1 /* 2 * Operations on the network namespace 3 */ 4 #ifndef __NET_NET_NAMESPACE_H 5 #define __NET_NET_NAMESPACE_H 6 7 #include <asm/atomic.h> 8 #include <linux/workqueue.h> 9 #include <linux/list.h> 10 11 #include <net/netns/core.h> 12 #include <net/netns/mib.h> 13 #include <net/netns/unix.h> 14 #include <net/netns/packet.h> 15 #include <net/netns/ipv4.h> 16 #include <net/netns/ipv6.h> 17 #include <net/netns/dccp.h> 18 #include <net/netns/x_tables.h> 19 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) 20 #include <net/netns/conntrack.h> 21 #endif 22 #include <net/netns/xfrm.h> 23 24 struct proc_dir_entry; 25 struct net_device; 26 struct sock; 27 struct ctl_table_header; 28 struct net_generic; 29 struct sock; 30 31 struct net { 32 atomic_t count; /* To decided when the network 33 * namespace should be freed. 34 */ 35 #ifdef NETNS_REFCNT_DEBUG 36 atomic_t use_count; /* To track references we 37 * destroy on demand 38 */ 39 #endif 40 struct list_head list; /* list of network namespaces */ 41 struct work_struct work; /* work struct for freeing */ 42 43 struct proc_dir_entry *proc_net; 44 struct proc_dir_entry *proc_net_stat; 45 46 #ifdef CONFIG_SYSCTL 47 struct ctl_table_set sysctls; 48 #endif 49 50 struct net_device *loopback_dev; /* The loopback */ 51 52 struct list_head dev_base_head; 53 struct hlist_head *dev_name_head; 54 struct hlist_head *dev_index_head; 55 56 /* core fib_rules */ 57 struct list_head rules_ops; 58 spinlock_t rules_mod_lock; 59 60 struct sock *rtnl; /* rtnetlink socket */ 61 struct sock *genl_sock; 62 63 struct netns_core core; 64 struct netns_mib mib; 65 struct netns_packet packet; 66 struct netns_unix unx; 67 struct netns_ipv4 ipv4; 68 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 69 struct netns_ipv6 ipv6; 70 #endif 71 #if defined(CONFIG_IP_DCCP) || defined(CONFIG_IP_DCCP_MODULE) 72 struct netns_dccp dccp; 73 #endif 74 #ifdef CONFIG_NETFILTER 75 struct netns_xt xt; 76 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) 77 struct netns_ct ct; 78 #endif 79 #endif 80 #ifdef CONFIG_XFRM 81 struct netns_xfrm xfrm; 82 #endif 83 #ifdef CONFIG_WIRELESS_EXT 84 struct sk_buff_head wext_nlevents; 85 #endif 86 struct net_generic *gen; 87 }; 88 89 90 #include <linux/seq_file_net.h> 91 92 /* Init's network namespace */ 93 extern struct net init_net; 94 95 #ifdef CONFIG_NET 96 #define INIT_NET_NS(net_ns) .net_ns = &init_net, 97 98 extern struct net *copy_net_ns(unsigned long flags, struct net *net_ns); 99 100 #else /* CONFIG_NET */ 101 102 #define INIT_NET_NS(net_ns) 103 104 static inline struct net *copy_net_ns(unsigned long flags, struct net *net_ns) 105 { 106 /* There is nothing to copy so this is a noop */ 107 return net_ns; 108 } 109 #endif /* CONFIG_NET */ 110 111 112 extern struct list_head net_namespace_list; 113 114 extern struct net *get_net_ns_by_pid(pid_t pid); 115 116 #ifdef CONFIG_NET_NS 117 extern void __put_net(struct net *net); 118 119 static inline struct net *get_net(struct net *net) 120 { 121 atomic_inc(&net->count); 122 return net; 123 } 124 125 static inline struct net *maybe_get_net(struct net *net) 126 { 127 /* Used when we know struct net exists but we 128 * aren't guaranteed a previous reference count 129 * exists. If the reference count is zero this 130 * function fails and returns NULL. 131 */ 132 if (!atomic_inc_not_zero(&net->count)) 133 net = NULL; 134 return net; 135 } 136 137 static inline void put_net(struct net *net) 138 { 139 if (atomic_dec_and_test(&net->count)) 140 __put_net(net); 141 } 142 143 static inline 144 int net_eq(const struct net *net1, const struct net *net2) 145 { 146 return net1 == net2; 147 } 148 #else 149 150 static inline struct net *get_net(struct net *net) 151 { 152 return net; 153 } 154 155 static