LXR linux/net/core/net

   1#include <linux/workqueue.h>
   2#include <linux/rtnetlink.h>
   3#include <linux/cache.h>
   4#include <linux/slab.h>
   5#include <linux/list.h>
   6#include <linux/delay.h>
   7#include <linux/sched.h>
   8#include <linux/idr.h>
   9#include <net/net_namespace.h>
  10#include <net/netns/generic.h>
  11
  12/*
  13 *      Our network namespace constructor/destructor lists
  14 */
  15
  16static LIST_HEAD(pernet_list);
  17static struct list_head *first_device = &pernet_list;
  18static DEFINE_MUTEX(net_mutex);
  19
  20LIST_HEAD(net_namespace_list);
  21EXPORT_SYMBOL_GPL(net_namespace_list);
  22
  23struct net init_net;
  24EXPORT_SYMBOL(init_net);
  25
  26#define INITIAL_NET_GEN_PTRS    13 /* +1 for len +2 for rcu_head */
  27
  28/*
  29 * setup_net runs the initializers for the network namespace object.
  30 */
  31static __net_init int setup_net(struct net *net)
  32{
  33        /* Must be called with net_mutex held */
  34        struct pernet_operations *ops;
  35        int error = 0;
  36
  37        atomic_set(&net->count, 1);
  38
  39#ifdef NETNS_REFCNT_DEBUG
  40        atomic_set(&net->use_count, 0);
  41#endif
  42
  43        list_for_each_entry(ops, &pernet_list, list) {
  44                if (ops->init) {
  45                        error = ops->init(net);
  46                        if (error < 0)
  47                                goto out_undo;
  48                }
  49        }
  50out:
  51        return error;
  52
  53out_undo:
  54        /* Walk through the list backwards calling the exit functions
  55         * for the pernet modules whose init functions did not fail.
  56         */
  57        list_for_each_entry_continue_reverse(ops, &pernet_list, list) {
  58                if (ops->exit)
  59                        ops->exit(net);
  60        }
  61
  62        rcu_barrier();
  63        goto out;
  64}
  65
  66static struct net_generic *net_alloc_generic(void)
  67{
  68        struct net_generic *ng;
  69        size_t generic_size = sizeof(struct net_generic) +
  70                INITIAL_NET_GEN_PTRS * sizeof(void *);
  71
  72        ng = kzalloc(generic_size, GFP_KERNEL);
  73        if (ng)
  74                ng->len = INITIAL_NET_GEN_PTRS;
  75
  76        return ng;
  77}
  78
  79#ifdef CONFIG_NET_NS
  80static struct kmem_cache *net_cachep;
  81static struct workqueue_struct *netns_wq;
  82
  83static struct net *net_alloc(void)
  84{
  85        struct net *net = NULL;
  86        struct net_generic *ng;
  87
  88        ng = net_alloc_generic();
  89        if (!ng)
  90                goto out;
  91
  92        net = kmem_cache_zalloc(net_cachep, GFP_KERNEL);
  93        if (!net)
  94                goto out_free;
  95
  96        rcu_assign_pointer(net->gen, ng);
  97out:
  98        return net;
  99
 100out_free:
 101        kfree(ng);
 102        goto out;
 103}
 104
 105static void net_free(struct net *net)
 106{
 107#ifdef NETNS_REFCNT_DEBUG
 108        if (unlikely(atomic_read(&net->use_count) != 0)) {
 109                printk(KERN_EMERG "network namespace not free! Usage: %d\n",
 110                        atomic_read(&net->use_count));
 111                return;
 112        }
 113#endif
 114        kfree(net->gen);
 115        kmem_cache_free(net_cachep, net);
 116}
 117
 118struct net *copy_net_ns(unsigned long flags, struct net *old_net)
 119{
 120        struct net *new_net = NULL;
 121        int err;
 122
 123        get_net(old_net);
 124
 125        if (!(flags & CLONE_NEWNET))
 126                return old_net;
 127
 128        err = -ENOMEM;
 129        new_net = net_alloc();
 130        if (!new_net)
 131                goto out_err;
 132
 133        mutex_lock(&net_mutex);
 134        err = setup_net(new_net);
 135        if (!err) {
 136                rtnl_lock();
 137                list_add_tail(&new_net->list, &net_namespace_list);
 138                rtnl_unlock();
 139        }
 140        mutex_unlock(&net_mutex);
 141
 142        if (err)
 143                goto out_free;
 144out:
 145        put_net(old_net);
 146        return new_net;
 147
 148out_free:
 149        net_free(new_net);
 150out_err:
 151        new_net = ERR_PTR(err);
 152        goto out;
 153}
 154
 155static void cleanup_net(struct work_struct *work)
 156{
 157        struct pernet_operations *ops;
 158        struct net *net;
 159
 160        net = container_of(work, struct net, work);
 161
 162        mutex_lock(&net_mutex);
 163
 164        /* Don't let anyone else find us. */
 165        rtnl_lock();
 166        list_del(&net->list);
 167        rtnl_unlock();
 168
 169        /* Run all of the network namespace exit methods */
 170        list_for_each_entry_reverse(ops, &pernet_list, list) {
 171                if (ops->exit)
 172                        ops->exit(net);
 173        }
 174
 175        mutex_unlock(&net_mutex);
 176
 177        /* Ensure there are no outstanding rcu callbacks using this
 178         * network namespace.
