[thirdparty/linux.git] / include / net / net_namespace.h

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * Operations on the network namespace
 */
#ifndef __NET_NET_NAMESPACE_H
#define __NET_NET_NAMESPACE_H

#include <linux/atomic.h>
#include <linux/refcount.h>
#include <linux/workqueue.h>
#include <linux/list.h>
#include <linux/sysctl.h>
#include <linux/uidgid.h>

#include <net/flow.h>
#include <net/netns/core.h>
#include <net/netns/mib.h>
#include <net/netns/unix.h>
#include <net/netns/packet.h>
#include <net/netns/ipv4.h>
#include <net/netns/ipv6.h>
#include <net/netns/nexthop.h>
#include <net/netns/ieee802154_6lowpan.h>
#include <net/netns/sctp.h>
#include <net/netns/dccp.h>
#include <net/netns/netfilter.h>
#include <net/netns/x_tables.h>
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
#include <net/netns/conntrack.h>
#endif
#include <net/netns/nftables.h>
#include <net/netns/xfrm.h>
#include <net/netns/mpls.h>
#include <net/netns/can.h>
#include <net/netns/xdp.h>
#include <linux/ns_common.h>
#include <linux/idr.h>
#include <linux/skbuff.h>
#include <linux/notifier.h>

struct user_namespace;
struct proc_dir_entry;
struct net_device;
struct sock;
struct ctl_table_header;
struct net_generic;
struct uevent_sock;
struct netns_ipvs;
struct bpf_prog;


#define NETDEV_HASHBITS    8
#define NETDEV_HASHENTRIES (1 << NETDEV_HASHBITS)

struct net {
	/* First cache line can be often dirtied.
	 * Do not place here read-mostly fields.
	 */
	refcount_t		passive;	/* To decide when the network
						 * namespace should be freed.
						 */
	refcount_t		count;		/* To decided when the network
						 *  namespace should be shut down.
						 */
	spinlock_t		rules_mod_lock;

	unsigned int		dev_unreg_count;

	unsigned int		dev_base_seq;	/* protected by rtnl_mutex */
	int			ifindex;

	spinlock_t		nsid_lock;
	atomic_t		fnhe_genid;

	struct list_head	list;		/* list of network namespaces */
	struct list_head	exit_list;	/* To linked to call pernet exit
						 * methods on dead net (
						 * pernet_ops_rwsem read locked),
						 * or to unregister pernet ops
						 * (pernet_ops_rwsem write locked).
						 */
	struct llist_node	cleanup_list;	/* namespaces on death row */

#ifdef CONFIG_KEYS
	struct key_tag		*key_domain;	/* Key domain of operation tag */
#endif
	struct user_namespace   *user_ns;	/* Owning user namespace */
	struct ucounts		*ucounts;
	struct idr		netns_ids;

	struct ns_common	ns;

	struct list_head 	dev_base_head;
	struct proc_dir_entry 	*proc_net;
	struct proc_dir_entry 	*proc_net_stat;

#ifdef CONFIG_SYSCTL
	struct ctl_table_set	sysctls;
#endif

	struct sock 		*rtnl;			/* rtnetlink socket */
	struct sock		*genl_sock;

	struct uevent_sock	*uevent_sock;		/* uevent socket */

	struct hlist_head 	*dev_name_head;
	struct hlist_head	*dev_index_head;
	struct raw_notifier_head	netdev_chain;

	/* Note that @hash_mix can be read millions times per second,
	 * it is critical that it is on a read_mostly cache line.
	 */
	u32			hash_mix;

	struct net_device       *loopback_dev;          /* The loopback */

	/* core fib_rules */
	struct list_head	rules_ops;

	struct netns_core	core;
	struct netns_mib	mib;
	struct netns_packet	packet;
	struct netns_unix	unx;
	struct netns_nexthop	nexthop;
	struct netns_ipv4	ipv4;
#if IS_ENABLED(CONFIG_IPV6)
	struct netns_ipv6	ipv6;
#endif
#if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
	struct netns_ieee802154_lowpan	ieee802154_lowpan;
#endif
#if defined(CONFIG_IP_SCTP) || defined(CONFIG_IP_SCTP_MODULE)
	struct netns_sctp	sctp;
#endif
#if defined(CONFIG_IP_DCCP) || defined(CONFIG_IP_DCCP_MODULE)
	struct netns_dccp	dccp;
#endif
#ifdef CONFIG_NETFILTER
	struct netns_nf		nf;
	struct netns_xt		xt;
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
	struct netns_ct		ct;
#endif
#if defined(CONFIG_NF_TABLES) || defined(CONFIG_NF_TABLES_MODULE)
	struct netns_nftables	nft;
#endif
#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
	struct netns_nf_frag	nf_frag;
	struct ctl_table_header *nf_frag_frags_hdr;
#endif
	struct sock		*nfnl;
	struct sock		*nfnl_stash;
#if IS_ENABLED(CONFIG_NETFILTER_NETLINK_ACCT)
	struct list_head        nfnl_acct_list;
#endif
#if IS_ENABLED(CONFIG_NF_CT_NETLINK_TIMEOUT)
	struct list_head	nfct_timeout_list;
#endif
#endif
#ifdef CONFIG_WEXT_CORE
	struct sk_buff_head	wext_nlevents;
#endif
	struct net_generic __rcu	*gen;

