Skip to content

Commit 93ec926

Browse files
Daniel Lezcanodavem330
authored andcommitted
[NETNS][IPV6] tcp6 - make socket control per namespace
Instead of having a tcp6_socket global to all the namespace, there is tcp6 socket control per namespace. That is consistent with which namespace sent a RST and allows to pass the socket to the underlying function to retrieve the network namespace. Signed-off-by: Daniel Lezcano <[email protected]> Signed-off-by: Benjamin Thery <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent 1762f7e commit 93ec926

File tree

2 files changed

+34
-10
lines changed

2 files changed

+34
-10
lines changed

include/net/netns/ipv6.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,5 +52,6 @@ struct netns_ipv6 {
5252
#endif
5353
struct sock **icmp_sk;
5454
struct sock *ndisc_sk;
55+
struct sock *tcp_sk;
5556
};
5657
#endif

net/ipv6/tcp_ipv6.c

Lines changed: 33 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -69,9 +69,6 @@
6969
#include <linux/crypto.h>
7070
#include <linux/scatterlist.h>
7171

72-
/* Socket used for sending RSTs and ACKs */
73-
static struct socket *tcp6_socket;
74-
7572
static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
7673
static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
7774
static void tcp_v6_send_check(struct sock *sk, int len,
@@ -1075,10 +1072,11 @@ static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
10751072
* Underlying function will use this to retrieve the network
10761073
* namespace
10771074
*/
1078-
if (!ip6_dst_lookup(tcp6_socket->sk, &buff->dst, &fl)) {
1075+
if (!ip6_dst_lookup(init_net.ipv6.tcp_sk, &buff->dst, &fl)) {
10791076

10801077
if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1081-
ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1078+
ip6_xmit(init_net.ipv6.tcp_sk,
1079+
buff, &fl, NULL, 0);
10821080
TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
10831081
TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
10841082
return;
@@ -1175,9 +1173,10 @@ static void tcp_v6_send_ack(struct tcp_timewait_sock *tw,
11751173
fl.fl_ip_sport = t1->source;
11761174
security_skb_classify_flow(skb, &fl);
11771175

1178-
if (!ip6_dst_lookup(tcp6_socket->sk, &buff->dst, &fl)) {
1176+
if (!ip6_dst_lookup(init_net.ipv6.tcp_sk, &buff->dst, &fl)) {
11791177
if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1180-
ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1178+
ip6_xmit(init_net.ipv6.tcp_sk,
1179+
buff, &fl, NULL, 0);
11811180
TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
11821181
return;
11831182
}
@@ -2198,6 +2197,31 @@ static struct inet_protosw tcpv6_protosw = {
21982197
INET_PROTOSW_ICSK,
21992198
};
22002199

2200+
static int tcpv6_net_init(struct net *net)
2201+
{
2202+
int err;
2203+
struct socket *sock;
2204+
struct sock *sk;
2205+
2206+
err = inet_csk_ctl_sock_create(&sock, PF_INET6, SOCK_RAW, IPPROTO_TCP);
2207+
if (err)
2208+
return err;
2209+
2210+
net->ipv6.tcp_sk = sk = sock->sk;
2211+
sk_change_net(sk, net);
2212+
return err;
2213+
}
2214+
2215+
static void tcpv6_net_exit(struct net *net)
2216+
{
2217+
sk_release_kernel(net->ipv6.tcp_sk);
2218+
}
2219+
2220+
static struct pernet_operations tcpv6_net_ops = {
2221+
.init = tcpv6_net_init,
2222+
.exit = tcpv6_net_exit,
2223+
};
2224+
22012225
int __init tcpv6_init(void)
22022226
{
22032227
int ret;
@@ -2211,8 +2235,7 @@ int __init tcpv6_init(void)
22112235
if (ret)
22122236
goto out_tcpv6_protocol;
22132237

2214-
ret = inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6,
2215-
SOCK_RAW, IPPROTO_TCP);
2238+
ret = register_pernet_subsys(&tcpv6_net_ops);
22162239
if (ret)
22172240
goto out_tcpv6_protosw;
22182241
out:
@@ -2227,7 +2250,7 @@ int __init tcpv6_init(void)
22272250

22282251
void tcpv6_exit(void)
22292252
{
2230-
sock_release(tcp6_socket);
2253+
unregister_pernet_subsys(&tcpv6_net_ops);
22312254
inet6_unregister_protosw(&tcpv6_protosw);
22322255
inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
22332256
}

0 commit comments

Comments
 (0)