| Message ID | 20180129170720.29724-2-christian.brauner@ubuntu.com |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
| Series | rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK | expand |
Hi Christian,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master]
url: https://github.com/0day-ci/linux/commits/Christian-Brauner/rtnetlink-enable-IFLA_IF_NETNSID-for-RTM_NEWLINK/20180130-230918
config: ia64-allmodconfig (attached as .config)
compiler: ia64-linux-gcc (GCC) 7.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=ia64
All error/warnings (new ones prefixed by >>):
net//core/rtnetlink.c: In function 'rtnl_newlink':
>> net//core/rtnetlink.c:2903:14: error: implicit declaration of function 'rtnl_link_get_net_capable'; did you mean 'rtnl_link_get_net'? [-Werror=implicit-function-declaration]
dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
^~~~~~~~~~~~~~~~~~~~~~~~~
rtnl_link_get_net
>> net//core/rtnetlink.c:2903:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
^
cc1: some warnings being treated as errors
vim +2903 net//core/rtnetlink.c
2729
2730 static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
2731 struct netlink_ext_ack *extack)
2732 {
2733 struct net *net = sock_net(skb->sk);
2734 const struct rtnl_link_ops *ops;
2735 const struct rtnl_link_ops *m_ops = NULL;
2736 struct net_device *dev;
2737 struct net_device *master_dev = NULL;
2738 struct ifinfomsg *ifm;
2739 char kind[MODULE_NAME_LEN];
2740 char ifname[IFNAMSIZ];
2741 struct nlattr *tb[IFLA_MAX+1];
2742 struct nlattr *linkinfo[IFLA_INFO_MAX+1];
2743 unsigned char name_assign_type = NET_NAME_USER;
2744 int err;
2745
2746 #ifdef CONFIG_MODULES
2747 replay:
2748 #endif
2749 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack);
2750 if (err < 0)
2751 return err;
2752
2753 if (tb[IFLA_IF_NETNSID])
2754 return -EOPNOTSUPP;
2755
2756 if (tb[IFLA_IFNAME])
2757 nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
2758 else
2759 ifname[0] = '\0';
2760
2761 ifm = nlmsg_data(nlh);
2762 if (ifm->ifi_index > 0)
2763 dev = __dev_get_by_index(net, ifm->ifi_index);
2764 else {
2765 if (ifname[0])
2766 dev = __dev_get_by_name(net, ifname);
2767 else
2768 dev = NULL;
2769 }
2770
2771 if (dev) {
2772 master_dev = netdev_master_upper_dev_get(dev);
2773 if (master_dev)
2774 m_ops = master_dev->rtnl_link_ops;
2775 }
2776
2777 err = validate_linkmsg(dev, tb);
2778 if (err < 0)
2779 return err;
2780
2781 if (tb[IFLA_LINKINFO]) {
2782 err = nla_parse_nested(linkinfo, IFLA_INFO_MAX,
2783 tb[IFLA_LINKINFO], ifla_info_policy,
2784 NULL);
2785 if (err < 0)
2786 return err;
2787 } else
2788 memset(linkinfo, 0, sizeof(linkinfo));
2789
2790 if (linkinfo[IFLA_INFO_KIND]) {
2791 nla_strlcpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind));
2792 ops = rtnl_link_ops_get(kind);
2793 } else {
2794 kind[0] = '\0';
2795 ops = NULL;
2796 }
2797
2798 if (1) {
2799 struct nlattr *attr[ops ? ops->maxtype + 1 : 1];
2800 struct nlattr *slave_attr[m_ops ? m_ops->slave_maxtype + 1 : 1];
2801 struct nlattr **data = NULL;
2802 struct nlattr **slave_data = NULL;
2803 struct net *dest_net, *link_net = NULL;
2804
2805 if (ops) {
