0295a54	302	if (ns_map && !map) {
03aff2d8 PG	303	ns_id_external = ns_map->ns_id_external;
	304	RB_REMOVE(ns_map_nsid_head, &ns_map_nsid_list, ns_map);
	305	return ns_id_external;
	306	}
	307	if (ns_map)
	308	return ns_map->ns_id_external;
	309	ns_map = XCALLOC(MTYPE_NS, sizeof(struct ns_map_nsid));
	310	/* increase vrf_id
	311	* default vrf is the first one : 0
	312	*/
	313	ns_map->ns_id_external = ns_id_external_numbering++;
	314	ns_map->ns_id = ns_id;
	315	RB_INSERT(ns_map_nsid_head, &ns_map_nsid_list, ns_map);
	316	return ns_map->ns_id_external;
	317	}
	318
e26aedbe PG	319	struct ns ns_get_created(struct ns ns, char *name, ns_id_t ns_id)
	320	{
	321	return ns_get_created_internal(ns, name, ns_id);
	322	}
	323
	324	int ns_have_netns(void)
	325	{
	326	return have_netns();
	327	}
	328
	329	/* Delete a NS. This is called in ns_terminate(). */
	330	void ns_delete(struct ns *ns)
	331	{
a2c999f2 PG	332	if (ns_debug)
a2c999f2 PG	333	zlog_info("NS %u is to be deleted.", ns->ns_id);
e26aedbe PG	334
	335	ns_disable(ns);
	336
	337	if (ns_master.ns_delete_hook)
	338	(*ns_master.ns_delete_hook)(ns);
	339
	340	/*
	341	* I'm not entirely sure if the vrf->iflist
	342	* needs to be moved into here or not.
	343	*/
	344	// if_terminate (&ns->iflist);
	345
	346	RB_REMOVE(ns_head, &ns_tree, ns);
0a22ddfb	347	XFREE(MTYPE_NS_NAME, ns->name);
e26aedbe PG	348
	349	XFREE(MTYPE_NS, ns);
	350	}
	351
	352	/* Look up the data pointer of the specified VRF. */
996c9314	353	void *ns_info_lookup(ns_id_t ns_id)
e26aedbe PG	354	{
	355	struct ns *ns = ns_lookup_internal(ns_id);
	356
	357	return ns ? ns->info : NULL;
	358	}
	359
	360	/* Look up a NS by name */
	361	struct ns ns_lookup_name(const char name)
	362	{
	363	return ns_lookup_name_internal(name);
	364	}
	365
	366	int ns_enable(struct ns ns, void (func)(ns_id_t, void *))
	367	{
	368	return ns_enable_internal(ns, func);
	369	}
	370
	371	void ns_disable(struct ns *ns)
	372	{
	373	return ns_disable_internal(ns);
	374	}
	375
	376	struct ns *ns_lookup(ns_id_t ns_id)
	377	{
	378	return ns_lookup_internal(ns_id);
	379	}
	380
	381	void ns_walk_func(int (func)(struct ns ))
	382	{
	383	struct ns *ns = NULL;
	384
c485b14b	385	RB_FOREACH (ns, ns_head, &ns_tree)
e26aedbe PG	386	func(ns);
	387	}
	388
	389	const char ns_get_name(struct ns ns)
	390	{
	391	if (!ns)
	392	return NULL;
	393	return ns->name;
	394	}
32bcb8b0 DS	395
32bcb8b0 DS	396	/* Add a NS hook. Please add hooks before calling ns_init(). */
3347430b	397	void ns_add_hook(int type, int (func)(struct ns ))
32bcb8b0	398	{
d62a17ae	399	switch (type) {
	400	case NS_NEW_HOOK:
	401	ns_master.ns_new_hook = func;
	402	break;
	403	case NS_DELETE_HOOK:
	404	ns_master.ns_delete_hook = func;
	405	break;
