1 #include <linux/workqueue.h> 2 #include <linux/rtnetlink.h> 3 #include <linux/cache.h> 4 #include <linux/slab.h> 5 #include <linux/list.h> 6 #include <linux/delay.h> 7 #include <linux/sched.h> 8 #include <net/net_namespace.h> 9 10 /* 11 * Our network namespace constructor/destructor lists 12 */ 13 14 static LIST_HEAD(pernet_list); 15 static struct list_head *first_device = &pernet_list; 16 static DEFINE_MUTEX(net_mutex); 17 18 LIST_HEAD(net_namespace_list); 19 20 static struct kmem_cache *net_cachep; 21 22 struct net init_net; 23 EXPORT_SYMBOL_GPL(init_net); 24 25 static struct net *net_alloc(void) 26 { 27 return kmem_cache_zalloc(net_cachep, GFP_KERNEL); 28 } 29 30 static void net_free(struct net *net) 31 { 32 if (!net) 33 return; 34 35 if (unlikely(atomic_read(&net->use_count) != 0)) { 36 printk(KERN_EMERG "network namespace not free! Usage: %d\n", 37 atomic_read(&net->use_count)); 38 return; 39 } 40 41 kmem_cache_free(net_cachep, net); 42 } 43 44 static void cleanup_net(struct work_struct *work) 45 { 46 struct pernet_operations *ops; 47 struct net *net; 48 49 net = container_of(work, struct net, work); 50 51 mutex_lock(&net_mutex); 52 53 /* Don't let anyone else find us. */ 54 rtnl_lock(); 55 list_del(&net->list); 56 rtnl_unlock(); 57 58 /* Run all of the network namespace exit methods */ 59 list_for_each_entry_reverse(ops, &pernet_list, list) { 60 if (ops->exit) 61 ops->exit(net); 62 } 63 64 mutex_unlock(&net_mutex); 65 66 /* Ensure there are no outstanding rcu callbacks using this 67 * network namespace. 68 */ 69 rcu_barrier(); 70 71 /* Finally it is safe to free my network namespace structure */ 72 net_free(net); 73 } 74 75 76 void __put_net(struct net *net) 77 { 78 /* Cleanup the network namespace in process context */ 79 INIT_WORK(&net->work, cleanup_net); 80 schedule_work(&net->work); 81 } 82 EXPORT_SYMBOL_GPL(__put_net); 83 84 /* 85 * setup_net runs the initializers for the network namespace object. 86 */ 87 static int setup_net(struct net *net) 88 { 89 /* Must be called with net_mutex held */ 90 struct pernet_operations *ops; 91 int error; 92 93 atomic_set(&net->count, 1); 94 atomic_set(&net->use_count, 0); 95 96 error = 0; 97 list_for_each_entry(ops, &pernet_list, list) { 98 if (ops->init) { 99 error = ops->init(net); 100 if (error < 0) 101 goto out_undo; 102 } 103 } 104 out: 105 return error; 106 107 out_undo: 108 /* Walk through the list backwards calling the exit functions 109 * for the pernet modules whose init functions did not fail. 110 */ 111 list_for_each_entry_continue_reverse(ops, &pernet_list, list) { 112 if (ops->exit) 113 ops->exit(net); 114 } 115 goto out; 116 } 117 118 struct net *copy_net_ns(unsigned long flags, struct net *old_net) 119 { 120 struct net *new_net = NULL; 121 int err; 122 123 get_net(old_net); 124 125 if (!(flags & CLONE_NEWNET)) 126 return old_net; 127 128 #ifndef CONFIG_NET_NS 129 return ERR_PTR(-EINVAL); 130 #endif 131 132 err = -ENOMEM; 133 new_net = net_alloc(); 134 if (!new_net) 135 goto out; 136 137 mutex_lock(&net_mutex); 138 err = setup_net(new_net); 139 if (err) 140 goto out_unlock; 141 142 rtnl_lock(); 143 list_add_tail(&new_net->list, &net_namespace_list); 144 rtnl_unlock(); 145 146 147 out_unlock: 148 mutex_unlock(&net_mutex); 149 out: 150 put_net(old_net); 151 if (err) { 152 net_free(new_net); 153 new_net = ERR_PTR(err); 154 } 155 return new_net; 156 } 157 158 static int __init net_ns_init(void) 159 { 160 int err; 161 162 printk(KERN_INFO "net_namespace: %zd bytes\n", sizeof(struct net)); 163 net_cachep = kmem_cache_create("net_namespace", sizeof(struct net), 164 SMP_CACHE_BYTES, 165 SLAB_PANIC, NULL); 166 mutex_lock(&net_mutex); 167 err = setup_net(&init_net); 168 169 rtnl_lock(); 170 list_add_tail(&init_net.list, &net_namespace_list); 171 rtnl_unlock(); 172 173 mutex_unlock(&net_mutex); 174 if (err) 175 panic("Could not setup the initial network namespace"); 176 177 return 0; 178 } 179 180 pure_initcall(net_ns_init); 181 182 static int register_pernet_operations(struct list_head *list, 183 struct pernet_operations *ops) 184 { 185 struct net *net, *undo_net; 186 int error; 187 188 error = 0; 189 