2806 if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) {
2807 err = nla_parse_nested(attr, ops->maxtype,
2808 linkinfo[IFLA_INFO_DATA],
2809 ops->policy, NULL);
2810 if (err < 0)
2811 return err;
2812 data = attr;
2813 }
2814 if (ops->validate) {
2815 err = ops->validate(tb, data, extack);
2816 if (err < 0)
2817 return err;
2818 }
2819 }
2820
2821 if (m_ops) {
2822 if (m_ops->slave_maxtype &&
2823 linkinfo[IFLA_INFO_SLAVE_DATA]) {
2824 err = nla_parse_nested(slave_attr,
2825 m_ops->slave_maxtype,
2826 linkinfo[IFLA_INFO_SLAVE_DATA],
2827 m_ops->slave_policy,
2828 NULL);
2829 if (err < 0)
2830 return err;
2831 slave_data = slave_attr;
2832 }
2833 }
2834
2835 if (dev) {
2836 int status = 0;
2837
2838 if (nlh->nlmsg_flags & NLM_F_EXCL)
2839 return -EEXIST;
2840 if (nlh->nlmsg_flags & NLM_F_REPLACE)
2841 return -EOPNOTSUPP;
2842
2843 if (linkinfo[IFLA_INFO_DATA]) {
2844 if (!ops || ops != dev->rtnl_link_ops ||
2845 !ops->changelink)
2846 return -EOPNOTSUPP;
2847
2848 err = ops->changelink(dev, tb, data, extack);
2849 if (err < 0)
2850 return err;
2851 status |= DO_SETLINK_NOTIFY;
2852 }
2853
2854 if (linkinfo[IFLA_INFO_SLAVE_DATA]) {
2855 if (!m_ops || !m_ops->slave_changelink)
2856 return -EOPNOTSUPP;
2857
2858 err = m_ops->slave_changelink(master_dev, dev,
2859 tb, slave_data,
2860 extack);
2861 if (err < 0)
2862 return err;
2863 status |= DO_SETLINK_NOTIFY;
2864 }
2865
2866 return do_setlink(skb, dev, ifm, extack, tb, ifname,
2867 status);
2868 }
2869
2870 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
2871 if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
2872 return rtnl_group_changelink(skb, net,
2873 nla_get_u32(tb[IFLA_GROUP]),
2874 ifm, extack, tb);
2875 return -ENODEV;
2876 }
2877
2878 if (tb[IFLA_MAP] || tb[IFLA_PROTINFO])
2879 return -EOPNOTSUPP;
2880
2881 if (!ops) {
2882 #ifdef CONFIG_MODULES
2883 if (kind[0]) {
2884 __rtnl_unlock();
2885 request_module("rtnl-link-%s", kind);
2886 rtnl_lock();
2887 ops = rtnl_link_ops_get(kind);
2888 if (ops)
2889 goto replay;
2890 }
2891 #endif
2892 return -EOPNOTSUPP;
2893 }
2894
2895 if (!ops->setup)
2896 return -EOPNOTSUPP;
2897
2898 if (!ifname[0]) {
2899 snprintf(ifname, IFNAMSIZ, "%s%%d", ops->kind);
2900 name_assign_type = NET_NAME_ENUM;
2901 }
2902
> 2903 dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
2904 if (IS_ERR(dest_net))
2905 return PTR_ERR(dest_net);
2906
2907 if (tb[IFLA_LINK_NETNSID]) {
2908 int id = nla_get_s32(tb[IFLA_LINK_NETNSID]);
2909
2910 link_net = get_net_ns_by_id(dest_net, id);
2911 if (!link_net) {
2912 err = -EINVAL;
2913 goto out;
2914 }
2915 err = -EPERM;
2916 if (!netlink_ns_capable(skb, link_net->user_ns, CAP_NET_ADMIN))
2917 goto out;
2918 }
2919
2920 dev = rtnl_create_link(link_net ? : dest_net, ifname,
2921 name_assign_type, ops, tb);
2922 if (IS_ERR(dev)) {
2923 err = PTR_ERR(dev);
2924 goto out;
2925 }
2926
2927 dev->ifindex = ifm->ifi_index;
2928
2929 if (ops->newlink) {
2930 err = ops->newlink(link_net ? : net, dev, tb, data,
2931 extack);
2932 /* Drivers should call free_netdev() in ->destructor
2933 * and unregister it on failure after registration
2934 * so that device could be finally freed in rtnl_unlock.
