16 Oct, 2007
1 commit
-
The Coverity checker spotted that we'll leak the storage allocated
to 'listeners' in netlink_kernel_create() when the
if (!nl_table[unit].registered)
check is false.This patch avoids the leak.
Signed-off-by: Jesper Juhl
Acked-by: "Eric W. Biederman"
Signed-off-by: David S. Miller
11 Oct, 2007
15 commits
-
This patch make processing netlink user -> kernel messages synchronious.
This change was inspired by the talk with Alexey Kuznetsov about current
netlink messages processing. He says that he was badly wrong when introduced
asynchronious user -> kernel communication.The call netlink_unicast is the only path to send message to the kernel
netlink socket. But, unfortunately, it is also used to send data to the
user.Before this change the user message has been attached to the socket queue
and sk->sk_data_ready was called. The process has been blocked until all
pending messages were processed. The bad thing is that this processing
may occur in the arbitrary process context.This patch changes nlk->data_ready callback to get 1 skb and force packet
processing right in the netlink_unicast.Kernel -> user path in netlink_unicast remains untouched.
EINTR processing for in netlink_run_queue was changed. It forces rtnl_lock
drop, but the process remains in the cycle until the message will be fully
processed. So, there is no need to use this kludges now.Signed-off-by: Denis V. Lunev
Acked-by: Alexey Kuznetsov
Signed-off-by: David S. Miller -
There are currently two ways to determine whether the netlink socket is a
kernel one or a user one. This patch creates a single inline call for
this purpose and unifies all the calls in the af_netlink.cNo similar calls are found outside af_netlink.c.
Signed-off-by: Denis V. Lunev
Acked-by: Alexey Kuznetsov
Signed-off-by: David S. Miller -
netlink_sendskb does not use third argument. Clean it and save a couple of
bytes.Signed-off-by: Denis V. Lunev
Acked-by: Alexey Kuznetsov
Signed-off-by: David S. Miller -
The code in netfilter/nfnetlink.c and in ./net/netlink/genetlink.c looks
like outdated copy/paste from rtnetlink.c. Push them into sync with the
original.Changes from v1:
- deleted comment in nfnetlink_rcv_msg by request of Patrick McHardySigned-off-by: Denis V. Lunev
Acked-by: Patrick McHardy
Signed-off-by: David S. Miller -
This concerns the ipv4 and ipv6 code mostly, but also the netlink
and unix sockets.The netlink code is an example of how to use the __seq_open_private()
call - it saves the net namespace on this private.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
With the net namespaces many code leaved the __init section,
thus making the kernel occupy more memory than it did before.
Since we have a config option that prohibits the namespace
creation, the functions that initialize/finalize some netns
stuff are simply not needed and can be freed after the boot.Currently, this is almost not noticeable, since few calls
are no longer in __init, but when the namespaces will be
merged it will be possible to free more code. I propose to
use the __net_init, __net_exit and __net_initdata "attributes"
for functions/variables that are not used if the CONFIG_NET_NS
is not set to save more space in memory.The exiting functions cannot just reside in the __exit section,
as noticed by David, since the init section will have
references on it and the compilation will fail due to modpost
checks. These references can exist, since the init namespace
never dies and the exit callbacks are never called. So I
introduce the __exit_refok attribute just like it is already
done with the __init_refok.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
with the macro max provided by , so changed its name
to a more proper one: limitSigned-off-by: Denis Cheng
Signed-off-by: David S. Miller -
Signed-off-by: Denis Cheng
Signed-off-by: David S. Miller -
I was looking at Patrick's fix to inet_diag and it occured
to me that we're using a pointer argument to return values
unnecessarily in netlink_run_queue. Changing it to return
the value will allow the compiler to generate better code
since the value won't have to be memory-backed.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
The problem: proc_net files remember which network namespace the are
against but do not remember hold a reference count (as that would pin
the network namespace). So we currently have a small window where
the reference count on a network namespace may be incremented when opening
a /proc file when it has already gone to zero.To fix this introduce maybe_get_net and get_proc_net.
maybe_get_net increments the network namespace reference count only if it is
greater then zero, ensuring we don't increment a reference count after it
has gone to zero.get_proc_net handles all of the magic to go from a proc inode to the network
namespace instance and call maybe_get_net on it.PROC_NET the old accessor is removed so that we don't get confused and use
the wrong helper function.Then I fix up the callers to use get_proc_net and handle the case case
where get_proc_net returns NULL. In that case I return -ENXIO because
effectively the network namespace has already gone away so the files
we are trying to access don't exist anymore.Signed-off-by: Eric W. Biederman
Acked-by: Paul E. McKenney
Signed-off-by: David S. Miller -
This change allows the generic attribute interface to be used within
the netfilter subsystem where this flag was initially introduced.The byte-order flag is yet unused, it's intended use is to
allow automatic byte order convertions for all atomic types.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Each netlink socket will live in exactly one network namespace,
this includes the controlling kernel sockets.This patch updates all of the existing netlink protocols
to only support the initial network namespace. Request
by clients in other namespaces will get -ECONREFUSED.
As they would if the kernel did not have the support for
that netlink protocol compiled in.As each netlink protocol is updated to be multiple network
namespace safe it can register multiple kernel sockets
to acquire a presence in the rest of the network namespaces.The implementation in af_netlink is a simple filter implementation
at hash table insertion and hash table look up time.Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller -
This patch passes in the namespace a new socket should be created in
and has the socket code do the appropriate reference counting. By
virtue of this all socket create methods are touched. In addition
the socket create methods are modified so that they will fail if
you attempt to create a socket in a non-default network namespace.Failing if we attempt to create a socket outside of the default
network namespace ensures that as we incrementally make the network stack
network namespace aware we will not export functionality that someone
has not audited and made certain is network namespace safe.