 179         */
 180        rcu_barrier();
 181
 182        /* Finally it is safe to free my network namespace structure */
 183        net_free(net);
 184}
 185
 186void __put_net(struct net *net)
 187{
 188        /* Cleanup the network namespace in process context */
 189        INIT_WORK(&net->work, cleanup_net);
 190        queue_work(netns_wq, &net->work);
 191}
 192EXPORT_SYMBOL_GPL(__put_net);
 193
 194#else
 195struct net *copy_net_ns(unsigned long flags, struct net *old_net)
 196{
 197        if (flags & CLONE_NEWNET)
 198                return ERR_PTR(-EINVAL);
 199        return old_net;
 200}
 201#endif
 202
 203static int __init net_ns_init(void)
 204{
 205        struct net_generic *ng;
 206        int err;
 207
 208        printk(KERN_INFO "net_namespace: %zd bytes\n", sizeof(struct net));
 209#ifdef CONFIG_NET_NS
 210        net_cachep = kmem_cache_create("net_namespace", sizeof(struct net),
 211                                        SMP_CACHE_BYTES,
 212                                        SLAB_PANIC, NULL);
 213
 214        /* Create workqueue for cleanup */
 215        netns_wq = create_singlethread_workqueue("netns");
 216        if (!netns_wq)
 217                panic("Could not create netns workq");
 218#endif
 219
 220        ng = net_alloc_generic();
 221        if (!ng)
 222                panic("Could not allocate generic netns");
 223
 224        rcu_assign_pointer(init_net.gen, ng);
 225
 226        mutex_lock(&net_mutex);
 227        err = setup_net(&init_net);
 228
 229        rtnl_lock();
 230        list_add_tail(&init_net.list, &net_namespace_list);
 231        rtnl_unlock();
 232
 233        mutex_unlock(&net_mutex);
 234        if (err)
 235                panic("Could not setup the initial network namespace");
 236
 237        return 0;
 238}
 239
 240pure_initcall(net_ns_init);
 241
 242#ifdef CONFIG_NET_NS
 243static int register_pernet_operations(struct list_head *list,
 244                                      struct pernet_operations *ops)
 245{
 246        struct net *net, *undo_net;
 247        int error;
 248
 249        list_add_tail(&ops->list, list);
 250        if (ops->init) {
 251                for_each_net(net) {
 252                        error = ops->init(net);
 253                        if (error)
 254                                goto out_undo;
 255                }
 256        }
 257        return 0;
 258
 259out_undo:
 260        /* If I have an error cleanup all namespaces I initialized */
 261        list_del(&ops->list);
 262        if (ops->exit) {
 263                for_each_net(undo_net) {
 264                        if (undo_net == net)
 265                                goto undone;
 266                        ops->exit(undo_net);
 267                }
 268        }
 269undone:
 270        return error;
 271}
 272
 273static void unregister_pernet_operations(struct pernet_operations *ops)
 274{
 275        struct net *net;
 276
 277        list_del(&ops->list);
 278        if (ops->exit)
 279                for_each_net(net)
 280                        ops->exit(net);
 281}
 282
 283#else
 284
 285static int register_pernet_operations(struct list_head *list,
 286                                      struct pernet_operations *ops)
 287{
 288        if (ops->init == NULL)
 289                return 0;
 290        return ops->init(&init_net);
 291}
 292
 293static void unregister_pernet_operations(struct pernet_operations *ops)
 294{
 295        if (ops->exit)
 296                ops->exit(&init_net);
 297}
 298#endif
 299
 300static DEFINE_IDA(net_generic_ids);
 301
 302/**
 303 *      register_pernet_subsys - register a network namespace subsystem
 304 *      @ops:  pernet operations structure for the subsystem
 305 *
 306 *      Register a subsystem which has init and exit functions
 307 *      that are called when network namespaces are created and
 308 *      destroyed respectively.