2935 */
2936 if (err < 0) {
2937 /* If device is not registered at all, free it now */
2938 if (dev->reg_state == NETREG_UNINITIALIZED)
2939 free_netdev(dev);
2940 goto out;
2941 }
2942 } else {
2943 err = register_netdevice(dev);
2944 if (err < 0) {
2945 free_netdev(dev);
2946 goto out;
2947 }
2948 }
2949 err = rtnl_configure_link(dev, ifm);
2950 if (err < 0)
2951 goto out_unregister;
2952 if (link_net) {
2953 err = dev_change_net_namespace(dev, dest_net, ifname);
2954 if (err < 0)
2955 goto out_unregister;
2956 }
2957 if (tb[IFLA_MASTER]) {
2958 err = do_set_master(dev, nla_get_u32(tb[IFLA_MASTER]),
2959 extack);
2960 if (err)
2961 goto out_unregister;
2962 }
2963 out:
2964 if (link_net)
2965 put_net(link_net);
2966 put_net(dest_net);
2967 return err;
2968 out_unregister:
2969 if (ops->newlink) {
2970 LIST_HEAD(list_kill);
2971
2972 ops->dellink(dev, &list_kill);
2973 unregister_netdevice_many(&list_kill);
2974 } else {
2975 unregister_netdevice(dev);
2976 }
2977 goto out;
2978 }
2979 }
2980
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
Hi Christian,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master]
url: https://github.com/0day-ci/linux/commits/Christian-Brauner/rtnetlink-enable-IFLA_IF_NETNSID-for-RTM_NEWLINK/20180130-230918
config: i386-randconfig-a1-201804 (attached as .config)
compiler: gcc-4.9 (Debian 4.9.4-2) 4.9.4
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All errors (new ones prefixed by >>):
net/core/rtnetlink.c: In function 'rtnl_newlink':
>> net/core/rtnetlink.c:2903:3: error: implicit declaration of function 'rtnl_link_get_net_capable' [-Werror=implicit-function-declaration]
dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
^
net/core/rtnetlink.c:2903:12: warning: assignment makes pointer from integer without a cast
dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
^
cc1: some warnings being treated as errors
vim +/rtnl_link_get_net_capable +2903 net/core/rtnetlink.c
2729
2730 static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
2731 struct netlink_ext_ack *extack)
2732 {
2733 struct net *net = sock_net(skb->sk);
2734 const struct rtnl_link_ops *ops;
2735 const struct rtnl_link_ops *m_ops = NULL;
2736 struct net_device *dev;
2737 struct net_device *master_dev = NULL;
2738 struct ifinfomsg *ifm;
2739 char kind[MODULE_NAME_LEN];
2740 char ifname[IFNAMSIZ];
2741 struct nlattr *tb[IFLA_MAX+1];
2742 struct nlattr *linkinfo[IFLA_INFO_MAX+1];
2743 unsigned char name_assign_type = NET_NAME_USER;
2744 int err;
2745
2746 #ifdef CONFIG_MODULES
2747 replay:
2748 #endif
2749 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack);
2750 if (err < 0)
2751 return err;
2752
2753 if (tb[IFLA_IF_NETNSID])
2754 return -EOPNOTSUPP;
2755
2756 if (tb[IFLA_IFNAME])
2757 nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
2758 else
2759 ifname[0] = '\0';
2760
2761 ifm = nlmsg_data(nlh);
2762 if (ifm->ifi_index > 0)
2763 dev = __dev_get_by_index(net, ifm->ifi_index);
2764 else {
2765 if (ifname[0])
2766 dev = __dev_get_by_name(net, ifname);
2767 else
2768 dev = NULL;
2769 }
2770
2771 if (dev) {
2772 master_dev = netdev_master_upper_dev_get(dev);
2773 if (master_dev)
2774 m_ops = master_dev->rtnl_link_ops;
2775 }
2776
2777 err = validate_linkmsg(dev, tb);
2778 if (err < 0)
2779 return err;
2780
2781 if (tb[IFLA_LINKINFO]) {
2782 err = nla_parse_nested(linkinfo, IFLA_INFO_MAX,
2783 tb[IFLA_LINKINFO], ifla_info_policy,
2784 NULL);
2785 if (err < 0)
2786 return err;
2787 } else
2788 memset(linkinfo, 0, sizeof(linkinfo));
2789
2790 if (linkinfo[IFLA_INFO_KIND]) {
