]>
Commit | Line | Data |
---|---|---|
1 | #include <linux/workqueue.h> | |
2 | #include <linux/rtnetlink.h> | |
3 | #include <linux/cache.h> | |
4 | #include <linux/slab.h> | |
5 | #include <linux/list.h> | |
6 | #include <linux/delay.h> | |
7 | #include <linux/sched.h> | |
8 | #include <net/net_namespace.h> | |
9 | ||
10 | /* | |
11 | * Our network namespace constructor/destructor lists | |
12 | */ | |
13 | ||
14 | static LIST_HEAD(pernet_list); | |
15 | static struct list_head *first_device = &pernet_list; | |
16 | static DEFINE_MUTEX(net_mutex); | |
17 | ||
18 | static DEFINE_MUTEX(net_list_mutex); | |
19 | LIST_HEAD(net_namespace_list); | |
20 | ||
21 | static struct kmem_cache *net_cachep; | |
22 | ||
23 | struct net init_net; | |
24 | EXPORT_SYMBOL_GPL(init_net); | |
25 | ||
26 | void net_lock(void) | |
27 | { | |
28 | mutex_lock(&net_list_mutex); | |
29 | } | |
30 | ||
31 | void net_unlock(void) | |
32 | { | |
33 | mutex_unlock(&net_list_mutex); | |
34 | } | |
35 | ||
36 | static struct net *net_alloc(void) | |
37 | { | |
38 | return kmem_cache_alloc(net_cachep, GFP_KERNEL); | |
39 | } | |
40 | ||
41 | static void net_free(struct net *net) | |
42 | { | |
43 | if (!net) | |
44 | return; | |
45 | ||
46 | if (unlikely(atomic_read(&net->use_count) != 0)) { | |
47 | printk(KERN_EMERG "network namespace not free! Usage: %d\n", | |
48 | atomic_read(&net->use_count)); | |
49 | return; | |
50 | } | |
51 | ||
52 | kmem_cache_free(net_cachep, net); | |
53 | } | |
54 | ||
55 | static void cleanup_net(struct work_struct *work) | |
56 | { | |
57 | struct pernet_operations *ops; | |
58 | struct net *net; | |
59 | ||
60 | net = container_of(work, struct net, work); | |
61 | ||
62 | mutex_lock(&net_mutex); | |
63 | ||
64 | /* Don't let anyone else find us. */ | |
65 | net_lock(); | |
66 | list_del(&net->list); | |
67 | net_unlock(); | |
68 | ||
69 | /* Run all of the network namespace exit methods */ | |
70 | list_for_each_entry_reverse(ops, &pernet_list, list) { | |
71 | if (ops->exit) | |
72 | ops->exit(net); | |
73 | } | |
74 | ||
75 | mutex_unlock(&net_mutex); | |
76 | ||
77 | /* Ensure there are no outstanding rcu callbacks using this | |
78 | * network namespace. | |
79 | */ | |
80 | rcu_barrier(); | |
81 | ||
82 | /* Finally it is safe to free my network namespace structure */ | |
83 | net_free(net); | |
84 | } | |
85 | ||
86 | ||
87 | void __put_net(struct net *net) | |
88 | { | |
89 | /* Cleanup the network namespace in process context */ | |
90 | INIT_WORK(&net->work, cleanup_net); | |
91 | schedule_work(&net->work); | |
92 | } | |
93 | EXPORT_SYMBOL_GPL(__put_net); | |
94 | ||
95 | /* | |
96 | * setup_net runs the initializers for the network namespace object. | |
97 | */ | |
98 | static int setup_net(struct net *net) | |
99 | { | |
100 | /* Must be called with net_mutex held */ | |
101 | struct pernet_operations *ops; | |
102 | int error; | |
103 | ||
104 | memset(net, 0, sizeof(struct net)); | |
105 | atomic_set(&net->count, 1); | |
106 | atomic_set(&net->use_count, 0); | |
107 | ||
108 | error = 0; | |
109 | list_for_each_entry(ops, &pernet_list, list) { | |
110 | if (ops->init) { | |
111 | error = ops->init(net); | |
112 | if (error < 0) | |
113 | goto out_undo; | |
114 | } | |
115 | } | |
116 | out: | |
117 | return error; | |
118 | ||
119 | out_undo: | |
120 | /* Walk through the list backwards calling the exit functions | |
121 | * for the pernet modules whose init functions did not fail. | |
122 | */ | |