	struct bpf_prog __rcu	*flow_dissector_prog;

	/* Note : following structs are cache line aligned */
#ifdef CONFIG_XFRM
	struct netns_xfrm	xfrm;
#endif

	atomic64_t		net_cookie; /* written once */

#if IS_ENABLED(CONFIG_IP_VS)
	struct netns_ipvs	*ipvs;
#endif
#if IS_ENABLED(CONFIG_MPLS)
	struct netns_mpls	mpls;
#endif
#if IS_ENABLED(CONFIG_CAN)
	struct netns_can	can;
#endif
#ifdef CONFIG_XDP_SOCKETS
	struct netns_xdp	xdp;
#endif
#if IS_ENABLED(CONFIG_CRYPTO_USER)
	struct sock		*crypto_nlsk;
#endif
	struct sock		*diag_nlsk;
} __randomize_layout;

#include <linux/seq_file_net.h>

/* Init's network namespace */
extern struct net init_net;

#ifdef CONFIG_NET_NS
struct net *copy_net_ns(unsigned long flags, struct user_namespace *user_ns,
			struct net *old_net);

void net_ns_get_ownership(const struct net *net, kuid_t *uid, kgid_t *gid);

void net_ns_barrier(void);
#else /* CONFIG_NET_NS */
#include <linux/sched.h>
#include <linux/nsproxy.h>
static inline struct net *copy_net_ns(unsigned long flags,
	struct user_namespace *user_ns, struct net *old_net)
{
	if (flags & CLONE_NEWNET)
		return ERR_PTR(-EINVAL);
	return old_net;
}

static inline void net_ns_get_ownership(const struct net *net,
					kuid_t *uid, kgid_t *gid)
{
	*uid = GLOBAL_ROOT_UID;
	*gid = GLOBAL_ROOT_GID;
}

static inline void net_ns_barrier(void) {}
#endif /* CONFIG_NET_NS */


extern struct list_head net_namespace_list;

struct net *get_net_ns_by_pid(pid_t pid);
struct net *get_net_ns_by_fd(int fd);

u64 net_gen_cookie(struct net *net);

#ifdef CONFIG_SYSCTL
void ipx_register_sysctl(void);
void ipx_unregister_sysctl(void);
#else
#define ipx_register_sysctl()
#define ipx_unregister_sysctl()
#endif

#ifdef CONFIG_NET_NS
void __put_net(struct net *net);

static inline struct net *get_net(struct net *net)
{
	refcount_inc(&net->count);
	return net;
}

static inline struct net *maybe_get_net(struct net *net)
{
	/* Used when we know struct net exists but we
	 * aren't guaranteed a previous reference count
	 * exists.  If the reference count is zero this
	 * function fails and returns NULL.
	 */
	if (!refcount_inc_not_zero(&net->count))
		net = NULL;
	return net;
}

static inline void put_net(struct net *net)
{
	if (refcount_dec_and_test(&net->count))
		__put_net(net);
}

static inline
int net_eq(const struct net *net1, const struct net *net2)
{
	return net1 == net2;
}

static inline int check_net(const struct net *net)
{
	return refcount_read(&net->count) != 0;
}

void net_drop_ns(void *);

#else

static inline struct net *get_net(struct net *net)
{
	return net;
}

static inline void put_net(struct net *net)
{
}

static inline struct net *maybe_get_net(struct net *net)
{
	return net;
}

static inline
int net_eq(const struct net *net1, const struct net *net2)
{
	return 1;
}

static inline int check_net(const struct net *net)
{
	return 1;
}

#define net_drop_ns NULL
#endif


typedef struct {
#ifdef CONFIG_NET_NS
	struct net *net;
#endif
} possible_net_t;

static inline void write_pnet(possible_net_t *pnet, struct net *net)
{
#ifdef CONFIG_NET_NS
	pnet->net = net;
#endif
}

static inline struct net *read_pnet(const possible_net_t *pnet)
{
#ifdef CONFIG_NET_NS
	return pnet->net;
#else
	return &init_net;
#endif
}

