#include <linux/wireless.h>
#include <linux/kernel.h>
#include <linux/kmod.h>
+#include <net/net_namespace.h>
#include <net/ip.h>
#include <net/protocol.h>
#include <linux/skbuff.h>
#include <net/inet_common.h>
#endif
-#define CONFIG_SOCK_PACKET 1
-
-/*
- Proposed replacement for SIOC{ADD,DEL}MULTI and
- IFF_PROMISC, IFF_ALLMULTI flags.
-
- It is more expensive, but I believe,
- it is really correct solution: reentereble, safe and fault tolerant.
-
- IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
- reference count and global flag, so that real status is
- (gflag|(count != 0)), so that we can use obsolete faulty interface
- not harming clever users.
- */
-#define CONFIG_PACKET_MULTICAST 1
-
/*
Assumptions:
- if device has no dev->hard_header routine, it adds and removes ll header
Incoming, dev->hard_header==NULL
mac_header -> UNKNOWN position. It is very likely, that it points to ll
header. PPP makes it, that is wrong, because introduce
- assymetry between rx and tx paths.
+ assymetry between rx and tx paths.
data -> data
Outgoing, dev->hard_header==NULL
/* Private packet socket structures. */
-#ifdef CONFIG_PACKET_MULTICAST
struct packet_mclist
{
struct packet_mclist *next;
unsigned short mr_alen;
unsigned char mr_address[MAX_ADDR_LEN];
};
-#endif
+
#ifdef CONFIG_PACKET_MMAP
static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
#endif
origdev:1;
int ifindex; /* bound device */
__be16 num;
-#ifdef CONFIG_PACKET_MULTICAST
struct packet_mclist *mclist;
-#endif
#ifdef CONFIG_PACKET_MMAP
atomic_t mapped;
unsigned int pg_vec_order;
static const struct proto_ops packet_ops;
-#ifdef CONFIG_SOCK_PACKET
static const struct proto_ops packet_ops_spkt;
static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
struct sock *sk;
struct sockaddr_pkt *spkt;
+ if (dev->nd_net != &init_net)
+ goto out;
+
/*
* When we registered the protocol we saved the socket in the data
* field for just this event.
*/
saddr->spkt_device[13] = 0;
- dev = dev_get_by_name(saddr->spkt_device);
+ dev = dev_get_by_name(&init_net, saddr->spkt_device);
err = -ENODEV;
if (dev == NULL)
goto out_unlock;
dev_put(dev);
return err;
}
-#endif
static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk,
unsigned int res)
int skb_len = skb->len;
unsigned int snaplen, res;
+ if (dev->nd_net != &init_net)
+ goto drop;
+
if (skb->pkt_type == PACKET_LOOPBACK)
goto drop;
struct sk_buff *copy_skb = NULL;
struct timeval tv;
+ if (dev->nd_net != &init_net)
+ goto drop;
+
if (skb->pkt_type == PACKET_LOOPBACK)
goto drop;
h->tp_snaplen = snaplen;
h->tp_mac = macoff;
h->tp_net = netoff;
- if (skb->tstamp.tv64 == 0) {
- __net_timestamp(skb);
- sock_enable_timestamp(sk);
- }
- tv = ktime_to_timeval(skb->tstamp);
+ if (skb->tstamp.tv64)
+ tv = ktime_to_timeval(skb->tstamp);
+ else
+ do_gettimeofday(&tv);
h->tp_sec = tv.tv_sec;
h->tp_usec = tv.tv_usec;
}
- dev = dev_get_by_index(ifindex);
+ dev = dev_get_by_index(&init_net, ifindex);
err = -ENXIO;
if (dev == NULL)
goto out_unlock;
__sock_put(sk);
}
-#ifdef CONFIG_PACKET_MULTICAST
packet_flush_mclist(sk);
-#endif
#ifdef CONFIG_PACKET_MMAP
if (po->pg_vec) {
* Bind a packet socket to a device
*/
-#ifdef CONFIG_SOCK_PACKET
-
static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
struct sock *sk=sock->sk;
return -EINVAL;
strlcpy(name,uaddr->sa_data,sizeof(name));
- dev = dev_get_by_name(name);
+ dev = dev_get_by_name(&init_net, name);
if (dev) {
err = packet_do_bind(sk, dev, pkt_sk(sk)->num);
dev_put(dev);
}
return err;
}
-#endif
static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
if (sll->sll_ifindex) {
err = -ENODEV;
- dev = dev_get_by_index(sll->sll_ifindex);
+ dev = dev_get_by_index(&init_net, sll->sll_ifindex);
if (dev == NULL)
goto out;
}
* Create a packet of type SOCK_PACKET.