123 | list_for_each_entry_continue_reverse(ops, &pernet_list, list) { | |
124 | if (ops->exit) | |
125 | ops->exit(net); | |
126 | } | |
127 | goto out; | |
128 | } | |
129 | ||
130 | struct net *copy_net_ns(unsigned long flags, struct net *old_net) | |
131 | { | |
132 | struct net *new_net = NULL; | |
133 | int err; | |
134 | ||
135 | get_net(old_net); | |
136 | ||
137 | if (!(flags & CLONE_NEWNET)) | |
138 | return old_net; | |
139 | ||
140 | #ifndef CONFIG_NET_NS | |
141 | return ERR_PTR(-EINVAL); | |
142 | #endif | |
143 | ||
144 | err = -ENOMEM; | |
145 | new_net = net_alloc(); | |
146 | if (!new_net) | |
147 | goto out; | |
148 | ||
149 | mutex_lock(&net_mutex); | |
150 | err = setup_net(new_net); | |
151 | if (err) | |
152 | goto out_unlock; | |
153 | ||
154 | net_lock(); | |
155 | list_add_tail(&new_net->list, &net_namespace_list); | |
156 | net_unlock(); | |
157 | ||
158 | ||
159 | out_unlock: | |
160 | mutex_unlock(&net_mutex); | |
161 | out: | |
162 | put_net(old_net); | |
163 | if (err) { | |
164 | net_free(new_net); | |
165 | new_net = ERR_PTR(err); | |
166 | } | |
167 | return new_net; | |
168 | } | |
169 | ||
170 | static int __init net_ns_init(void) | |
171 | { | |
172 | int err; | |
173 | ||
174 | printk(KERN_INFO "net_namespace: %zd bytes\n", sizeof(struct net)); | |
175 | net_cachep = kmem_cache_create("net_namespace", sizeof(struct net), | |
176 | SMP_CACHE_BYTES, | |
177 | SLAB_PANIC, NULL); | |
178 | mutex_lock(&net_mutex); | |
179 | err = setup_net(&init_net); | |
180 | ||
181 | net_lock(); | |
182 | list_add_tail(&init_net.list, &net_namespace_list); | |
183 | net_unlock(); | |
184 | ||
185 | mutex_unlock(&net_mutex); | |
186 | if (err) | |
187 | panic("Could not setup the initial network namespace"); | |
188 | ||
189 | return 0; | |
190 | } | |
191 | ||
192 | pure_initcall(net_ns_init); | |
193 | ||
194 | static int register_pernet_operations(struct list_head *list, | |
195 | struct pernet_operations *ops) | |
196 | { | |
197 | struct net *net, *undo_net; | |
198 | int error; | |
199 | ||
200 | error = 0; | |
201 | list_add_tail(&ops->list, list); | |
202 | for_each_net(net) { | |
203 | if (ops->init) { | |
204 | error = ops->init(net); | |
205 | if (error) | |
206 | goto out_undo; | |
207 | } | |
208 | } | |
209 | out: | |
210 | return error; | |
211 | ||
212 | out_undo: | |
213 | /* If I have an error cleanup all namespaces I initialized */ | |
214 | list_del(&ops->list); | |
215 | for_each_net(undo_net) { | |
216 | if (undo_net == net) | |
217 | goto undone; | |
218 | if (ops->exit) | |
219 | ops->exit(undo_net); | |
220 | } | |
221 | undone: | |
222 | goto out; | |
223 | } | |
224 | ||
225 | static void unregister_pernet_operations(struct pernet_operations *ops) | |
226 | { | |
227 | struct net *net; | |
228 | ||
229 | list_del(&ops->list); | |
230 | for_each_net(net) | |
231 | if (ops->exit) | |
232 | ops->exit(net); | |
233 | } | |
234 | ||
235 | /** | |
236 | * register_pernet_subsys - register a network namespace subsystem | |
237 | * @ops: pernet operations structure for the subsystem | |
238 | * | |
239 | * Register a subsystem which has init and exit functions | |
240 | * that are called when network namespaces are created and | |
241 | * destroyed respectively. | |
242 | * | |
243 | * When registered all network namespace init functions are | |
244 | * called for every existing network namespace. Allowing kernel | |
245 | * modules to have a race free view of the set of network namespaces. | |