	406	case NS_ENABLE_HOOK:
	407	ns_master.ns_enable_hook = func;
	408	break;
	409	case NS_DISABLE_HOOK:
	410	ns_master.ns_disable_hook = func;
	411	break;
	412	default:
	413	break;
	414	}
32bcb8b0 DS	415	}
32bcb8b0 DS	416
13460c44 FL	417	/*
	418	* NS realization with NETNS
	419	*/
	420
697d3ec7	421	char ns_netns_pathname(struct vty vty, const char *name)
13460c44	422	{
d62a17ae	423	static char pathname[PATH_MAX];
d62a17ae	424	char *result;
4691b65a	425	char *check_base;
d62a17ae	426
	427	if (name[0] == '/') /* absolute pathname */
	428	result = realpath(name, pathname);
e26aedbe PG	429	else {
e26aedbe PG	430	/* relevant pathname */
d62a17ae	431	char tmp_name[PATH_MAX];
e26aedbe	432
d62a17ae	433	snprintf(tmp_name, PATH_MAX, "%s/%s", NS_RUN_DIR, name);
	434	result = realpath(tmp_name, pathname);
	435	}
	436
	437	if (!result) {
697d3ec7	438	if (vty)
0faeba26 PG	439	vty_out(vty, "Invalid pathname for %s: %s\n",
0faeba26 PG	440	pathname,
697d3ec7	441	safe_strerror(errno));
4691b65a	442	else
450971aa	443	flog_warn(EC_LIB_LINUX_NS,
8b895cd3	444	"Invalid pathname for %s: %s", pathname,
0faeba26	445	safe_strerror(errno));
4691b65a PG	446	return NULL;
	447	}
	448	check_base = basename(pathname);
	449	if (check_base != NULL && strlen(check_base) + 1 > NS_NAMSIZ) {
	450	if (vty)
e26aedbe	451	vty_out(vty, "NS name (%s) invalid: too long (>%d)\n",
996c9314	452	check_base, NS_NAMSIZ - 1);
4691b65a	453	else
450971aa	454	flog_warn(EC_LIB_LINUX_NS,
8b895cd3	455	"NS name (%s) invalid: too long (>%d)",
996c9314	456	check_base, NS_NAMSIZ - 1);
d62a17ae	457	return NULL;
	458	}
	459	return pathname;
13460c44 FL	460	}
13460c44 FL	461
ce1be369 PG	462	void ns_init(void)
ce1be369 PG	463	{
e26aedbe PG	464	static int ns_initialised;
e26aedbe PG	465
a2c999f2	466	ns_debug = 0;
e26aedbe PG	467	/* silently return as initialisation done */
	468	if (ns_initialised == 1)
	469	return;
	470	errno = 0;
2ed3953c	471	if (have_netns())
ce1be369	472	ns_default_ns_fd = open(NS_DEFAULT_NAME, O_RDONLY);
2ed3953c	473	else {
e26aedbe	474	ns_default_ns_fd = -1;
c214a6e9 PG	475	default_ns = NULL;
c214a6e9 PG	476	}
e26aedbe PG	477	ns_current_ns_fd = -1;
e26aedbe PG	478	ns_initialised = 1;
ce1be369 PG	479	}
ce1be369 PG	480
32bcb8b0	481	/* Initialize NS module. */
03aff2d8	482	void ns_init_management(ns_id_t default_ns_id, ns_id_t internal_ns)
32bcb8b0	483	{
ec31f30d	484	int fd;
d62a17ae	485
ce1be369	486	ns_init();
e26aedbe	487	default_ns = ns_get_created_internal(NULL, NULL, default_ns_id);
d62a17ae	488	if (!default_ns) {
450971aa	489	flog_err(EC_LIB_NS, "%s: failed to create the default NS!",
1c50c1c0	490	__func__);
d62a17ae	491	exit(1);
d62a17ae	492	}
ec31f30d PG	493	if (have_netns()) {
	494	fd = open(NS_DEFAULT_NAME, O_RDONLY);