2791 nla_strlcpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind));
2792 ops = rtnl_link_ops_get(kind);
2793 } else {
2794 kind[0] = '\0';
2795 ops = NULL;
2796 }
2797
2798 if (1) {
2799 struct nlattr *attr[ops ? ops->maxtype + 1 : 1];
2800 struct nlattr *slave_attr[m_ops ? m_ops->slave_maxtype + 1 : 1];
2801 struct nlattr **data = NULL;
2802 struct nlattr **slave_data = NULL;
2803 struct net *dest_net, *link_net = NULL;
2804
2805 if (ops) {
2806 if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) {
2807 err = nla_parse_nested(attr, ops->maxtype,
2808 linkinfo[IFLA_INFO_DATA],
2809 ops->policy, NULL);
2810 if (err < 0)
2811 return err;
2812 data = attr;
2813 }
2814 if (ops->validate) {
2815 err = ops->validate(tb, data, extack);
2816 if (err < 0)
2817 return err;
2818 }
2819 }
2820
2821 if (m_ops) {
2822 if (m_ops->slave_maxtype &&
2823 linkinfo[IFLA_INFO_SLAVE_DATA]) {
2824 err = nla_parse_nested(slave_attr,
2825 m_ops->slave_maxtype,
2826 linkinfo[IFLA_INFO_SLAVE_DATA],
2827 m_ops->slave_policy,
2828 NULL);
2829 if (err < 0)
2830 return err;
2831 slave_data = slave_attr;
2832 }
2833 }
2834
2835 if (dev) {
2836 int status = 0;
2837
2838 if (nlh->nlmsg_flags & NLM_F_EXCL)
2839 return -EEXIST;
2840 if (nlh->nlmsg_flags & NLM_F_REPLACE)
2841 return -EOPNOTSUPP;
2842
2843 if (linkinfo[IFLA_INFO_DATA]) {
2844 if (!ops || ops != dev->rtnl_link_ops ||
2845 !ops->changelink)
2846 return -EOPNOTSUPP;
2847
2848 err = ops->changelink(dev, tb, data, extack);
2849 if (err < 0)
2850 return err;
2851 status |= DO_SETLINK_NOTIFY;
2852 }
2853
2854 if (linkinfo[IFLA_INFO_SLAVE_DATA]) {
2855 if (!m_ops || !m_ops->slave_changelink)
2856 return -EOPNOTSUPP;
2857
2858 err = m_ops->slave_changelink(master_dev, dev,
2859 tb, slave_data,
2860 extack);
2861 if (err < 0)
2862 return err;
2863 status |= DO_SETLINK_NOTIFY;
2864 }
2865
2866 return do_setlink(skb, dev, ifm, extack, tb, ifname,
2867 status);
2868 }
2869
2870 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
2871 if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
2872 return rtnl_group_changelink(skb, net,
2873 nla_get_u32(tb[IFLA_GROUP]),
2874 ifm, extack, tb);
2875 return -ENODEV;
2876 }
2877
2878 if (tb[IFLA_MAP] || tb[IFLA_PROTINFO])
2879 return -EOPNOTSUPP;
2880
2881 if (!ops) {
2882 #ifdef CONFIG_MODULES
2883 if (kind[0]) {
2884 __rtnl_unlock();
2885 request_module("rtnl-link-%s", kind);
2886 rtnl_lock();
2887 ops = rtnl_link_ops_get(kind);
2888 if (ops)
2889 goto replay;
2890 }
2891 #endif
2892 return -EOPNOTSUPP;
2893 }
2894
2895 if (!ops->setup)
2896 return -EOPNOTSUPP;
2897
2898 if (!ifname[0]) {
2899 snprintf(ifname, IFNAMSIZ, "%s%%d", ops->kind);
2900 name_assign_type = NET_NAME_ENUM;
2901 }
2902
> 2903 dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN);
2904 if (IS_ERR(dest_net))
2905 return PTR_ERR(dest_net);
2906
2907 if (tb[IFLA_LINK_NETNSID]) {
2908 int id = nla_get_s32(tb[IFLA_LINK_NETNSID]);
2909
2910 link_net = get_net_ns_by_id(dest_net, id);
2911 if (!link_net) {
2912 err = -EINVAL;
2913 goto out;
2914 }
2915 err = -EPERM;
2916 if (!netlink_ns_capable(skb, link_net->user_ns, CAP_NET_ADMIN))
2917 goto out;
2918 }
2919
2920 dev = rtnl_create_link(link_net ? : dest_net, ifname,
2921 name_assign_type, ops, tb);
2922 if (IS_ERR(dev)) {
2923 err = PTR_ERR(dev);
2924 goto out;
2925 }
2926
2927 dev->ifindex = ifm->ifi_index;
2928
2929 if (ops->newlink) {
2930 err = ops->newlink(link_net ? : net, dev, tb, data,
2931 extack);
2932 /* Drivers should call free_netdev() in ->destructor
2933 * and unregister it on failure after registration
2934 * so that device could be finally freed in rtnl_unlock.