/* Protected by net_rwsem */
#define for_each_net(VAR)				\
	list_for_each_entry(VAR, &net_namespace_list, list)
#define for_each_net_continue_reverse(VAR)		\
	list_for_each_entry_continue_reverse(VAR, &net_namespace_list, list)
#define for_each_net_rcu(VAR)				\
	list_for_each_entry_rcu(VAR, &net_namespace_list, list)

#ifdef CONFIG_NET_NS
#define __net_init
#define __net_exit
#define __net_initdata
#define __net_initconst
#else
#define __net_init	__init
#define __net_exit	__ref
#define __net_initdata	__initdata
#define __net_initconst	__initconst
#endif

int peernet2id_alloc(struct net *net, struct net *peer, gfp_t gfp);
int peernet2id(const struct net *net, struct net *peer);
bool peernet_has_id(const struct net *net, struct net *peer);
struct net *get_net_ns_by_id(const struct net *net, int id);

struct pernet_operations {
	struct list_head list;
	/*
	 * Below methods are called without any exclusive locks.
	 * More than one net may be constructed and destructed
	 * in parallel on several cpus. Every pernet_operations
	 * have to keep in mind all other pernet_operations and
	 * to introduce a locking, if they share common resources.
	 *
	 * The only time they are called with exclusive lock is
	 * from register_pernet_subsys(), unregister_pernet_subsys()
	 * register_pernet_device() and unregister_pernet_device().
	 *
	 * Exit methods using blocking RCU primitives, such as
	 * synchronize_rcu(), should be implemented via exit_batch.
	 * Then, destruction of a group of net requires single
	 * synchronize_rcu() related to these pernet_operations,
	 * instead of separate synchronize_rcu() for every net.
	 * Please, avoid synchronize_rcu() at all, where it's possible.
	 *
	 * Note that a combination of pre_exit() and exit() can
	 * be used, since a synchronize_rcu() is guaranteed between
	 * the calls.
	 */
	int (*init)(struct net *net);
	void (*pre_exit)(struct net *net);
	void (*exit)(struct net *net);
	void (*exit_batch)(struct list_head *net_exit_list);
	unsigned int *id;
	size_t size;
};

/*
 * Use these carefully.  If you implement a network device and it
 * needs per network namespace operations use device pernet operations,
 * otherwise use pernet subsys operations.
 *
 * Network interfaces need to be removed from a dying netns _before_
 * subsys notifiers can be called, as most of the network code cleanup
 * (which is done from subsys notifiers) runs with the assumption that
 * dev_remove_pack has been called so no new packets will arrive during
 * and after the cleanup functions have been called.  dev_remove_pack
 * is not per namespace so instead the guarantee of no more packets
 * arriving in a network namespace is provided by ensuring that all
 * network devices and all sockets have left the network namespace
 * before the cleanup methods are called.
 *
 * For the longest time the ipv4 icmp code was registered as a pernet
 * device which caused kernel oops, and panics during network
 * namespace cleanup.   So please don't get this wrong.
 */
int register_pernet_subsys(struct pernet_operations *);
void unregister_pernet_subsys(struct pernet_operations *);
int register_pernet_device(struct pernet_operations *);
void unregister_pernet_device(struct pernet_operations *);

struct ctl_table;
struct ctl_table_header;

#ifdef CONFIG_SYSCTL
int net_sysctl_init(void);
struct ctl_table_header *register_net_sysctl(struct net *net, const char *path,
					     struct ctl_table *table);
void unregister_net_sysctl_table(struct ctl_table_header *header);
#else
static inline int net_sysctl_init(void) { return 0; }
static inline struct ctl_table_header *register_net_sysctl(struct net *net,
	const char *path, struct ctl_table *table)
{
	return NULL;
}
static inline void unregister_net_sysctl_table(struct ctl_table_header *header)
{
}
#endif

static inline int rt_genid_ipv4(const struct net *net)
{
	return atomic_read(&net->ipv4.rt_genid);
}

#if IS_ENABLED(CONFIG_IPV6)
static inline int rt_genid_ipv6(const struct net *net)
{
	return atomic_read(&net->ipv6.fib6_sernum);
}
#endif

static inline void rt_genid_bump_ipv4(struct net *net)
{
	atomic_inc(&net->ipv4.rt_genid);
}

extern void (*__fib6_flush_trees)(struct net *net);
static inline void rt_genid_bump_ipv6(struct net *net)
{
	if (__fib6_flush_trees)
		__fib6_flush_trees(net);
}

