change system file

hc

2024-10-09 244b2c5ca8b14627e4a17755e5922221e121c771

 kernel/include/net/net_namespace.h
..
..
@@ -19,6 +19,7 @@
19
19
 #include <net/netns/packet.h>
20
20
 #include <net/netns/ipv4.h>
21
21
 #include <net/netns/ipv6.h>
22
+#include <net/netns/nexthop.h>
22
23
 #include <net/netns/ieee802154_6lowpan.h>
23
24
 #include <net/netns/sctp.h>
24
25
 #include <net/netns/dccp.h>
..
..
@@ -31,9 +32,12 @@
31
32
 #include <net/netns/xfrm.h>
32
33
 #include <net/netns/mpls.h>
33
34
 #include <net/netns/can.h>
35
+#include <net/netns/xdp.h>
36
+#include <net/netns/bpf.h>
34
37
 #include <linux/ns_common.h>
35
38
 #include <linux/idr.h>
36
39
 #include <linux/skbuff.h>
40
+#include <linux/notifier.h>
37
41
 
38
42
 struct user_namespace;
39
43
 struct proc_dir_entry;
..
..
@@ -43,13 +47,17 @@
43
47
 struct net_generic;
44
48
 struct uevent_sock;
45
49
 struct netns_ipvs;
50
+struct bpf_prog;
46
51
 
47
52
 
48
53
 #define NETDEV_HASHBITS    8
49
54
 #define NETDEV_HASHENTRIES (1 << NETDEV_HASHBITS)
50
55
 
51
56
 struct net {
52
-	refcount_t		passive;	/* To decided when the network
57
+	/* First cache line can be often dirtied.
58
+	 * Do not place here read-mostly fields.
59
+	 */
60
+	refcount_t		passive;	/* To decide when the network
53
61
 						 * namespace should be freed.
54
62
 						 */
55
63
 	refcount_t		count;		/* To decided when the network
..
..
@@ -57,8 +65,13 @@
57
65
 						 */
58
66
 	spinlock_t		rules_mod_lock;
59
67
 
60
-	u32			hash_mix;
61
-	atomic64_t		cookie_gen;
68
+	unsigned int		dev_unreg_count;
69
+
70
+	unsigned int		dev_base_seq;	/* protected by rtnl_mutex */
71
+	int			ifindex;
72
+
73
+	spinlock_t		nsid_lock;
74
+	atomic_t		fnhe_genid;
62
75
 
63
76
 	struct list_head	list;		/* list of network namespaces */
64
77
 	struct list_head	exit_list;	/* To linked to call pernet exit
..
..
@@ -69,13 +82,16 @@
69
82
 						 */
70
83
 	struct llist_node	cleanup_list;	/* namespaces on death row */
71
84
 
85
+#ifdef CONFIG_KEYS
86
+	struct key_tag		*key_domain;	/* Key domain of operation tag */
87
+#endif
72
88
 	struct user_namespace   *user_ns;	/* Owning user namespace */
73
89
 	struct ucounts		*ucounts;
74
-	spinlock_t		nsid_lock;
75
90
 	struct idr		netns_ids;
76
91
 
77
92
 	struct ns_common	ns;
78
93
 
94
+	struct list_head 	dev_base_head;
79
95
 	struct proc_dir_entry 	*proc_net;
80
96
 	struct proc_dir_entry 	*proc_net_stat;
81
97
 
..
..
@@ -88,24 +104,25 @@
88
104
 
89
105
 	struct uevent_sock	*uevent_sock;		/* uevent socket */
90
106
 
91
-	struct list_head 	dev_base_head;
92
107
 	struct hlist_head 	*dev_name_head;
93
108
 	struct hlist_head	*dev_index_head;
94
-	unsigned int		dev_base_seq;	/* protected by rtnl_mutex */
95
-	int			ifindex;
96
-	unsigned int		dev_unreg_count;
109
+	struct raw_notifier_head	netdev_chain;
110
+
111
+	/* Note that @hash_mix can be read millions times per second,
112
+	 * it is critical that it is on a read_mostly cache line.
113
+	 */
114
+	u32			hash_mix;
115
+
116
+	struct net_device       *loopback_dev;          /* The loopback */
97
117
 
98
118
 	/* core fib_rules */
99
119
 	struct list_head	rules_ops;
100
120
 
101
-	struct list_head	fib_notifier_ops;  /* Populated by
102
-						    * register_pernet_subsys()
103
-						    */
104
-	struct net_device       *loopback_dev;          /* The loopback */
105
121
 	struct netns_core	core;
106
122
 	struct netns_mib	mib;
107
123
 	struct netns_packet	packet;
108
124
 	struct netns_unix	unx;
125
+	struct netns_nexthop	nexthop;
109
126
 	struct netns_ipv4	ipv4;
110
127
 #if IS_ENABLED(CONFIG_IPV6)
111
128
 	struct netns_ipv6	ipv6;
..
..
@@ -113,7 +130,9 @@
113
130
 #if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
114
131
 	struct netns_ieee802154_lowpan	ieee802154_lowpan;
115
132
 #endif
133
+#if defined(CONFIG_IP_SCTP) || defined(CONFIG_IP_SCTP_MODULE)
116
134
 	struct netns_sctp	sctp;
135
+#endif
117
136
 #if defined(CONFIG_IP_DCCP) || defined(CONFIG_IP_DCCP_MODULE)
118
137
 	struct netns_dccp	dccp;
119
138
 #endif
..
..
@@ -144,10 +163,16 @@
144
163
 #endif
145
164
 	struct net_generic __rcu	*gen;
146
165
 
166
+	/* Used to store attached BPF programs */
167
+	struct netns_bpf	bpf;
168
+
147
169
 	/* Note : following structs are cache line aligned */
148
170
 #ifdef CONFIG_XFRM
149
171
 	struct netns_xfrm	xfrm;
150
172
 #endif
173
+
174
+	atomic64_t		net_cookie; /* written once */
175
+
151
176
 #if IS_ENABLED(CONFIG_IP_VS)
152
177
 	struct netns_ipvs	*ipvs;
153
178
 #endif
..
..
@@ -157,8 +182,13 @@
157
182
 #if IS_ENABLED(CONFIG_CAN)
158
183
 	struct netns_can	can;
159
184
 #endif
185
+#ifdef CONFIG_XDP_SOCKETS
186
+	struct netns_xdp	xdp;
187
+#endif
188
+#if IS_ENABLED(CONFIG_CRYPTO_USER)
189
+	struct sock		*crypto_nlsk;
190
+#endif
160
191
 	struct sock		*diag_nlsk;
161
-	atomic_t		fnhe_genid;
162
192
 } __randomize_layout;
163
193
 
164
194
 #include <linux/seq_file_net.h>
..
..
@@ -311,7 +341,8 @@
311
341
 /* Protected by net_rwsem */
312
342
 #define for_each_net(VAR)				\
313
343
 	list_for_each_entry(VAR, &net_namespace_list, list)
314
-
344
+#define for_each_net_continue_reverse(VAR)		\
345
+	list_for_each_entry_continue_reverse(VAR, &net_namespace_list, list)
315
346
 #define for_each_net_rcu(VAR)				\
316
347
 	list_for_each_entry_rcu(VAR, &net_namespace_list, list)
317
348
 
..
..
@@ -328,9 +359,9 @@
328
359
 #endif
329
360
 
330
361
 int peernet2id_alloc(struct net *net, struct net *peer, gfp_t gfp);
331
-int peernet2id(struct net *net, struct net *peer);
332
-bool peernet_has_id(struct net *net, struct net *peer);
333
-struct net *get_net_ns_by_id(struct net *net, int id);
362
+int peernet2id(const struct net *net, struct net *peer);
363
+bool peernet_has_id(const struct net *net, struct net *peer);
364
+struct net *get_net_ns_by_id(const struct net *net, int id);
334
365
 
335
366
 struct pernet_operations {
336
367
 	struct list_head list;
..
..
@@ -351,8 +382,13 @@
351
382
 	 * synchronize_rcu() related to these pernet_operations,
352
383
 	 * instead of separate synchronize_rcu() for every net.
353
384
 	 * Please, avoid synchronize_rcu() at all, where it's possible.
385
+	 *
386
+	 * Note that a combination of pre_exit() and exit() can
387
+	 * be used, since a synchronize_rcu() is guaranteed between
388
+	 * the calls.
354
389
 	 */
355
390
 	int (*init)(struct net *net);
391
+	void (*pre_exit)(struct net *net);
356
392
 	void (*exit)(struct net *net);
357
393
 	void (*exit_batch)(struct list_head *net_exit_list);
358
394
 	unsigned int *id;
..
..
@@ -403,10 +439,17 @@
403
439
 }
404
440
 #endif
405
441
 
406
-static inline int rt_genid_ipv4(struct net *net)
442
+static inline int rt_genid_ipv4(const struct net *net)
407
443
 {
408
444
 	return atomic_read(&net->ipv4.rt_genid);
409
445
 }
446
+
447
+#if IS_ENABLED(CONFIG_IPV6)
448
+static inline int rt_genid_ipv6(const struct net *net)
449
+{
450
+	return atomic_read(&net->ipv6.fib6_sernum);
451
+}
452
+#endif
410
453
 
411
454
 static inline void rt_genid_bump_ipv4(struct net *net)
412
455
 {
..
..
@@ -435,7 +478,7 @@
435
478
 	rt_genid_bump_ipv6(net);
436
479
 }
437
480
 
438
-static inline int fnhe_genid(struct net *net)
481
+static inline int fnhe_genid(const struct net *net)
439
482
 {
440
483
 	return atomic_read(&net->fnhe_genid);
441
484
 }