246 | * | |
247 | * When a new network namespace is created all of the init | |
248 | * methods are called in the order in which they were registered. | |
249 | * | |
250 | * When a network namespace is destroyed all of the exit methods | |
251 | * are called in the reverse of the order with which they were | |
252 | * registered. | |
253 | */ | |
254 | int register_pernet_subsys(struct pernet_operations *ops) | |
255 | { | |
256 | int error; | |
257 | mutex_lock(&net_mutex); | |
258 | error = register_pernet_operations(first_device, ops); | |
259 | mutex_unlock(&net_mutex); | |
260 | return error; | |
261 | } | |
262 | EXPORT_SYMBOL_GPL(register_pernet_subsys); | |
263 | ||
264 | /** | |
265 | * unregister_pernet_subsys - unregister a network namespace subsystem | |
266 | * @ops: pernet operations structure to manipulate | |
267 | * | |
268 | * Remove the pernet operations structure from the list to be | |
269 | * used when network namespaces are created or destoryed. In | |
270 | * addition run the exit method for all existing network | |
271 | * namespaces. | |
272 | */ | |
273 | void unregister_pernet_subsys(struct pernet_operations *module) | |
274 | { | |
275 | mutex_lock(&net_mutex); | |
276 | unregister_pernet_operations(module); | |
277 | mutex_unlock(&net_mutex); | |
278 | } | |
279 | EXPORT_SYMBOL_GPL(unregister_pernet_subsys); | |
280 | ||
281 | /** | |
282 | * register_pernet_device - register a network namespace device | |
283 | * @ops: pernet operations structure for the subsystem | |
284 | * | |
285 | * Register a device which has init and exit functions | |
286 | * that are called when network namespaces are created and | |
287 | * destroyed respectively. | |
288 | * | |
289 | * When registered all network namespace init functions are | |
290 | * called for every existing network namespace. Allowing kernel | |
291 | * modules to have a race free view of the set of network namespaces. | |
292 | * | |
293 | * When a new network namespace is created all of the init | |
294 | * methods are called in the order in which they were registered. | |
295 | * | |
296 | * When a network namespace is destroyed all of the exit methods | |
297 | * are called in the reverse of the order with which they were | |
298 | * registered. | |
299 | */ | |
300 | int register_pernet_device(struct pernet_operations *ops) | |
301 | { | |
302 | int error; | |
303 | mutex_lock(&net_mutex); | |
304 | error = register_pernet_operations(&pernet_list, ops); | |
305 | if (!error && (first_device == &pernet_list)) | |
306 | first_device = &ops->list; | |
307 | mutex_unlock(&net_mutex); | |
308 | return error; | |
309 | } | |
310 | EXPORT_SYMBOL_GPL(register_pernet_device); | |
311 | ||
312 | /** | |
313 | * unregister_pernet_device - unregister a network namespace netdevice | |
314 | * @ops: pernet operations structure to manipulate | |
315 | * | |
316 | * Remove the pernet operations structure from the list to be | |
317 | * used when network namespaces are created or destoryed. In | |
318 | * addition run the exit method for all existing network | |
319 | * namespaces. | |
320 | */ | |
321 | void unregister_pernet_device(struct pernet_operations *ops) | |
322 | { | |
323 | mutex_lock(&net_mutex); | |
324 | if (&ops->list == first_device) | |
325 | first_device = first_device->next; | |
326 | unregister_pernet_operations(ops); | |
327 | mutex_unlock(&net_mutex); | |
328 | } | |
329 | EXPORT_SYMBOL_GPL(unregister_pernet_device); |