diff mbox

[net-next,16/16] tipc: make netlink support net namespace

Message ID 1420788433-17960-17-git-send-email-ying.xue@windriver.com
State Accepted, archived
Delegated to: David Miller
Headers show

Commit Message

Ying Xue Jan. 9, 2015, 7:27 a.m. UTC 
Currently tipc module only allows users sitting on "init_net" namespace
to configure it through netlink interface. But now almost each tipc
component is able to be aware of net namespace, so it's time to open
the permission for users residing in other namespaces, allowing them
to configure their own tipc stack instance through netlink interface.

Signed-off-by: Ying Xue <ying.xue@windriver.com>
Tested-by: Tero Aho <Tero.Aho@coriant.com>
Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
---
 net/tipc/netlink.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

Comments

Sergei Shtylyov Jan. 9, 2015, 1:42 p.m. UTC | #1 
Hello.

On 1/9/2015 10:27 AM, Ying Xue wrote:

> Currently tipc module only allows users sitting on "init_net" namespace
> to configure it through netlink interface. But now almost each tipc
> component is able to be aware of net namespace, so it's time to open
> the permission for users residing in other namespaces, allowing them
> to configure their own tipc stack instance through netlink interface.

> Signed-off-by: Ying Xue <ying.xue@windriver.com>
> Tested-by: Tero Aho <Tero.Aho@coriant.com>
> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
> ---
>   net/tipc/netlink.c |    7 +++++--
>   1 file changed, 5 insertions(+), 2 deletions(-)

> diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
> index 282b596..fe0f513 100644
> --- a/net/tipc/netlink.c
> +++ b/net/tipc/netlink.c
> @@ -54,7 +54,8 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
>   	int hdr_space = nlmsg_total_size(GENL_HDRLEN + TIPC_GENL_HDRLEN);
>   	u16 cmd;
>
> -	if ((req_userhdr->cmd & 0xC000) && (!netlink_capable(skb, CAP_NET_ADMIN)))
> +	if ((req_userhdr->cmd & 0xC000) &&
> +	    (!netlink_net_capable(skb, CAP_NET_ADMIN)))

    Why? Also, it seems like unrelated change...

[...]

WBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Ying Xue Jan. 10, 2015, 6:04 a.m. UTC | #2 
On 01/09/2015 09:42 PM, Sergei Shtylyov wrote:
> Hello.
> 
> On 1/9/2015 10:27 AM, Ying Xue wrote:
> 
>> Currently tipc module only allows users sitting on "init_net" namespace
>> to configure it through netlink interface. But now almost each tipc
>> component is able to be aware of net namespace, so it's time to open
>> the permission for users residing in other namespaces, allowing them
>> to configure their own tipc stack instance through netlink interface.
> 
>> Signed-off-by: Ying Xue <ying.xue@windriver.com>
>> Tested-by: Tero Aho <Tero.Aho@coriant.com>
>> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
>> ---
>>   net/tipc/netlink.c |    7 +++++--
>>   1 file changed, 5 insertions(+), 2 deletions(-)
> 
>> diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
>> index 282b596..fe0f513 100644
>> --- a/net/tipc/netlink.c
>> +++ b/net/tipc/netlink.c
>> @@ -54,7 +54,8 @@ static int handle_cmd(struct sk_buff *skb, struct
>> genl_info *info)
>>       int hdr_space = nlmsg_total_size(GENL_HDRLEN + TIPC_GENL_HDRLEN);
>>       u16 cmd;
>>
>> -    if ((req_userhdr->cmd & 0xC000) && (!netlink_capable(skb,
>> CAP_NET_ADMIN)))
>> +    if ((req_userhdr->cmd & 0xC000) &&
>> +        (!netlink_net_capable(skb, CAP_NET_ADMIN)))
> 
>    Why? Also, it seems like unrelated change...
> 

Without above change, the line length is over 80 characters. Of course,
this change is not much related to what the patch is really doing.

Regards,
Ying

> [...]
> 
> WBR, Sergei
> 
> 
> 

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
index 282b596..fe0f513 100644
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -54,7 +54,8 @@  static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
 	int hdr_space = nlmsg_total_size(GENL_HDRLEN + TIPC_GENL_HDRLEN);
 	u16 cmd;
 
-	if ((req_userhdr->cmd & 0xC000) && (!netlink_capable(skb, CAP_NET_ADMIN)))
+	if ((req_userhdr->cmd & 0xC000) &&
+	    (!netlink_net_capable(skb, CAP_NET_ADMIN)))
 		cmd = TIPC_CMD_NOT_NET_ADMIN;
 	else
 		cmd = req_userhdr->cmd;
@@ -70,7 +71,7 @@  static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
 		rep_nlh = nlmsg_hdr(rep_buf);
 		memcpy(rep_nlh, req_nlh, hdr_space);
 		rep_nlh->nlmsg_len = rep_buf->len;
-		genlmsg_unicast(&init_net, rep_buf, NETLINK_CB(skb).portid);
+		genlmsg_unicast(net, rep_buf, NETLINK_CB(skb).portid);
 	}
 
 	return 0;
@@ -95,6 +96,7 @@  static struct genl_family tipc_genl_family = {
 	.version	= TIPC_GENL_VERSION,
 	.hdrsize	= TIPC_GENL_HDRLEN,
 	.maxattr	= 0,
+	.netnsok	= true,
 };
 
 /* Legacy ASCII API */
@@ -114,6 +116,7 @@  struct genl_family tipc_genl_v2_family = {
 	.version	= TIPC_GENL_V2_VERSION,
 	.hdrsize	= 0,
 	.maxattr	= TIPC_NLA_MAX,
+	.netnsok	= true,
 };
 
 static const struct genl_ops tipc_genl_v2_ops[] = {