	495	default_ns->fd = fd;
	496	}
03aff2d8 PG	497	default_ns->internal_ns_id = internal_ns;
03aff2d8 PG	498
d62a17ae	499	/* Set the default NS name. */
d62a17ae	500	default_ns->name = XSTRDUP(MTYPE_NS_NAME, NS_DEFAULT_NAME);
a2c999f2	501	if (ns_debug)
996c9314 LB	502	zlog_info("%s: default NSID is %u", __func__,
996c9314 LB	503	default_ns->ns_id);
d62a17ae	504
d62a17ae	505	/* Enable the default NS. */
e26aedbe	506	if (!ns_enable(default_ns, NULL)) {
450971aa	507	flog_err(EC_LIB_NS, "%s: failed to enable the default NS!",
1c50c1c0	508	__func__);
d62a17ae	509	exit(1);
d62a17ae	510	}
32bcb8b0 DS	511	}
	512
	513	/* Terminate NS module. */
d62a17ae	514	void ns_terminate(void)
32bcb8b0	515	{
d62a17ae	516	struct ns *ns;
32bcb8b0	517
55cd0f61 DS	518	while (!RB_EMPTY(ns_head, &ns_tree)) {
	519	ns = RB_ROOT(ns_head, &ns_tree);
	520
d62a17ae	521	ns_delete(ns);
55cd0f61	522	}
32bcb8b0 DS	523	}
32bcb8b0 DS	524
ce1be369 PG	525	int ns_switch_to_netns(const char *name)
	526	{
	527	int ret;
	528	int fd;
	529
	530	if (name == NULL)
	531	return -1;
e26aedbe PG	532	if (ns_default_ns_fd == -1)
e26aedbe PG	533	return -1;
ce1be369 PG	534	fd = open(name, O_RDONLY);
ce1be369 PG	535	if (fd == -1) {
281da0a9	536	errno = EINVAL;
ce1be369 PG	537	return -1;
	538	}
	539	ret = setns(fd, CLONE_NEWNET);
	540	ns_current_ns_fd = fd;
	541	close(fd);
	542	return ret;
	543	}
	544
	545	/* returns 1 if switch() was not called before
	546	* return status of setns() otherwise
	547	*/
	548	int ns_switchback_to_initial(void)
	549	{
e26aedbe	550	if (ns_current_ns_fd != -1 && ns_default_ns_fd != -1) {
ce1be369 PG	551	int ret;
	552
	553	ret = setns(ns_default_ns_fd, CLONE_NEWNET);
	554	ns_current_ns_fd = -1;
	555	return ret;
	556	}
	557	/* silently ignore if setns() is not called */
	558	return 1;
	559	}
	560
32bcb8b0	561	/* Create a socket for the NS. */
d62a17ae	562	int ns_socket(int domain, int type, int protocol, ns_id_t ns_id)
32bcb8b0	563	{
d62a17ae	564	struct ns *ns = ns_lookup(ns_id);
fe533c56	565	int ret;
d62a17ae	566
fe533c56	567	if (!ns \|\| !ns_is_enabled(ns)) {
281da0a9	568	errno = EINVAL;
d62a17ae	569	return -1;
d62a17ae	570	}
d62a17ae	571	if (have_netns()) {
	572	ret = (ns_id != NS_DEFAULT) ? setns(ns->fd, CLONE_NEWNET) : 0;
	573	if (ret >= 0) {
	574	ret = socket(domain, type, protocol);
ce1be369	575	if (ns_id != NS_DEFAULT) {
d62a17ae	576	setns(ns_lookup(NS_DEFAULT)->fd, CLONE_NEWNET);
ce1be369 PG	577	ns_current_ns_fd = ns_id;
ce1be369 PG	578	}
d62a17ae	579	}
	580	} else
	581	ret = socket(domain, type, protocol);
	582
	583	return ret;
32bcb8b0	584	}
ec31f30d PG	585
	586	ns_id_t ns_get_default_id(void)
	587	{
	588	if (default_ns)
	589	return default_ns->ns_id;
c214a6e9	590	return NS_DEFAULT_INTERNAL;
ec31f30d	591	}