2935 */
2936 if (err < 0) {
2937 /* If device is not registered at all, free it now */
2938 if (dev->reg_state == NETREG_UNINITIALIZED)
2939 free_netdev(dev);
2940 goto out;
2941 }
2942 } else {
2943 err = register_netdevice(dev);
2944 if (err < 0) {
2945 free_netdev(dev);
2946 goto out;
2947 }
2948 }
2949 err = rtnl_configure_link(dev, ifm);
2950 if (err < 0)
2951 goto out_unregister;
2952 if (link_net) {
2953 err = dev_change_net_namespace(dev, dest_net, ifname);
2954 if (err < 0)
2955 goto out_unregister;
2956 }
2957 if (tb[IFLA_MASTER]) {
2958 err = do_set_master(dev, nla_get_u32(tb[IFLA_MASTER]),
2959 extack);
2960 if (err)
2961 goto out_unregister;
2962 }
2963 out:
2964 if (link_net)
2965 put_net(link_net);
2966 put_net(dest_net);
2967 return err;
2968 out_unregister:
2969 if (ops->newlink) {
2970 LIST_HEAD(list_kill);
2971
2972 ops->dellink(dev, &list_kill);
2973 unregister_netdevice_many(&list_kill);
2974 } else {
2975 unregister_netdevice(dev);
2976 }
2977 goto out;
2978 }
2979 }
2980
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
On Wed, Jan 31, 2018 at 12:13:11AM +0800, kbuild test robot wrote: > Hi Christian, > > Thank you for the patch! Yet something to improve: > > [auto build test ERROR on net-next/master] > > url: https://github.com/0day-ci/linux/commits/Christian-Brauner/rtnetlink-enable-IFLA_IF_NETNSID-for-RTM_NEWLINK/20180130-230918 > config: i386-randconfig-a1-201804 (attached as .config) > compiler: gcc-4.9 (Debian 4.9.4-2) 4.9.4 > reproduce: > # save the attached .config to linux build tree > make ARCH=i386 > > All errors (new ones prefixed by >>): > > net/core/rtnetlink.c: In function 'rtnl_newlink': > >> net/core/rtnetlink.c:2903:3: error: implicit declaration of function 'rtnl_link_get_net_capable' [-Werror=implicit-function-declaration] > dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN); > ^ The patch is against Dave's net-next tree which already contains a merged prior patch series from me which introduces the missing function. So I'd say this is safe to ignore. Thanks! Christian > net/core/rtnetlink.c:2903:12: warning: assignment makes pointer from integer without a cast > dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN); > ^ > cc1: some warnings being treated as errors > > vim +/rtnl_link_get_net_capable +2903 net/core/rtnetlink.c > > 2729 > 2730 static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh, > 2731 struct netlink_ext_ack *extack) > 2732 { > 2733 struct net *net = sock_net(skb->sk); > 2734 const struct rtnl_link_ops *ops; > 2735 const struct rtnl_link_ops *m_ops = NULL; > 2736 struct net_device *dev; > 2737 struct net_device *master_dev = NULL; > 2738 struct ifinfomsg *ifm; > 2739 char kind[MODULE_NAME_LEN]; > 2740 char ifname[IFNAMSIZ]; > 2741 struct nlattr *tb[IFLA_MAX+1]; > 2742 struct nlattr *linkinfo[IFLA_INFO_MAX+1]; > 2743 unsigned char name_assign_type = NET_NAME_USER; > 2744 int err; > 2745 > 2746 #ifdef CONFIG_MODULES > 2747 replay: > 2748 #endif > 2749 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack); > 2750 if (err < 0) > 2751 return err; > 2752 > 2753 if (tb[IFLA_IF_NETNSID]) > 2754 return -EOPNOTSUPP; > 