*/
-static int packet_create(struct socket *sock, int protocol)
+static int packet_create(struct net *net, struct socket *sock, int protocol)
{
struct sock *sk;
struct packet_sock *po;
__be16 proto = (__force __be16)protocol; /* weird, but documented */
int err;
+ if (net != &init_net)
+ return -EAFNOSUPPORT;
+
if (!capable(CAP_NET_RAW))
return -EPERM;
- if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
-#ifdef CONFIG_SOCK_PACKET
- && sock->type != SOCK_PACKET
-#endif
- )
+ if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW &&
+ sock->type != SOCK_PACKET)
return -ESOCKTNOSUPPORT;
sock->state = SS_UNCONNECTED;
err = -ENOBUFS;
- sk = sk_alloc(PF_PACKET, GFP_KERNEL, &packet_proto, 1);
+ sk = sk_alloc(net, PF_PACKET, GFP_KERNEL, &packet_proto, 1);
if (sk == NULL)
goto out;
sock->ops = &packet_ops;
-#ifdef CONFIG_SOCK_PACKET
if (sock->type == SOCK_PACKET)
sock->ops = &packet_ops_spkt;
-#endif
+
sock_init_data(sock, sk);
po = pkt_sk(sk);
spin_lock_init(&po->bind_lock);
po->prot_hook.func = packet_rcv;
-#ifdef CONFIG_SOCK_PACKET
+
if (sock->type == SOCK_PACKET)
po->prot_hook.func = packet_rcv_spkt;
-#endif
+
po->prot_hook.af_packet_priv = sk;
if (proto) {
return err;
}
-#ifdef CONFIG_SOCK_PACKET
static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
int *uaddr_len, int peer)
{
return -EOPNOTSUPP;
uaddr->sa_family = AF_PACKET;
- dev = dev_get_by_index(pkt_sk(sk)->ifindex);
+ dev = dev_get_by_index(&init_net, pkt_sk(sk)->ifindex);
if (dev) {
strlcpy(uaddr->sa_data, dev->name, 15);
dev_put(dev);
return 0;
}
-#endif
static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
int *uaddr_len, int peer)
sll->sll_family = AF_PACKET;
sll->sll_ifindex = po->ifindex;
sll->sll_protocol = po->num;
- dev = dev_get_by_index(po->ifindex);
+ dev = dev_get_by_index(&init_net, po->ifindex);
if (dev) {
sll->sll_hatype = dev->type;
sll->sll_halen = dev->addr_len;
return 0;
}
-#ifdef CONFIG_PACKET_MULTICAST
static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
{
switch (i->type) {
rtnl_lock();
err = -ENODEV;
- dev = __dev_get_by_index(mreq->mr_ifindex);
+ dev = __dev_get_by_index(&init_net, mreq->mr_ifindex);
if (!dev)
goto done;
if (--ml->count == 0) {
struct net_device *dev;
*mlp = ml->next;
- dev = dev_get_by_index(ml->ifindex);
+ dev = dev_get_by_index(&init_net, ml->ifindex);
if (dev) {
packet_dev_mc(dev, ml, -1);
dev_put(dev);
struct net_device *dev;
po->mclist = ml->next;
- if ((dev = dev_get_by_index(ml->ifindex)) != NULL) {
+ if ((dev = dev_get_by_index(&init_net, ml->ifindex)) != NULL) {
packet_dev_mc(dev, ml, -1);
dev_put(dev);
}
}
rtnl_unlock();
}
-#endif
static int
packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
return -ENOPROTOOPT;
switch(optname) {
-#ifdef CONFIG_PACKET_MULTICAST
case PACKET_ADD_MEMBERSHIP:
case PACKET_DROP_MEMBERSHIP:
{
ret = packet_mc_drop(sk, &mreq);
return ret;
}
-#endif
+
#ifdef CONFIG_PACKET_MMAP
case PACKET_RX_RING:
{
struct hlist_node *node;
struct net_device *dev = data;
+ if (dev->nd_net != &init_net)
+ return NOTIFY_DONE;
+
read_lock(&packet_sklist_lock);
sk_for_each(sk, node, &packet_sklist) {
struct packet_sock *po = pkt_sk(sk);
switch (msg) {
case NETDEV_UNREGISTER:
-#ifdef CONFIG_PACKET_MULTICAST
if (po->mclist)
packet_dev_mclist(dev, po->mclist, -1);
- // fallthrough
-#endif
+ /* fallthrough */
+
case NETDEV_DOWN:
if (dev->ifindex == po->ifindex) {
spin_lock(&po->bind_lock);
#endif
-#ifdef CONFIG_SOCK_PACKET
static const struct proto_ops packet_ops_spkt = {
.family = PF_PACKET,
.owner = THIS_MODULE,
.mmap = sock_no_mmap,
.sendpage = sock_no_sendpage,
};
-#endif
static const struct proto_ops packet_ops = {
.family = PF_PACKET,
return 0;
}
-static struct seq_operations packet_seq_ops = {
+static const struct seq_operations packet_seq_ops = {
.start = packet_seq_start,
.next = packet_seq_next,
.stop = packet_seq_stop,
static void __exit packet_exit(void)
{
- proc_net_remove("packet");
+ proc_net_remove(&init_net, "packet");
unregister_netdevice_notifier(&packet_netdev_notifier);
sock_unregister(PF_PACKET);
proto_unregister(&packet_proto);
sock_register(&packet_family_ops);
register_netdevice_notifier(&packet_netdev_notifier);
- proc_net_fops_create("packet", 0, &packet_seq_fops);
+ proc_net_fops_create(&init_net, "packet", 0, &packet_seq_fops);
out:
return rc;
}