 309 *
 310 *      When registered all network namespace init functions are
 311 *      called for every existing network namespace.  Allowing kernel
 312 *      modules to have a race free view of the set of network namespaces.
 313 *
 314 *      When a new network namespace is created all of the init
 315 *      methods are called in the order in which they were registered.
 316 *
 317 *      When a network namespace is destroyed all of the exit methods
 318 *      are called in the reverse of the order with which they were
 319 *      registered.
 320 */
 321int register_pernet_subsys(struct pernet_operations *ops)
 322{
 323        int error;
 324        mutex_lock(&net_mutex);
 325        error =  register_pernet_operations(first_device, ops);
 326        mutex_unlock(&net_mutex);
 327        return error;
 328}
 329EXPORT_SYMBOL_GPL(register_pernet_subsys);
 330
 331/**
 332 *      unregister_pernet_subsys - unregister a network namespace subsystem
 333 *      @ops: pernet operations structure to manipulate
 334 *
 335 *      Remove the pernet operations structure from the list to be
 336 *      used when network namespaces are created or destroyed.  In
 337 *      addition run the exit method for all existing network
 338 *      namespaces.
 339 */
 340void unregister_pernet_subsys(struct pernet_operations *module)
 341{
 342        mutex_lock(&net_mutex);
 343        unregister_pernet_operations(module);
 344        mutex_unlock(&net_mutex);
 345}
 346EXPORT_SYMBOL_GPL(unregister_pernet_subsys);
 347
 348int register_pernet_gen_subsys(int *id, struct pernet_operations *ops)
 349{
 350        int rv;
 351
 352        mutex_lock(&net_mutex);
 353again:
 354        rv = ida_get_new_above(&net_generic_ids, 1, id);
 355        if (rv < 0) {
 356                if (rv == -EAGAIN) {
 357                        ida_pre_get(&net_generic_ids, GFP_KERNEL);
 358                        goto again;
 359                }
 360                goto out;
 361        }
 362        rv = register_pernet_operations(first_device, ops);
 363        if (rv < 0)
 364                ida_remove(&net_generic_ids, *id);
 365out:
 366        mutex_unlock(&net_mutex);
 367        return rv;
 368}
 369EXPORT_SYMBOL_GPL(register_pernet_gen_subsys);
 370
 371void unregister_pernet_gen_subsys(int id, struct pernet_operations *ops)
 372{
 373        mutex_lock(&net_mutex);
 374        unregister_pernet_operations(ops);
 375        ida_remove(&net_generic_ids, id);
 376        mutex_unlock(&net_mutex);
 377}
 378EXPORT_SYMBOL_GPL(unregister_pernet_gen_subsys);
 379
 380/**
 381 *      register_pernet_device - register a network namespace device
 382 *      @ops:  pernet operations structure for the subsystem
 383 *
 384 *      Register a device which has init and exit functions
 385 *      that are called when network namespaces are created and
 386 *      destroyed respectively.
 387 *
 388 *      When registered all network namespace init functions are
 389 *      called for every existing network namespace.  Allowing kernel
 390 *      modules to have a race free view of the set of network namespaces.
 391 *
 392 *      When a new network namespace is created all of the init
 393 *      methods are called in the order in which they were registered.