2755 > 2756 if (tb[IFLA_IFNAME]) > 2757 nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ); > 2758 else > 2759 ifname[0] = '\0'; > 2760 > 2761 ifm = nlmsg_data(nlh); > 2762 if (ifm->ifi_index > 0) > 2763 dev = __dev_get_by_index(net, ifm->ifi_index); > 2764 else { > 2765 if (ifname[0]) > 2766 dev = __dev_get_by_name(net, ifname); > 2767 else > 2768 dev = NULL; > 2769 } > 2770 > 2771 if (dev) { > 2772 master_dev = netdev_master_upper_dev_get(dev); > 2773 if (master_dev) > 2774 m_ops = master_dev->rtnl_link_ops; > 2775 } > 2776 > 2777 err = validate_linkmsg(dev, tb); > 2778 if (err < 0) > 2779 return err; > 2780 > 2781 if (tb[IFLA_LINKINFO]) { > 2782 err = nla_parse_nested(linkinfo, IFLA_INFO_MAX, > 2783 tb[IFLA_LINKINFO], ifla_info_policy, > 2784 NULL); > 2785 if (err < 0) > 2786 return err; > 2787 } else > 2788 memset(linkinfo, 0, sizeof(linkinfo)); > 2789 > 2790 if (linkinfo[IFLA_INFO_KIND]) { > 2791 nla_strlcpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind)); > 2792 ops = rtnl_link_ops_get(kind); > 2793 } else { > 2794 kind[0] = '\0'; > 2795 ops = NULL; > 2796 } > 2797 > 2798 if (1) { > 2799 struct nlattr *attr[ops ? ops->maxtype + 1 : 1]; > 2800 struct nlattr *slave_attr[m_ops ? m_ops->slave_maxtype + 1 : 1]; > 2801 struct nlattr **data = NULL; > 2802 struct nlattr **slave_data = NULL; > 2803 struct net *dest_net, *link_net = NULL; > 2804 > 2805 if (ops) { > 2806 if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) { > 2807 err = nla_parse_nested(attr, ops->maxtype, > 2808 linkinfo[IFLA_INFO_DATA], > 2809 ops->policy, NULL); > 2810 if (err < 0) > 2811 return err; > 2812 data = attr; > 2813 } > 2814 if (ops->validate) { > 2815 err = ops->validate(tb, data, extack); > 2816 if (err < 0) > 2817 return err; > 2818 } > 2819 } > 2820 > 2821 if (m_ops) { > 2822 if (m_ops->slave_maxtype && > 2823 linkinfo[IFLA_INFO_SLAVE_DATA]) { > 2824 err = nla_parse_nested(slave_attr, > 2825 m_ops->slave_maxtype, > 2826 linkinfo[IFLA_INFO_SLAVE_DATA], > 2827 m_ops->slave_policy, > 2828 NULL); > 2829 if (err < 0) > 2830 return err; > 2831 slave_data = slave_attr; > 2832 } > 2833 } > 2834 > 2835 if (dev) { > 2836 int status = 0; > 2837 > 2838 if (nlh->nlmsg_flags & NLM_F_EXCL) > 2839 return -EEXIST; > 2840 if (nlh->nlmsg_flags & NLM_F_REPLACE) > 2841 return -EOPNOTSUPP; > 2842 > 2843 if (linkinfo[IFLA_INFO_DATA]) { > 2844 if (!ops || ops != dev->rtnl_link_ops || > 2845 !ops->changelink) > 2846 return -EOPNOTSUPP; > 2847 > 2848 err = ops->changelink(dev, tb, data, extack); > 2849 if (err < 0) > 2850 return err; > 2851 status |= DO_SETLINK_NOTIFY; > 2852 } > 2853 > 2854 if (linkinfo[IFLA_INFO_SLAVE_DATA]) { > 2855 if (!m_ops || !m_ops->slave_changelink) > 2856 return -EOPNOTSUPP; > 2857 > 2858 err = m_ops->slave_changelink(master_dev, dev, > 2859 tb, slave_data, > 2860 extack); > 2861 if (err < 0) > 2862 return err; > 2863 status |= DO_SETLINK_NOTIFY; > 2864 } > 2865 > 2866 return do_setlink(skb, dev, ifm, extack, tb, ifname, > 2867 status); > 2868 } > 2869 > 2870 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) { > 2871 if (ifm->ifi_index == 0 && tb[IFLA_GROUP]) > 2872 return rtnl_group_changelink(skb, net, > 2873 nla_get_u32(tb[IFLA_GROUP]), > 2874 ifm, extack, tb); > 2875 return -ENODEV; > 2876 } > 2877 > 2878 if (tb[IFLA_MAP] || tb[IFLA_PROTINFO]) > 2879 return -EOPNOTSUPP; > 2880 > 2881 if (!ops) { > 2882 #ifdef CONFIG_MODULES > 2883 if (kind[0]) { > 2884 __rtnl_unlock(); > 2885 request_module("rtnl-link-%s", kind); > 2886 rtnl_lock(); > 2887 ops = rtnl_link_ops_get(kind); > 2888 if (ops) > 2889 goto replay; > 2890 } > 2891 #endif > 2892 return -EOPNOTSUPP; > 2893 } > 2894 > 2895 if (!ops->setup) > 2896 return -EOPNOTSUPP; > 2897 > 2898 if (!ifname[0]) { > 2899 snprintf(ifname, IFNAMSIZ, "%s%%d", ops->kind); > 2900 name_assign_type = NET_NAME_ENUM; > 2901 } > 2902 > > 2903 dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN); > 2904 if (IS_ERR(dest_net)) > 2905 return PTR_ERR(dest_net); > 2906 > 2907 if (tb[IFLA_LINK_NETNSID]) { > 2908 int id = nla_get_s32(tb[IFLA_LINK_NETNSID]); > 2909 > 2910 link_net = get_net_ns_by_id(dest_net, id); > 2911 if (!link_net) { > 2912 err = -EINVAL; > 2913 goto out; > 2914 } > 2915 err = -EPERM; > 2916 if (!netlink_ns_capable(skb, link_net->user_ns, CAP_NET_ADMIN)) > 2917 goto out; > 2918 } > 2919 > 2920 dev = rtnl_create_link(link_net ? : dest_net, ifname, > 2921 name_assign_type, ops, tb); > 2922 if (IS_ERR(dev)) { > 2923 err = PTR_ERR(dev); > 2924 goto out; > 2925 } > 2926 > 2927 dev->ifindex = ifm->ifi_index; > 2928 > 2929 if (ops->newlink) { > 2930 err = ops->newlink(link_net ? : net, dev, tb, data, > 2931 extack); > 2932 /* Drivers should call free_netdev() in ->destructor > 2933 * and unregister it on failure after registration > 2934 * so that device could be finally freed in rtnl_unlock. > 2935 */ > 2936 if (err < 0) { > 2937 /* If device is not registered at all, free it now */ > 2938 if (dev->reg_state == NETREG_UNINITIALIZED) > 2939 free_netdev(dev); > 2940 goto out; > 2941 } > 2942 } else { > 2943 err = register_netdevice(dev); > 2944 if (err < 0) { > 2945 free_netdev(dev); > 2946 goto out; > 2947 } > 2948 } > 2949 err = rtnl_configure_link(dev, ifm); > 2950 if (err < 0) > 2951 goto out_unregister; > 2952 if (link_net) { > 2953 err = dev_change_net_namespace(dev, dest_net, ifname); > 2954 if (err < 0) > 2955 goto out_unregister; > 2956 } > 2957 if (tb[IFLA_MASTER]) { > 2958 err = do_set_master(dev, nla_get_u32(tb[IFLA_MASTER]), > 2959 extack); > 2960 if (err) > 2961 goto out_unregister; > 2962 } > 2963 out: > 2964 if (link_net) > 2965 put_net(link_net); > 2966 put_net(dest_net); > 2967 return err; > 2968 out_unregister: > 2969 if (ops->newlink) { > 2970 LIST_HEAD(list_kill); > 2971 > 2972 ops->dellink(dev, &list_kill); > 2973 unregister_netdevice_many(&list_kill); > 2974 } else { > 2975 unregister_netdevice(dev); > 2976 } > 2977 goto out; > 2978 } > 2979 } > 2980 > > --- > 0-DAY kernel test infrastructure Open Source Technology Center > https://lists.01.org/pipermail/kbuild-all Intel Corporation