inline void put_net(struct net *net) 156 { 157 } 158 159 static inline struct net *maybe_get_net(struct net *net) 160 { 161 return net; 162 } 163 164 static inline 165 int net_eq(const struct net *net1, const struct net *net2) 166 { 167 return 1; 168 } 169 #endif 170 171 172 #ifdef NETNS_REFCNT_DEBUG 173 static inline struct net *hold_net(struct net *net) 174 { 175 if (net) 176 atomic_inc(&net->use_count); 177 return net; 178 } 179 180 static inline void release_net(struct net *net) 181 { 182 if (net) 183 atomic_dec(&net->use_count); 184 } 185 #else 186 static inline struct net *hold_net(struct net *net) 187 { 188 return net; 189 } 190 191 static inline void release_net(struct net *net) 192 { 193 } 194 #endif 195 196 #ifdef CONFIG_NET_NS 197 198 static inline void write_pnet(struct net **pnet, struct net *net) 199 { 200 *pnet = net; 201 } 202 203 static inline struct net *read_pnet(struct net * const *pnet) 204 { 205 return *pnet; 206 } 207 208 #else 209 210 #define write_pnet(pnet, net) do { (void)(net);} while (0) 211 #define read_pnet(pnet) (&init_net) 212 213 #endif 214 215 #define for_each_net(VAR) \ 216 list_for_each_entry(VAR, &net_namespace_list, list) 217 218 #define for_each_net_rcu(VAR) \ 219 list_for_each_entry_rcu(VAR, &net_namespace_list, list) 220 221 #ifdef CONFIG_NET_NS 222 #define __net_init 223 #define __net_exit 224 #define __net_initdata 225 #else 226 #define __net_init __init 227 #define __net_exit __exit_refok 228 #define __net_initdata __initdata 229 #endif 230 231 struct pernet_operations { 232 struct list_head list; 233 int (*init)(struct net *net); 234 void (*exit)(struct net *net); 235 }; 236 237 /* 238 * Use these carefully. If you implement a network device and it 239 * needs per network namespace operations use device pernet operations, 240 * otherwise use pernet subsys operations. 241 * 242 * Network interfaces need to be removed from a dying netns _before_ 243 * subsys notifiers can be called, as most of the network code cleanup 244 * (which is done from subsys notifiers) runs with the assumption that 245 * dev_remove_pack has been called so no new packets will arrive during 246 * and after the cleanup functions have been called. dev_remove_pack 247 * is not per namespace so instead the guarantee of no more packets 248 * arriving in a network namespace is provided by ensuring that all 249 * network devices and all sockets have left the network namespace 250 * before the cleanup methods are called. 251 * 252 * For the longest time the ipv4 icmp code was registered as a pernet 253 * device which caused kernel oops, and panics during network 254 * namespace cleanup. So please don't get this wrong. 255 */ 256 extern int register_pernet_subsys(struct pernet_operations *); 257 extern void unregister_pernet_subsys(struct pernet_operations *); 258 extern int register_pernet_gen_subsys(int *id, struct pernet_operations *); 259 extern void unregister_pernet_gen_subsys(int id, struct pernet_operations *); 260 extern int register_pernet_device(struct pernet_operations *); 261 extern void unregister_pernet_device(struct pernet_operations *); 262 extern int register_pernet_gen_device(int *id, struct pernet_operations *); 263 extern void unregister_pernet_gen_device(int id, struct pernet_operations *); 264 265 struct ctl_path; 266 struct ctl_table; 267 struct ctl_table_header; 268 269 extern struct ctl_table_header *register_net_sysctl_table(struct net *net, 270 const struct ctl_path *path, struct ctl_table *table); 271 extern struct ctl_table_header *register_net_sysctl_rotable( 272 const struct ctl_path *path, struct ctl_table *table); 273 extern void unregister_net_sysctl_table(struct ctl_table_header *header); 274 275 #endif /* __NET_NET_NAMESPACE_H */ 276