 394 *
 395 *      When a network namespace is destroyed all of the exit methods
 396 *      are called in the reverse of the order with which they were
 397 *      registered.
 398 */
 399int register_pernet_device(struct pernet_operations *ops)
 400{
 401        int error;
 402        mutex_lock(&net_mutex);
 403        error = register_pernet_operations(&pernet_list, ops);
 404        if (!error && (first_device == &pernet_list))
 405                first_device = &ops->list;
 406        mutex_unlock(&net_mutex);
 407        return error;
 408}
 409EXPORT_SYMBOL_GPL(register_pernet_device);
 410
 411int register_pernet_gen_device(int *id, struct pernet_operations *ops)
 412{
 413        int error;
 414        mutex_lock(&net_mutex);
 415again:
 416        error = ida_get_new_above(&net_generic_ids, 1, id);
 417        if (error) {
 418                if (error == -EAGAIN) {
 419                        ida_pre_get(&net_generic_ids, GFP_KERNEL);
 420                        goto again;
 421                }
 422                goto out;
 423        }
 424        error = register_pernet_operations(&pernet_list, ops);
 425        if (error)
 426                ida_remove(&net_generic_ids, *id);
 427        else if (first_device == &pernet_list)
 428                first_device = &ops->list;
 429out:
 430        mutex_unlock(&net_mutex);
 431        return error;
 432}
 433EXPORT_SYMBOL_GPL(register_pernet_gen_device);
 434
 435/**
 436 *      unregister_pernet_device - unregister a network namespace netdevice
 437 *      @ops: pernet operations structure to manipulate
 438 *
 439 *      Remove the pernet operations structure from the list to be
 440 *      used when network namespaces are created or destroyed.  In
 441 *      addition run the exit method for all existing network
 442 *      namespaces.
 443 */
 444void unregister_pernet_device(struct pernet_operations *ops)
 445{
 446        mutex_lock(&net_mutex);
 447        if (&ops->list == first_device)
 448                first_device = first_device->next;
 449        unregister_pernet_operations(ops);
 450        mutex_unlock(&net_mutex);
 451}
 452EXPORT_SYMBOL_GPL(unregister_pernet_device);
 453
 454void unregister_pernet_gen_device(int id, struct pernet_operations *ops)
 455{
 456        mutex_lock(&net_mutex);
 457        if (&ops->list == first_device)
 458                first_device = first_device->next;
 459        unregister_pernet_operations(ops);
 460        ida_remove(&net_generic_ids, id);
 461        mutex_unlock(&net_mutex);
 462}
 463EXPORT_SYMBOL_GPL(unregister_pernet_gen_device);
 464
 465static void net_generic_release(struct rcu_head *rcu)
 466{
 467        struct net_generic *ng;
 468
 469        ng = container_of(rcu, struct net_generic, rcu);
 470        kfree(ng);
 471}
 472
 473int net_assign_generic(struct net *net, int id, void *data)
 474{
 475        struct net_generic *ng, *old_ng;
 476
 477        BUG_ON(!mutex_is_locked(&net_mutex));
 478        BUG_ON(id == 0);
 479
 480        ng = old_ng = net->gen;
 481        if (old_ng->len >= id)
 482                goto assign;
 483
 484        ng = kzalloc(sizeof(struct net_generic) +
 485                        id * sizeof(void *), GFP_KERNEL);
 486        if (ng == NULL)
 487                return -ENOMEM;
 488
 489        /*
 490         * Some synchronisation notes:
 491         *
 492         * The net_generic explores the net->gen array inside rcu
 493         * read section. Besides once set the net->gen->ptr[x]
 494         * pointer never changes (see rules in netns/generic.h).
 495         *
 496         * That said, we simply duplicate this array and schedule
 497         * the old copy for kfree after a grace period.
 498         */
 499
 500        ng->len = id;
 501        memcpy(&ng->ptr, &old_ng->ptr, old_ng->len);
 502
 503        rcu_assign_pointer(net->gen, ng);
 504        call_rcu(&old_ng->rcu, net_generic_release);
 505assign:
 506        ng->ptr[id - 1] = data;
 507        return 0;
 508}
 509EXPORT_SYMBOL_GPL(net_assign_generic);
 510