#if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
static inline struct netns_ieee802154_lowpan *
net_ieee802154_lowpan(struct net *net)
{
	return &net->ieee802154_lowpan;
}
#endif

/* For callers who don't really care about whether it's IPv4 or IPv6 */
static inline void rt_genid_bump_all(struct net *net)
{
	rt_genid_bump_ipv4(net);
	rt_genid_bump_ipv6(net);
}

static inline int fnhe_genid(const struct net *net)
{
	return atomic_read(&net->fnhe_genid);
}

static inline void fnhe_genid_bump(struct net *net)
{
	atomic_inc(&net->fnhe_genid);
}

#endif /* __NET_NET_NAMESPACE_H */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
5f256bec EB	2	/*
	3	* Operations on the network namespace
	4	*/
	5	#ifndef __NET_NET_NAMESPACE_H
	6	#define __NET_NET_NAMESPACE_H
	7
60063497	8	#include <linux/atomic.h>
c122e14d	9	#include <linux/refcount.h>
5f256bec EB	10	#include <linux/workqueue.h>
5f256bec EB	11	#include <linux/list.h>
bee95250	12	#include <linux/sysctl.h>
fbdeaed4	13	#include <linux/uidgid.h>
5f256bec	14
6a662719	15	#include <net/flow.h>
8efa6e93	16	#include <net/netns/core.h>
852566f5	17	#include <net/netns/mib.h>
a0a53c8b	18	#include <net/netns/unix.h>
2aaef4e4	19	#include <net/netns/packet.h>
8afd351c	20	#include <net/netns/ipv4.h>
b0f159db	21	#include <net/netns/ipv6.h>
ab84be7e	22	#include <net/netns/nexthop.h>
633fc86f	23	#include <net/netns/ieee802154_6lowpan.h>
4db67e80	24	#include <net/netns/sctp.h>
67019cc9	25	#include <net/netns/dccp.h>
f3c1a44a	26	#include <net/netns/netfilter.h>
8d870052	27	#include <net/netns/x_tables.h>
dfdb8d79 AD	28	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
	29	#include <net/netns/conntrack.h>
	30	#endif
99633ab2	31	#include <net/netns/nftables.h>
d62ddc21	32	#include <net/netns/xfrm.h>
0189197f	33	#include <net/netns/mpls.h>
8e8cda6d	34	#include <net/netns/can.h>
1d0dc069	35	#include <net/netns/xdp.h>
435d5f4b	36	#include <linux/ns_common.h>
04c52dec PNA	37	#include <linux/idr.h>
04c52dec PNA	38	#include <linux/skbuff.h>
a30c7b42	39	#include <linux/notifier.h>
a0a53c8b	40
038e7332	41	struct user_namespace;
457c4cbc	42	struct proc_dir_entry;
2774c7ab	43	struct net_device;
97c53cac	44	struct sock;
1597fbc0	45	struct ctl_table_header;
dec827d1	46	struct net_generic;
94e5e308	47	struct uevent_sock;
2553d064	48	struct netns_ipvs;
d58e468b	49	struct bpf_prog;
1597fbc0	50
7c28bd0b ED	51
	52	#define NETDEV_HASHBITS 8
	53	#define NETDEV_HASHENTRIES (1 << NETDEV_HASHBITS)
	54
5f256bec	55	struct net {
2a06b898 ED	56	/* First cache line can be often dirtied.
	57	* Do not place here read-mostly fields.
	58	*/
aad12c23	59	refcount_t passive; /* To decide when the network
a685e089 AV	60	* namespace should be freed.
a685e089 AV	61	*/
273c28bc	62	refcount_t count; /* To decided when the network
a685e089	63	* namespace should be shut down.
5f256bec	64	*/
8e602ce2 ED	65	spinlock_t rules_mod_lock;
8e602ce2 ED	66
2a06b898 ED	67	unsigned int dev_unreg_count;
	68
	69	unsigned int dev_base_seq; /* protected by rtnl_mutex */
	70	int ifindex;
	71
	72	spinlock_t nsid_lock;
	73	atomic_t fnhe_genid;
33cf7c90	74
5f256bec	75	struct list_head list; /* list of network namespaces */
19efbd93	76	struct list_head exit_list; /* To linked to call pernet exit
4420bf21 KT	77	* methods on dead net (
	78	* pernet_ops_rwsem read locked),
	79	* or to unregister pernet ops
	80	* (pernet_ops_rwsem write locked).
19efbd93	81	*/
65b7b5b9 KT	82	struct llist_node cleanup_list; /* namespaces on death row */
65b7b5b9 KT	83