From: Christian Brauner <christian.brauner@ubuntu.com> Date: Mon, 29 Jan 2018 18:07:20 +0100 > - Backwards Compatibility: > If userspace wants to determine whether RTM_NEWLINK supports the > IFLA_IF_NETNSID property they should first send an RTM_GETLINK request > with IFLA_IF_NETNSID on lo. If either EACCESS is returned or the reply > does not include IFLA_IF_NETNSID userspace should assume that > IFLA_IF_NETNSID is not supported on this kernel. > If the reply does contain an IFLA_IF_NETNSID property userspace > can send an RTM_NEWLINK with a IFLA_IF_NETNSID property. If they receive > EOPNOTSUPP then the kernel does not support the IFLA_IF_NETNSID property > with RTM_NEWLINK. Userpace should then fallback to other means. > > - Security: > Callers must have CAP_NET_ADMIN in the owning user namespace of the > target network namespace. > > Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Applied.
On Wed, Jan 31, 2018 at 10:30:44AM -0500, David Miller wrote: > From: Christian Brauner <christian.brauner@ubuntu.com> > Date: Mon, 29 Jan 2018 18:07:20 +0100 > > > - Backwards Compatibility: > > If userspace wants to determine whether RTM_NEWLINK supports the > > IFLA_IF_NETNSID property they should first send an RTM_GETLINK request > > with IFLA_IF_NETNSID on lo. If either EACCESS is returned or the reply > > does not include IFLA_IF_NETNSID userspace should assume that > > IFLA_IF_NETNSID is not supported on this kernel. > > If the reply does contain an IFLA_IF_NETNSID property userspace > > can send an RTM_NEWLINK with a IFLA_IF_NETNSID property. If they receive > > EOPNOTSUPP then the kernel does not support the IFLA_IF_NETNSID property > > with RTM_NEWLINK. Userpace should then fallback to other means. > > > > - Security: > > Callers must have CAP_NET_ADMIN in the owning user namespace of the > > target network namespace. > > > > Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> > > Applied. Thanks!
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index f111557958bb..889b34f78a44 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -2954,14 +2954,10 @@ static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh, name_assign_type = NET_NAME_ENUM; } - dest_net = rtnl_link_get_net(net, tb); + dest_net = rtnl_link_get_net_capable(skb, net, tb, CAP_NET_ADMIN); if (IS_ERR(dest_net)) return PTR_ERR(dest_net); - err = -EPERM; - if (!netlink_ns_capable(skb, dest_net->user_ns, CAP_NET_ADMIN)) - goto out; - if (tb[IFLA_LINK_NETNSID]) { int id = nla_get_s32(tb[IFLA_LINK_NETNSID]);
- Backwards Compatibility: If userspace wants to determine whether RTM_NEWLINK supports the IFLA_IF_NETNSID property they should first send an RTM_GETLINK request with IFLA_IF_NETNSID on lo. If either EACCESS is returned or the reply does not include IFLA_IF_NETNSID userspace should assume that IFLA_IF_NETNSID is not supported on this kernel. If the reply does contain an IFLA_IF_NETNSID property userspace can send an RTM_NEWLINK with a IFLA_IF_NETNSID property. If they receive EOPNOTSUPP then the kernel does not support the IFLA_IF_NETNSID property with RTM_NEWLINK. Userpace should then fallback to other means. - Security: Callers must have CAP_NET_ADMIN in the owning user namespace of the target network namespace. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> --- net/core/rtnetlink.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-)