Allowing us to partially enable network namespaces before all of the
exotic protocols are supported.Any protocol layers I have missed will fail to compile because I now
pass an extra parameter into the socket creation code.[ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ]
Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller -
This patch makes /proc/net per network namespace. It modifies the global
variables proc_net and proc_net_stat to be per network namespace.
The proc_net file helpers are modified to take a network namespace argument,
and all of their callers are fixed to pass &init_net for that argument.
This ensures that all of the /proc/net files are only visible and
usable in the initial network namespace until the code behind them
has been updated to be handle multiple network namespaces.Making /proc/net per namespace is necessary as at least some files
in /proc/net depend upon the set of network devices which is per
network namespace, and even more files in /proc/net have contents
that are relevant to a single network namespace.Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller -
This could make future redesign of struct netlink_sock easier.
Signed-off-by: Denis Cheng
Signed-off-by: David S. Miller
25 Jul, 2007
3 commits
-
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
The current calculation of the maximum number of genetlink
multicast groups seems odd, fix it.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
family->mcast_groups is protected by genl_lock so it must
be held while accessing the list in genl_unregister_mc_groups().
Requires adding a non-locking variant of genl_unregister_mc_group().Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
19 Jul, 2007
3 commits
-
Introduce API to dynamically register and unregister multicast groups.
Signed-off-by: Johannes Berg
Acked-by: Patrick McHardy
Acked-by: Jamal Hadi Salim
Signed-off-by: David S. Miller -
Allow kicking listeners out of a multicast group when necessary
(for example if that group is going to be removed.)Signed-off-by: Johannes Berg
Acked-by: Patrick McHardy
Acked-by: Jamal Hadi Salim
Signed-off-by: David S. Miller -
Allow changing the number of groups for a netlink family
after it has been created, use RCU to protect the listeners
bitmap keeping netlink_has_listeners() lock-free.Signed-off-by: Johannes Berg
Acked-by: Patrick McHardy
Acked-by: Jamal Hadi Salim
Signed-off-by: David S. Miller
18 Jul, 2007
1 commit
-
Reading netlink_setsockopt it's not immediately clear why there isn't a
bug when you pass in negative numbers, the reason being that the >=
comparison is really unsigned although 'val' is signed because
nlk->ngroups is unsigned. Make 'val' unsigned too.[ Update the get_user() cast to match. --DaveM ]
Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller
11 Jul, 2007
2 commits
-
Make all initialized struct seq_operations in net/ const
Signed-off-by: Philippe De Muyter
Signed-off-by: David S. Miller -
Add a nested compat attribute type that can be used to convert
attributes that contain a structure to nested attributes in a
backwards compatible way.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
08 Jun, 2007
1 commit
-
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
09 May, 2007
1 commit
-
Remove includes of where it is not used/needed.
Suggested by Al Viro.Builds cleanly on x86_64, i386, alpha, ia64, powerpc, sparc,
sparc64, and arm (all 59 defconfigs).Signed-off-by: Randy Dunlap
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
05 May, 2007
1 commit
-
Remove bogus BUG_ON(mutex_is_locked(nlk_sk(sk)->cb_mutex)), when the
netlink_kernel_create caller specifies an external mutex it might
validly be locked.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
03 May, 2007
2 commits
-
When the user passes in MSG_TRUNC the skb is used after getting freed.
Signed-off-by: Patrick McHardy
Signed-off-by: David Howells
Signed-off-by: David S. Miller -
Since we can still receive packets until all references to the
socket are gone, we don't need to kill the CB until that happens.
This also aligns ourselves with the receive queue purging which
happens at that point.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
26 Apr, 2007
10 commits
-
- make the following needlessly global variables static:
- core/rtnetlink.c: struct rtnl_msg_handlers[]
- netfilter/nf_conntrack_proto.c: struct nf_ct_protos[]
- make the following needlessly global functions static:
- core/rtnetlink.c: rtnl_dump_all()
- netlink/af_netlink.c: netlink_queue_skip()Signed-off-by: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Don't reinitialize the callback mutex the netlink_kernel_create caller
handed in, it is supposed to already be initialized and could already
be held by someone.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Switch cb_lock to mutex and allow netlink kernel users to override it
with a subsystem specific mutex for consistent locking in dump callbacks.
All netlink_dump_start users have been audited not to rely on any
side-effects of the previously used spinlock.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
This patch introduces a new NLA_BINARY attribute policy type with the
verification of simply checking the maximum length of the payload.It also fixes a small typo in the example.
Signed-off-by: Johannes Berg
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Now that all users of netlink_dump_start() use netlink_run_queue()
to process the receive queue, it is possible to return -EINTR from
netlink_dump_start() directly, therefore simplying the callers.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
The error pointer argument in netlink message handlers is used
to signal the special case where processing has to be interrupted
because a dump was started but no error happened. Instead it is
simpler and more clear to return -EINTR and have netlink_run_queue()
deal with getting the queue right.nfnetlink passed on this error pointer to its subsystem handlers
but only uses it to signal the start of a netlink dump. Therefore
it can be removed there as well.This patch also cleans up the error handling in the affected
message handlers to be consistent since it had to be touched anyway.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Changes netlink_rcv_skb() to skip netlink controll messages and don't
pass them on to the message handler.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
netlink_rcv_skb() is changed to skip messages which don't have the
NLM_F_REQUEST bit to avoid every netlink family having to perform this
check on their own.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Leftover from dynamic multicast groups allocation work.
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
For the common "(struct nlmsghdr *)skb->data" sequence, so that we reduce the
number of direct accesses to skb->data and for consistency with all the other
cast skb member helpers.Signed-off-by: Arnaldo Carvalho de Melo
Signed-off-by: David S. Miller