9b242610 DH	84	#ifdef CONFIG_KEYS
	85	struct key_tag key_domain; / Key domain of operation tag */
	86	#endif
038e7332	87	struct user_namespace user_ns; / Owning user namespace */
70328660	88	struct ucounts *ucounts;
0c7aecd4	89	struct idr netns_ids;
038e7332	90
435d5f4b	91	struct ns_common ns;
98f842e6	92
2a06b898	93	struct list_head dev_base_head;
457c4cbc EB	94	struct proc_dir_entry *proc_net;
457c4cbc EB	95	struct proc_dir_entry *proc_net_stat;
881d966b	96
73455092 AV	97	#ifdef CONFIG_SYSCTL
	98	struct ctl_table_set sysctls;
	99	#endif
95bdfccb	100
8e602ce2 ED	101	struct sock rtnl; / rtnetlink socket */
8e602ce2 ED	102	struct sock *genl_sock;
2774c7ab	103
94e5e308 CB	104	struct uevent_sock uevent_sock; / uevent socket */
94e5e308 CB	105
881d966b EB	106	struct hlist_head *dev_name_head;
881d966b EB	107	struct hlist_head *dev_index_head;
a30c7b42 JP	108	struct raw_notifier_head netdev_chain;
a30c7b42 JP	109
2a06b898 ED	110	/* Note that @hash_mix can be read millions times per second,
	111	* it is critical that it is on a read_mostly cache line.
	112	*/
	113	u32 hash_mix;
	114
	115	struct net_device loopback_dev; / The loopback */
97c53cac	116
5fd30ee7 DL	117	/* core fib_rules */
5fd30ee7 DL	118	struct list_head rules_ops;
5fd30ee7	119
8efa6e93	120	struct netns_core core;
852566f5	121	struct netns_mib mib;
2aaef4e4	122	struct netns_packet packet;
a0a53c8b	123	struct netns_unix unx;
ab84be7e	124	struct netns_nexthop nexthop;
8afd351c	125	struct netns_ipv4 ipv4;
dfd56b8b	126	#if IS_ENABLED(CONFIG_IPV6)
b0f159db DL	127	struct netns_ipv6 ipv6;
b0f159db DL	128	#endif
633fc86f AA	129	#if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
	130	struct netns_ieee802154_lowpan ieee802154_lowpan;
	131	#endif
4db67e80 EB	132	#if defined(CONFIG_IP_SCTP) \|\| defined(CONFIG_IP_SCTP_MODULE)
	133	struct netns_sctp sctp;
	134	#endif
67019cc9 PE	135	#if defined(CONFIG_IP_DCCP) \|\| defined(CONFIG_IP_DCCP_MODULE)
	136	struct netns_dccp dccp;
	137	#endif
8d870052	138	#ifdef CONFIG_NETFILTER
f3c1a44a	139	struct netns_nf nf;
8d870052	140	struct netns_xt xt;
dfdb8d79 AD	141	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
dfdb8d79 AD	142	struct netns_ct ct;
c038a767	143	#endif
99633ab2 PNA	144	#if defined(CONFIG_NF_TABLES) \|\| defined(CONFIG_NF_TABLES_MODULE)
	145	struct netns_nftables nft;
	146	#endif
c038a767 AW	147	#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
c038a767 AW	148	struct netns_nf_frag nf_frag;
9ce7bc03	149	struct ctl_table_header *nf_frag_frags_hdr;
dfdb8d79	150	#endif
cd8c20b6 AD	151	struct sock *nfnl;
cd8c20b6 AD	152	struct sock *nfnl_stash;
3499abb2 AS	153	#if IS_ENABLED(CONFIG_NETFILTER_NETLINK_ACCT)
	154	struct list_head nfnl_acct_list;
	155	#endif
19576c94 PN	156	#if IS_ENABLED(CONFIG_NF_CT_NETLINK_TIMEOUT)
	157	struct list_head nfct_timeout_list;
	158	#endif
d62ddc21	159	#endif
3d23e349	160	#ifdef CONFIG_WEXT_CORE
b333b3d2	161	struct sk_buff_head wext_nlevents;
8d870052	162	#endif
1c87733d	163	struct net_generic __rcu *gen;
8e602ce2	164
d58e468b PP	165	struct bpf_prog __rcu *flow_dissector_prog;
d58e468b PP	166
8e602ce2 ED	167	/* Note : following structs are cache line aligned */
	168	#ifdef CONFIG_XFRM
	169	struct netns_xfrm xfrm;
	170	#endif
f318903c DB	171
	172	atomic64_t net_cookie; /* written once */
	173
8b4d14d8	174	#if IS_ENABLED(CONFIG_IP_VS)
61b1ab45	175	struct netns_ipvs *ipvs;
0189197f EB	176	#endif
	177	#if IS_ENABLED(CONFIG_MPLS)
	178	struct netns_mpls mpls;
8e8cda6d MK	179	#endif
	180	#if IS_ENABLED(CONFIG_CAN)
