From: Greg Kroah-Hartman <gregkh@suse.de>
To: linux-kernel@vger.kernel.org
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Greg Kroah-Hartman <gregkh@suse.de>
Subject: [PATCH 35/38] netlink: Implment netlink_broadcast_filtered
Date: Fri, 21 May 2010 09:54:05 -0700 [thread overview]
Message-ID: <1274460848-11377-35-git-send-email-gregkh@suse.de> (raw)
In-Reply-To: <20100521165106.GA11216@kroah.com>
From: Eric W. Biederman <ebiederm@xmission.com>
When netlink sockets are used to convey data that is in a namespace
we need a way to select a subset of the listening sockets to deliver
the packet to. For the network namespace we have been doing this
by only transmitting packets in the correct network namespace.
For data belonging to other namespaces netlink_bradcast_filtered
provides a mechanism that allows us to examine the destination
socket and to decide if we should transmit the specified packet
to it.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
include/linux/netlink.h | 4 ++++
net/netlink/af_netlink.c | 21 +++++++++++++++++++--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index 6eaca5e..59d0669 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -188,6 +188,10 @@ extern int netlink_has_listeners(struct sock *sk, unsigned int group);
extern int netlink_unicast(struct sock *ssk, struct sk_buff *skb, __u32 pid, int nonblock);
extern int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
__u32 group, gfp_t allocation);
+extern int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb,
+ __u32 pid, __u32 group, gfp_t allocation,
+ int (*filter)(struct sock *dsk, struct sk_buff *skb, void *data),
+ void *filter_data);
extern int netlink_set_err(struct sock *ssk, __u32 pid, __u32 group, int code);
extern int netlink_register_notifier(struct notifier_block *nb);
extern int netlink_unregister_notifier(struct notifier_block *nb);
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 6464a19..a2eb965 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -978,6 +978,8 @@ struct netlink_broadcast_data {
int delivered;
gfp_t allocation;
struct sk_buff *skb, *skb2;
+ int (*tx_filter)(struct sock *dsk, struct sk_buff *skb, void *data);
+ void *tx_data;
};
static inline int do_one_broadcast(struct sock *sk,
@@ -1020,6 +1022,9 @@ static inline int do_one_broadcast(struct sock *sk,
p->failure = 1;
if (nlk->flags & NETLINK_BROADCAST_SEND_ERROR)
p->delivery_failure = 1;
+ } else if (p->tx_filter && p->tx_filter(sk, p->skb2, p->tx_data)) {
+ kfree_skb(p->skb2);
+ p->skb2 = NULL;
} else if (sk_filter(sk, p->skb2)) {
kfree_skb(p->skb2);
p->skb2 = NULL;
@@ -1038,8 +1043,10 @@ out:
return 0;
}
-int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 pid,
- u32 group, gfp_t allocation)
+int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 pid,
+ u32 group, gfp_t allocation,
+ int (*filter)(struct sock *dsk, struct sk_buff *skb, void *data),
+ void *filter_data)
{
struct net *net = sock_net(ssk);
struct netlink_broadcast_data info;
@@ -1059,6 +1066,8 @@ int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 pid,
info.allocation = allocation;
info.skb = skb;
info.skb2 = NULL;
+ info.tx_filter = filter;
+ info.tx_data = filter_data;
/* While we sleep in clone, do not allow to change socket list */
@@ -1083,6 +1092,14 @@ int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 pid,
}
return -ESRCH;
}
+EXPORT_SYMBOL(netlink_broadcast_filtered);
+
+int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 pid,
+ u32 group, gfp_t allocation)
+{
+ return netlink_broadcast_filtered(ssk, skb, pid, group, allocation,
+ NULL, NULL);
+}
EXPORT_SYMBOL(netlink_broadcast);
struct netlink_set_err_data {
--
1.7.0.3
next prev parent reply other threads:[~2010-05-21 16:56 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-21 16:51 [GIT PATCH] driver core patches for .35 Greg KH
2010-05-21 16:53 ` [PATCH 01/38] drivers/base/cpu.c: fix the output from /sys/devices/system/cpu/offline Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 02/38] firmware_class: fix memory leak - free allocated pages Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 03/38] kref: remove kref_set Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 04/38] Driver core: Reduce the level of request_firmware() messages Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 05/38] driver-core: fix potential race condition in drivers/base/dd.c Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 06/38] Driver core: don't initialize wakeup flags Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 07/38] driver core: module.c: Use kasprintf Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 08/38] devtmpfs: support !CONFIG_TMPFS Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 09/38] platform_bus: allow custom extensions to system PM methods Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 10/38] drivers/base: Convert dev->sem to mutex Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 11/38] lockdep: Add novalidate class for dev->mutex conversion Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 12/38] firmware class: export nowait to userspace Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 13/38] firmware loader: rely on driver core to create class attribute Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 14/38] firmware loader: split out builtin firmware handling Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 15/38] firmware loader: do not allocate firmare id separately Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 16/38] Driver core: Protect device shutdown from hot unplug events Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 17/38] generate "change" uevent for loop device Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 18/38] sysfs: Basic support for multiple super blocks Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 19/38] sysfs: Remove double free sysfs_get_sb Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 20/38] kobj: Add basic infrastructure for dealing with namespaces Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 21/38] sysfs: Implement sysfs tagged directory support Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 22/38] sysfs: Add support for tagged directories with untagged members Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 23/38] sysfs: Implement sysfs_delete_link Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 24/38] driver core: Implement ns directory support for device classes Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 25/38] sysfs: Comment sysfs directory tagging logic Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 26/38] sysfs-namespaces: add a high-level Documentation file Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 27/38] sysfs: Don't use enums in inline function declaration Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 28/38] sysfs: Remove usage of S_BIAS to avoid merge conflict with the vfs tree Greg Kroah-Hartman
2010-05-21 16:53 ` [PATCH 29/38] sysfs: add struct file* to bin_attr callbacks Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 30/38] pci: check caps from sysfs file open to read device dependent config space Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 31/38] driver-core: fix Typo in drivers/base/core.c for CONFIG_MODULE Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 32/38] kobject: Send hotplug events in all network namespaces Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 33/38] netns: Teach network device kobjects which namespace they are in Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 34/38] net/sysfs: Fix the bitrot in network device kobject namespace support Greg Kroah-Hartman
2010-05-21 16:54 ` Greg Kroah-Hartman [this message]
2010-05-21 16:54 ` [PATCH 36/38] kobj: Send hotplug events in the proper namespace Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 37/38] hotplug: netns aware uevent_helper Greg Kroah-Hartman
2010-05-21 16:54 ` [PATCH 38/38] net: Expose all network devices in a namespaces in sysfs Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1274460848-11377-35-git-send-email-gregkh@suse.de \
--to=gregkh@suse.de \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox