• Christian Brauner's avatar
    rtnetlink: enable IFLA_IF_NETNSID in do_setlink() · 7c4f63ba
    Christian Brauner authored
    RTM_{NEW,SET}LINK already allow operations on other network namespaces
    by identifying the target network namespace through IFLA_NET_NS_{FD,PID}
    properties. This is done by looking for the corresponding properties in
    do_setlink(). Extend do_setlink() to also look for the IFLA_IF_NETNSID
    property. This introduces no functional changes since all callers of
    do_setlink() currently block IFLA_IF_NETNSID by reporting an error before
    they reach do_setlink().
    
    This introduces the helpers:
    
    static struct net *rtnl_link_get_net_by_nlattr(struct net *src_net, struct
                                                   nlattr *tb[])
    
    static struct net *rtnl_link_get_net_capable(const struct sk_buff *skb,
                                                 struct net *src_net,
    					     struct nlattr *tb[], int cap)
    
    to simplify permission checks and target network namespace retrieval for
    RTM_* requests that already support IFLA_NET_NS_{FD,PID} but get extended
    to IFLA_IF_NETNSID. To perserve backwards compatibility the helpers look
    for IFLA_NET_NS_{FD,PID} properties first before checking for
    IFLA_IF_NETNSID.
    Signed-off-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    7c4f63ba
rtnetlink.c 112 KB