	181	struct netns_can can;
1d0dc069 BT	182	#endif
	183	#ifdef CONFIG_XDP_SOCKETS
	184	struct netns_xdp xdp;
91b05a7e OM	185	#endif
	186	#if IS_ENABLED(CONFIG_CRYPTO_USER)
	187	struct sock *crypto_nlsk;
8b4d14d8	188	#endif
51d7cccf	189	struct sock *diag_nlsk;
3859a271	190	} __randomize_layout;
5f256bec	191
c0f39322 DL	192	#include <linux/seq_file_net.h>
c0f39322 DL	193
4fabcd71	194	/* Init's network namespace */
5f256bec	195	extern struct net init_net;
a4aa834a	196
d727abcb	197	#ifdef CONFIG_NET_NS
e67e16ea JP	198	struct net copy_net_ns(unsigned long flags, struct user_namespace user_ns,
e67e16ea JP	199	struct net *old_net);
225c0a01	200
fbdeaed4 TH	201	void net_ns_get_ownership(const struct net net, kuid_t uid, kgid_t *gid);
fbdeaed4 TH	202
7866cc57	203	void net_ns_barrier(void);
d727abcb EB	204	#else /* CONFIG_NET_NS */
	205	#include <linux/sched.h>
	206	#include <linux/nsproxy.h>
038e7332 EB	207	static inline struct net *copy_net_ns(unsigned long flags,
038e7332 EB	208	struct user_namespace user_ns, struct net old_net)
9dd776b6	209	{
d727abcb EB	210	if (flags & CLONE_NEWNET)
	211	return ERR_PTR(-EINVAL);
	212	return old_net;
9dd776b6	213	}
7866cc57	214
fbdeaed4 TH	215	static inline void net_ns_get_ownership(const struct net *net,
	216	kuid_t uid, kgid_t gid)
	217	{
	218	*uid = GLOBAL_ROOT_UID;
	219	*gid = GLOBAL_ROOT_GID;
	220	}
	221
7866cc57	222	static inline void net_ns_barrier(void) {}
d727abcb	223	#endif /* CONFIG_NET_NS */
225c0a01 DL	224
	225
	226	extern struct list_head net_namespace_list;
9dd776b6	227
e67e16ea	228	struct net *get_net_ns_by_pid(pid_t pid);
0f5258cd	229	struct net *get_net_ns_by_fd(int fd);
30ffee84	230
5a95cbb8 DB	231	u64 net_gen_cookie(struct net *net);
5a95cbb8 DB	232
535d3ae9 RK	233	#ifdef CONFIG_SYSCTL
	234	void ipx_register_sysctl(void);
	235	void ipx_unregister_sysctl(void);
	236	#else
	237	#define ipx_register_sysctl()
	238	#define ipx_unregister_sysctl()
	239	#endif
	240
d4655795	241	#ifdef CONFIG_NET_NS
e67e16ea	242	void __put_net(struct net *net);
5f256bec EB	243
	244	static inline struct net get_net(struct net net)
	245	{
273c28bc	246	refcount_inc(&net->count);
5f256bec EB	247	return net;
	248	}
	249
077130c0 EB	250	static inline struct net maybe_get_net(struct net net)
	251	{
	252	/* Used when we know struct net exists but we
	253	* aren't guaranteed a previous reference count
	254	* exists. If the reference count is zero this
	255	* function fails and returns NULL.
	256	*/
273c28bc	257	if (!refcount_inc_not_zero(&net->count))
077130c0 EB	258	net = NULL;
	259	return net;
	260	}
	261
5f256bec EB	262	static inline void put_net(struct net *net)
5f256bec EB	263	{
273c28bc	264	if (refcount_dec_and_test(&net->count))
5f256bec EB	265	__put_net(net);
	266	}
	267
878628fb YH	268	static inline
	269	int net_eq(const struct net net1, const struct net net2)
	270	{
	271	return net1 == net2;
	272	}
a685e089	273
4ee806d5 DS	274	static inline int check_net(const struct net *net)
4ee806d5 DS	275	{
3e3ab9cc	276	return refcount_read(&net->count) != 0;
4ee806d5 DS	277	}
4ee806d5 DS	278
e67e16ea	279	void net_drop_ns(void *);
a685e089	280
d4655795	281	#else
b9f75f45	282
d4655795 PE	283	static inline struct net get_net(struct net net)
	284	{
	285	return net;
	286	}
	287
	288	static inline void put_net(struct net *net)
	289	{
	290	}
	291
5d1e4468 DL	292	static inline struct net maybe_get_net(struct net net)
	293	{
	294	return net;
	295	}
	296
	297	static inline
	298	int net_eq(const struct net net1, const struct net net2)
