Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp157936ybx; Tue, 5 Nov 2019 21:40:39 -0800 (PST) X-Google-Smtp-Source: APXvYqwqAkXHCSYEBqEtds5OUcKz6kyCIy6SEnXgiOOv4Afs1jReNHOeJPI9//0xf5bKYr/YzNqO X-Received: by 2002:a50:a9e3:: with SMTP id n90mr721121edc.52.1573018839169; Tue, 05 Nov 2019 21:40:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573018839; cv=none; d=google.com; s=arc-20160816; b=ElhbBuXrK8EhJksohgjKevk2jNItgm0QE/IlOjnPrCIOLAVbBukAea5HpBR9548U0m VVfeNaN200OfF9W/dMGjKxJuvqSelmVyxvQDDv8R100KZ2f1KLEeOVMKe1y0fMW2NIcz Qj0OUs+c+rOZX+tEPmmGqZeO8vmJtuBA/A/yoJv/zPYW/cwmb6htdK3tPdkGbwQuRlz3 wvGA6Dfo0l4HLDUacPzdmyeLWUIxY+CpsqTaFCqr81od/V5j0eMlbjAfx+OP4xd9bzO4 DH7aGSTF6oqXPKbRR7rNl0TL5FjnpgEGYGIL+6NFvrdg7qhAxLB9wz1oC2MZY2o+K3YQ xDVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nheAZEvkv4WhdWdV6TIir5cz0kQhP+59XXc12ABo7pc=; b=trHOLux67Z42QK+FAcaNIzvSeGlM2zIowl9Me2NUdNU8wap4IDOFPdUlEMav+AEakr OL88rKylHFWpLQ33Lnn7VmJAZUUvJT41o5p5Y9M2yystmpkC6FoCwHED8rFlM18/NraN x409ffQhbgIcFPgy6zVtCLNhYxFK/TT5TqFhbeWIDbrxZbg8uj5+u/y7frtaQmKn4QWs Sydj52ILWVmpvROln11hA2JxcpRqgbdbOXZ1VWaPGakQ14VO1tsl9IW+yFwoDJDaY6bX BToNMyhs3ZgAO6lfVBZgRlCid8wsyXoQd5oqsBwlTS1muKuQ7hNC64vRvf0ru5GfW4b2 tN6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@norrbonn-se.20150623.gappssmtp.com header.s=20150623 header.b=kIYeAYrj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id oz10si8693507ejb.163.2019.11.05.21.40.15; Tue, 05 Nov 2019 21:40:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@norrbonn-se.20150623.gappssmtp.com header.s=20150623 header.b=kIYeAYrj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731093AbfKFFji (ORCPT + 99 others); Wed, 6 Nov 2019 00:39:38 -0500 Received: from mail-lj1-f193.google.com ([209.85.208.193]:42934 "EHLO mail-lj1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726133AbfKFFjh (ORCPT ); Wed, 6 Nov 2019 00:39:37 -0500 Received: by mail-lj1-f193.google.com with SMTP id n5so13570036ljc.9 for ; Tue, 05 Nov 2019 21:39:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=norrbonn-se.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nheAZEvkv4WhdWdV6TIir5cz0kQhP+59XXc12ABo7pc=; b=kIYeAYrjHWg2GFGOpruAxujtdh3wbmCUraF4IyCwX5CD3O+a5H+wkCMLewdc/yD+dG B5NL9ZmEAkj46hq0oQs+Sk4d9BWvkqoDm65Bg7J1Rg2asaqQw60iKiD7zRiwk1ECZNJ6 qBrI3T6rtNj7iwsduxGGDfY/Q38OgQfKubGAdNeGjFxQLQu/nA+GtbgxBB4ANi22Qb2c lH9D0F2TAhD1kevPGtibF4qTf2OAgQo14UaMZ0PqeTX66I+tuBlnLl0UqJiHj9Amz0bA MPlWCIWcwtwH3uz9zURJxVJapjR0EbBQRPE77Ef/2DfFD8YzTFeKG1nNcJelblYltZD2 wfqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nheAZEvkv4WhdWdV6TIir5cz0kQhP+59XXc12ABo7pc=; b=bGBMCvhe2pPqMH2tsGw58JdtOFWHrGXm3SkZ3EGyuM+Vb/DnLtWc3MD9ZgViTR2s2e DUPWrbxFM6ez1ZkslzGvEA2hnBperqNd3ZMF07eGqxUC8/zuJmziQeJlsXmnDRaDsikW qpdSCsdhnjU9KpW6uVPPPxCXTvknRThQ38Pr3UYR7pFxrMfP93kVuFF3lWUvTciCBOkj amT5lpZczz1sxJlb6A+VX/wE/h1Pyi42308M2XQvcCcNBTuv4wQ6QhVlqJ5d2sEncjeB GmUl/jjh/UKdtXoSRK4je20PoLg1h71C/g7y4LMiap3OI4c/SIJJbohDZcTKFvvVRDhE AljQ== X-Gm-Message-State: APjAAAXrDGblaWpLOjQcjXi6Aq8Jo7Gqo+5aqrwOfq0eOGW3IJ7rGV5G zB7O/o2QIsdkEsdkpDw5xpFCCw== X-Received: by 2002:a2e:970e:: with SMTP id r14mr399846lji.57.1573018774960; Tue, 05 Nov 2019 21:39:34 -0800 (PST) Received: from mimer.lan (h-137-65.A159.priv.bahnhof.se. [81.170.137.65]) by smtp.gmail.com with ESMTPSA id c22sm754737ljk.43.2019.11.05.21.39.