list_add_tail(&ops->list, list); 190 for_each_net(net) { 191 if (ops->init) { 192 error = ops->init(net); 193 if (error) 194 goto out_undo; 195 } 196 } 197 out: 198 return error; 199 200 out_undo: 201 /* If I have an error cleanup all namespaces I initialized */ 202 list_del(&ops->list); 203 for_each_net(undo_net) { 204 if (undo_net == net) 205 goto undone; 206 if (ops->exit) 207 ops->exit(undo_net); 208 } 209 undone: 210 goto out; 211 } 212 213 static void unregister_pernet_operations(struct pernet_operations *ops) 214 { 215 struct net *net; 216 217 list_del(&ops->list); 218 for_each_net(net) 219 if (ops->exit) 220 ops->exit(net); 221 } 222 223 /** 224 * register_pernet_subsys - register a network namespace subsystem 225 * @ops: pernet operations structure for the subsystem 226 * 227 * Register a subsystem which has init and exit functions 228 * that are called when network namespaces are created and 229 * destroyed respectively. 230 * 231 * When registered all network namespace init functions are 232 * called for every existing network namespace. Allowing kernel 233 * modules to have a race free view of the set of network namespaces. 234 * 235 * When a new network namespace is created all of the init 236 * methods are called in the order in which they were registered. 237 * 238 * When a network namespace is destroyed all of the exit methods 239 * are called in the reverse of the order with which they were 240 * registered. 241 */ 242 int register_pernet_subsys(struct pernet_operations *ops) 243 { 244 int error; 245 mutex_lock(&net_mutex); 246 error = register_pernet_operations(first_device, ops); 247 mutex_unlock(&net_mutex); 248 return error; 249 } 250 EXPORT_SYMBOL_GPL(register_pernet_subsys); 251 252 /** 253 * unregister_pernet_subsys - unregister a network namespace subsystem 254 * @ops: pernet operations structure to manipulate 255 * 256 * Remove the pernet operations structure from the list to be 257 * used when network namespaces are created or destoryed. In 258 * addition run the exit method for all existing network 259 * namespaces. 260 */ 261 void unregister_pernet_subsys(struct pernet_operations *module) 262 { 263 mutex_lock(&net_mutex); 264 unregister_pernet_operations(module); 265 mutex_unlock(&net_mutex); 266 } 267 EXPORT_SYMBOL_GPL(unregister_pernet_subsys); 268 269 /** 270 * register_pernet_device - register a network namespace device 271 * @ops: pernet operations structure for the subsystem 272 * 273 * Register a device which has init and exit functions 274 * that are called when network namespaces are created and 275 * destroyed respectively. 276 * 277 * When registered all network namespace init functions are 278 * called for every existing network namespace. Allowing kernel 279 * modules to have a race free view of the set of network namespaces. 280 * 281 * When a new network namespace is created all of the init 282 * methods are called in the order in which they were registered. 283 * 284 * When a network namespace is destroyed all of the exit methods 285 * are called in the reverse of the order with which they were 286 * registered. 287 */ 288 int register_pernet_device(struct pernet_operations *ops) 289 { 290 int error; 291 mutex_lock(&net_mutex); 292 error = register_pernet_operations(&pernet_list, ops); 293 if (!error && (first_device == &pernet_list)) 294 first_device = &ops->list; 295 mutex_unlock(&net_mutex); 296 return error; 297 } 298 EXPORT_SYMBOL_GPL(register_pernet_device); 299 300 /** 301 * unregister_pernet_device - unregister a network namespace netdevice 302 * @ops: pernet operations structure to manipulate 303 * 304 * Remove the pernet operations structure from the list to be 305 * used when network namespaces are created or destoryed. In 306 * addition run the exit method for all existing network 307 * namespaces. 308 */ 309 void unregister_pernet_device(struct pernet_operations *ops) 310 { 311 mutex_lock(&net_mutex); 312 if (&ops->list == first_device) 313 first_device = first_device->next; 314 unregister_pernet_operations(ops); 315 mutex_unlock(&net_mutex); 316 } 317 EXPORT_SYMBOL_GPL(unregister_pernet_device); 318