	299	{
	300	return 1;
	301	}
a685e089	302
4ee806d5 DS	303	static inline int check_net(const struct net *net)
	304	{
	305	return 1;
	306	}
	307
a685e089	308	#define net_drop_ns NULL
5d1e4468 DL	309	#endif
	310
	311
0c5c9fb5	312	typedef struct {
8f424b5f	313	#ifdef CONFIG_NET_NS
0c5c9fb5 EB	314	struct net *net;
	315	#endif
	316	} possible_net_t;
8f424b5f	317
0c5c9fb5	318	static inline void write_pnet(possible_net_t pnet, struct net net)
8f424b5f	319	{
0c5c9fb5 EB	320	#ifdef CONFIG_NET_NS
	321	pnet->net = net;
	322	#endif
8f424b5f ED	323	}
8f424b5f ED	324
0c5c9fb5	325	static inline struct net read_pnet(const possible_net_t pnet)
8f424b5f	326	{
0c5c9fb5 EB	327	#ifdef CONFIG_NET_NS
0c5c9fb5 EB	328	return pnet->net;
8f424b5f	329	#else
0c5c9fb5	330	return &init_net;
8f424b5f	331	#endif
0c5c9fb5	332	}
5d1e4468	333
f0b07bb1	334	/* Protected by net_rwsem */
5f256bec EB	335	#define for_each_net(VAR) \
5f256bec EB	336	list_for_each_entry(VAR, &net_namespace_list, list)
afa0df59 JP	337	#define for_each_net_continue_reverse(VAR) \
afa0df59 JP	338	list_for_each_entry_continue_reverse(VAR, &net_namespace_list, list)
11a28d37 JB	339	#define for_each_net_rcu(VAR) \
	340	list_for_each_entry_rcu(VAR, &net_namespace_list, list)
	341
4665079c PE	342	#ifdef CONFIG_NET_NS
	343	#define __net_init
	344	#define __net_exit
022cbae6	345	#define __net_initdata
04a6f82c	346	#define __net_initconst
4665079c PE	347	#else
4665079c PE	348	#define __net_init __init
bd721ea7	349	#define __net_exit __ref
022cbae6	350	#define __net_initdata __initdata
04a6f82c	351	#define __net_initconst __initconst
4665079c	352	#endif
5f256bec	353
d4e4fdf9	354	int peernet2id_alloc(struct net net, struct net peer, gfp_t gfp);
56f200c7 GN	355	int peernet2id(const struct net net, struct net peer);
	356	bool peernet_has_id(const struct net net, struct net peer);
	357	struct net get_net_ns_by_id(const struct net net, int id);
0c7aecd4	358
5f256bec EB	359	struct pernet_operations {
5f256bec EB	360	struct list_head list;
6056415d KT	361	/*
	362	* Below methods are called without any exclusive locks.
	363	* More than one net may be constructed and destructed
	364	* in parallel on several cpus. Every pernet_operations
	365	* have to keep in mind all other pernet_operations and
	366	* to introduce a locking, if they share common resources.
	367	*
8518e9bb KT	368	* The only time they are called with exclusive lock is
	369	* from register_pernet_subsys(), unregister_pernet_subsys()
	370	* register_pernet_device() and unregister_pernet_device().
	371	*
6056415d KT	372	* Exit methods using blocking RCU primitives, such as
	373	* synchronize_rcu(), should be implemented via exit_batch.
	374	* Then, destruction of a group of net requires single
	375	* synchronize_rcu() related to these pernet_operations,
	376	* instead of separate synchronize_rcu() for every net.
	377	* Please, avoid synchronize_rcu() at all, where it's possible.
d7d99872 ED	378	*
	379	* Note that a combination of pre_exit() and exit() can
	380	* be used, since a synchronize_rcu() is guaranteed between
	381	* the calls.
6056415d	382	*/
5f256bec	383	int (init)(struct net net);
d7d99872	384	void (pre_exit)(struct net net);
5f256bec	385	void (exit)(struct net net);
72ad937a	386	void (exit_batch)(struct list_head net_exit_list);
c7d03a00	387	unsigned int *id;
f875bae0	388	size_t size;
5f256bec EB	389	};
5f256bec EB	390
17edde52 EB	391	/*
	392	* Use these carefully. If you implement a network device and it
