Received: by 10.223.176.46 with SMTP id f43csp645083wra; Wed, 24 Jan 2018 03:54:45 -0800 (PST) X-Google-Smtp-Source: AH8x22606/HP1n1H0BNUMFB0U8WAIsrxNhWIdSHL4+V7dHXjekqyoif+vTrwKk1CzZzZNK6o2Vxi X-Received: by 10.98.137.197 with SMTP id n66mr12844440pfk.70.1516794885763; Wed, 24 Jan 2018 03:54:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516794885; cv=none; d=google.com; s=arc-20160816; b=whHwzuwkSQPijMEtkzdBTBinc/rEWyqQLhN36iHU9zm1xTRK2Ng4EQ6bKdwJExVFu6 qo3PrM6Ocf0cv1yQkJVxLtG5DfEaev4pVuLdSpswgmAgGABT7MStzvT22EG8oU+elmAr v3RuTQvCubvfmJFmx5x1Yzx3RuxIQyvifsIzPmP6mErg/nKWKo8H91riFNNCOb/iaDip 1nQZv57j4SSiAuStlT1KuHQpnGlNr6DrycyKDND//pyxcNM46UIPuL9gjBOetvwu4nnl C89b7dfGo4Vz0Wi7V78UaLdaWlwqk7o80LmOgcazrV4XCSBOpTaO2sBeEkuHXRcvW8ak i5WQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=Vgf22IJ/wqD9iz7gquWH+k+4uaqdScmjD7M+e7UkAl0=; b=Xx1NmlByn/jqeRTF3C9nOeLqkxBRklWBmXmyxWQzgdCT6ljP66s5zZknawPrr3MpM/ Gd8VflE0jT71xKPGeKgn+s7JLRdtCH93ji33chsIH1OxfhTy92RTQN7AOAFm60EuDFj7 zHFAC/bQgJKD5Ygf7CtBTCvpDWZyXaIBeWLNhKV3AGtnwFaXJu1i+usQy4AmJwZkQ0bB Tj0bJ7xQdU2y4jVDJBWsiI5d0eCiOS6fFKdfKXpo2PK9F2fel4u4UqByyPG50NaVvpDL /P3Hu4uC9l04rUVNE6M9FsAaw/44ueIWRdrRUP4XioeE3a6SIoRSYzo0jiWO31wbX5eJ mlIw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jKwKFSaR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r15si2840286pfb.86.2018.01.24.03.54.32; Wed, 24 Jan 2018 03:54:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jKwKFSaR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933815AbeAXLxg (ORCPT + 99 others); Wed, 24 Jan 2018 06:53:36 -0500 Received: from mail-wr0-f196.google.com ([209.85.128.196]:46530 "EHLO mail-wr0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933596AbeAXLxe (ORCPT ); Wed, 24 Jan 2018 06:53:34 -0500 Received: by mail-wr0-f196.google.com with SMTP id g21so3696757wrb.13; Wed, 24 Jan 2018 03:53:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Vgf22IJ/wqD9iz7gquWH+k+4uaqdScmjD7M+e7UkAl0=; b=jKwKFSaRplulZLI2gXQDFmwSe22MMrx4mElqqfBKpnZUApx17XRIH3On5u9QV37Ugt vzvIkUJa0PztSq+yo2Y2mWeLv782dRkAuBQ9sM+wEjFWzHmdORa1XY1yf4PTdXvMgOo1 FRbQLFBNCKdhzi0nC8F5mp9M60JAV6YoMoF7Ew4oIkFA/+LGT1uvKGZwIfhqnz+uVeQ9 BPM5vcpnYCedw8A3jj+wYGC7eN6xTHsaZnqI+x1LKf5Lzsae6QGGBX01iTQuSo+q6uTZ A9kbb89SYEbUs71si0nYsCMaDtZfuvTMo4raYGe4ZncSg/tig5N3AzAN3ee1M3j0E4bf oQIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Vgf22IJ/wqD9iz7gquWH+k+4uaqdScmjD7M+e7UkAl0=; b=uHxhvA7cdILPaKBqgUd99sLcMRpNTxuiEq6ubIpQtwc40GYnoe3BTW5ezZKR74Dm3j RXNxheLgmLgtQSSAAtIsDMMwjaMYtEk30rO/dGN/3DJwIjOSwTOx6Iv2ibpO3m2yrTGT ehnCi25AKE1R36nO2z5KPBhhsCZq5pFvX5UBRKtEKfz2V5pZ9bkprC1X5IK36bp7yGOY XrQs9ePdSd0e0IEHKVAGrOdusHLLdeINouXNfJisczKDInlROQO3Dw6J24fNiY1gg7De GBVUOCGsS1wSbwBTQGQhn06w1dHknOl+PI5ll0zvBN6eICfukBTZMbZD1F23xUPHAT2a UY7w== X-Gm-Message-State: AKwxyteMQ2YRCHZZ/3tZntUMlcMnmyLR597M5NgzhNue7X8vhQrAASby E3RmP6d4SKMPcYoQtv+fStl3mYKUVF8= X-Received: by 10.223.144.81 with SMTP id h75mr5637070wrh.156.1516794812926; Wed, 24 Jan 2018 03:53:32 -0800 (PST) Received: from localhost.localdomain (eap108107.extern.uni-tuebingen.de. [134.2.108.107]) by smtp.gmail.com with ESMTPSA id e22sm6244207wre.55.2018.01.24.03.53.