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Nov 2019 21:39:34 -0800 (PST) From: Jonas Bonn To: nicolas.dichtel@6wind.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Cc: davem@davemloft.net, Jonas Bonn Subject: [PATCH v2 5/5] net: namespace: allow setting NSIDs outside current namespace Date: Wed, 6 Nov 2019 06:39:23 +0100 Message-Id: <20191106053923.10414-6-jonas@norrbonn.se> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191106053923.10414-1-jonas@norrbonn.se> References: <20191106053923.10414-1-jonas@norrbonn.se> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Currently it is only possible to move an interface to a new namespace if the destination namespace has an ID in the interface's current namespace. If the interface already resides outside of the current namespace, then we may need to assign the destination namespace an ID in the interface's namespace in order to effect the move. This patch allows namespace ID's to be created outside of the current namespace. With this, the following is possible: i) Our namespace is 'A'. ii) The interface resides in namespace 'B' iii) We can assign an ID for NS 'A' in NS 'B' iv) We can then move the interface into our own namespace. and i) Our namespace is 'A'; namespaces 'B' and 'C' also exist ii) We can assign an ID for namespace 'C' in namespace 'B' iii) We can then create a VETH interface directly in namespace 'B' with the other end in 'C', all without ever leaving namespace 'A' Signed-off-by: Jonas Bonn Acked-by: Nicolas Dichtel --- net/core/net_namespace.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 6d3e4821b02d..0071f395098d 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -724,6 +724,7 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr *tb[NETNSA_MAX + 1]; struct nlattr *nla; struct net *peer; + struct net *target = NULL; int nsid, err; err = nlmsg_parse_deprecated(nlh, sizeof(struct rtgenmsg), tb, @@ -752,6 +753,21 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh, return PTR_ERR(peer); } + if (tb[NETNSA_TARGET_NSID]) { + int id = nla_get_s32(tb[NETNSA_TARGET_NSID]); + + target = rtnl_get_net_ns_capable(NETLINK_CB(skb).sk, id); + if (IS_ERR(target)) { + NL_SET_BAD_ATTR(extack, tb[NETNSA_TARGET_NSID]); + NL_SET_ERR_MSG(extack, + "Target netns reference is invalid"); + err = PTR_ERR(target); + goto out; + } + + net = target; + } + spin_lock_bh(&net->nsid_lock); if (__peernet2id(net, peer) >= 0) { spin_unlock_bh(&net->nsid_lock); @@ -773,6 +789,9 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh, NL_SET_BAD_ATTR(extack, tb[NETNSA_NSID]); NL_SET_ERR_MSG(extack, "The specified nsid is already used"); } + + if (target) + put_net(target); out: put_net(peer); return err; -- 2.20.1