	393	* needs per network namespace operations use device pernet operations,
	394	* otherwise use pernet subsys operations.
	395	*
4edf547b JB	396	* Network interfaces need to be removed from a dying netns _before_
	397	* subsys notifiers can be called, as most of the network code cleanup
	398	* (which is done from subsys notifiers) runs with the assumption that
	399	* dev_remove_pack has been called so no new packets will arrive during
	400	* and after the cleanup functions have been called. dev_remove_pack
	401	* is not per namespace so instead the guarantee of no more packets
	402	* arriving in a network namespace is provided by ensuring that all
	403	* network devices and all sockets have left the network namespace
	404	* before the cleanup methods are called.
17edde52 EB	405	*
	406	* For the longest time the ipv4 icmp code was registered as a pernet
	407	* device which caused kernel oops, and panics during network
	408	* namespace cleanup. So please don't get this wrong.
	409	*/
e67e16ea JP	410	int register_pernet_subsys(struct pernet_operations *);
	411	void unregister_pernet_subsys(struct pernet_operations *);
	412	int register_pernet_device(struct pernet_operations *);
	413	void unregister_pernet_device(struct pernet_operations *);
f875bae0	414
95bdfccb EB	415	struct ctl_table;
95bdfccb EB	416	struct ctl_table_header;
d62c612e	417
2ca794e5	418	#ifdef CONFIG_SYSCTL
e67e16ea JP	419	int net_sysctl_init(void);
	420	struct ctl_table_header register_net_sysctl(struct net net, const char *path,
	421	struct ctl_table *table);
	422	void unregister_net_sysctl_table(struct ctl_table_header *header);
48c74958 EB	423	#else
	424	static inline int net_sysctl_init(void) { return 0; }
	425	static inline struct ctl_table_header register_net_sysctl(struct net net,
	426	const char path, struct ctl_table table)
	427	{
	428	return NULL;
	429	}
	430	static inline void unregister_net_sysctl_table(struct ctl_table_header *header)
	431	{
	432	}
	433	#endif
	434
56f200c7	435	static inline int rt_genid_ipv4(const struct net *net)
b42664f8	436	{
ca4c3fc2	437	return atomic_read(&net->ipv4.rt_genid);
b42664f8 ND	438	}
b42664f8 ND	439
8f34e53b DA	440	#if IS_ENABLED(CONFIG_IPV6)
	441	static inline int rt_genid_ipv6(const struct net *net)
	442	{
	443	return atomic_read(&net->ipv6.fib6_sernum);
	444	}
	445	#endif
	446
ca4c3fc2	447	static inline void rt_genid_bump_ipv4(struct net *net)
b42664f8	448	{
ca4c3fc2	449	atomic_inc(&net->ipv4.rt_genid);
	450	}
	451
705f1c86	452	extern void (__fib6_flush_trees)(struct net net);
ca4c3fc2	453	static inline void rt_genid_bump_ipv6(struct net *net)
ca4c3fc2	454	{
705f1c86 HFS	455	if (__fib6_flush_trees)
705f1c86 HFS	456	__fib6_flush_trees(net);
ca4c3fc2	457	}
ca4c3fc2	458
599018a7 LR	459	#if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
	460	static inline struct netns_ieee802154_lowpan *
	461	net_ieee802154_lowpan(struct net *net)
	462	{
	463	return &net->ieee802154_lowpan;
	464	}
599018a7 LR	465	#endif
599018a7 LR	466
ca4c3fc2	467	/* For callers who don't really care about whether it's IPv4 or IPv6 */
	468	static inline void rt_genid_bump_all(struct net *net)
	469	{
	470	rt_genid_bump_ipv4(net);
	471	rt_genid_bump_ipv6(net);
b42664f8	472	}
95bdfccb	473
56f200c7	474	static inline int fnhe_genid(const struct net *net)
5aad1de5 TT	475	{
	476	return atomic_read(&net->fnhe_genid);
	477	}
	478
	479	static inline void fnhe_genid_bump(struct net *net)
	480	{
	481	atomic_inc(&net->fnhe_genid);
	482	}
	483
5f256bec	484	#endif /* __NET_NET_NAMESPACE_H */