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jan 2018 03:53:32 -0800 (PST) From: Christian Brauner X-Google-Original-From: Christian Brauner To: netdev@vger.kernel.org Cc: davem@davemloft.net, dsahern@gmail.com, fw@strlen.de, daniel@iogearbox.net, lucien.xin@gmail.com, mschiffer@universe-factory.net, jakub.kicinski@netronome.com, vyasevich@gmail.com, linux-kernel@vger.kernel.org, jbenc@redhat.com, w.bumiller@proxmox.com, nicolas.dichtel@6wind.com, Christian Brauner Subject: [PATCH net-next 3/3] rtnetlink: enable IFLA_IF_NETNSID for RTM_DELLINK Date: Wed, 24 Jan 2018 12:53:28 +0100 Message-Id: <20180124115328.6487-1-christian.brauner@ubuntu.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180123132233.6d77040b@redhat.com> References: <20180123132233.6d77040b@redhat.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org - Backwards Compatibility: If userspace wants to determine whether RTM_DELLINK supports the IFLA_IF_NETNSID property they should first send an RTM_GETLINK request with IFLA_IF_NETNSID on lo. If either EACCESS is returned or the reply does not include IFLA_IF_NETNSID userspace should assume that IFLA_IF_NETNSID is not supported on this kernel. If the reply does contain an IFLA_IF_NETNSID property userspace can send an RTM_DELLINK with a IFLA_IF_NETNSID property. If they receive EOPNOTSUPP then the kernel does not support the IFLA_IF_NETNSID property with RTM_DELLINK. Userpace should then fallback to other means. - Security: Callers must have CAP_NET_ADMIN in the owning user namespace of the target network namespace. Signed-off-by: Christian Brauner --- net/core/rtnetlink.c | 40 +++++++++++++++++++++++++++++----------- 1 file changed, 29 insertions(+), 11 deletions(-) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index a4d4409685e3..17f7c3508a0c 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -2630,36 +2630,54 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh, struct netlink_ext_ack *extack) { struct net *net = sock_net(skb->sk); - struct net_device *dev; + struct net *tgt_net = net; + struct net_device *dev = NULL; struct ifinfomsg *ifm; char ifname[IFNAMSIZ]; struct nlattr *tb[IFLA_MAX+1]; int err; + int netnsid = -1; err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack); if (err < 0) return err; - if (tb[IFLA_IF_NETNSID]) - return -EOPNOTSUPP; - if (tb[IFLA_IFNAME]) nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ); + if (tb[IFLA_IF_NETNSID]) { + netnsid = nla_get_s32(tb[IFLA_IF_NETNSID]); + tgt_net = get_target_net(NETLINK_CB(skb).sk, netnsid); + if (IS_ERR(tgt_net)) + return PTR_ERR(tgt_net); + } + + err = -EINVAL; ifm = nlmsg_data(nlh); if (ifm->ifi_index > 0) - dev = __dev_get_by_index(net, ifm->ifi_index); + dev = __dev_get_by_index(tgt_net, ifm->ifi_index); else if (tb[IFLA_IFNAME]) - dev = __dev_get_by_name(net, ifname); + dev = __dev_get_by_name(tgt_net, ifname); else if (tb[IFLA_GROUP]) - return rtnl_group_dellink(net, nla_get_u32(tb[IFLA_GROUP])); + err = rtnl_group_dellink(tgt_net, nla_get_u32(tb[IFLA_GROUP])); else - return -EINVAL; + goto out; - if (!dev) - return -ENODEV; + if (!dev) { + if (tb[IFLA_GROUP]) + goto out; - return rtnl_delete_link(dev); + err = -ENODEV; + goto out; + } + + err = rtnl_delete_link(dev); + +out: + if (netnsid >= 0) + put_net(tgt_net); + + return err; } int rtnl_configure_link(struct net_device *dev, const struct ifinfomsg *ifm) -- 2.14.1