netns xfrm: finding policy in netns

Add netns parameter to xfrm_policy_bysel_ctx(), xfrm_policy_byidx(). Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Alexey Dobriyan <adobriyan@gmail.com> 2008-11-25 20:34:20 -0500
committer: David S. Miller <davem@davemloft.net> 2008-11-25 20:34:20 -0500
commit: 8d1211a6aaea43ea36151c17b0193eb763ff2d7e (patch)
tree: 8e58601a897ec0e2afb3b2b1df695560b0d76ed4
parent: 33ffbbd52c327225a3e28485c39dc5746d81be03 (diff)
4 files changed, 16 insertions, 16 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 766cc71e96d4..ec2b7a9b3aa9 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1439,11 +1439,11 @@ extern int xfrm_policy_walk(struct xfrm_policy_walk *walk,
        int (*func)(struct xfrm_policy *, int, int, void*), void *);
 extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);
 int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
-struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
+struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir,
                                          struct xfrm_selector *sel,
                                          struct xfrm_sec_ctx *ctx, int delete,
                                          int *err);
-struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete, int *err);
+struct xfrm_policy *xfrm_policy_byid(struct net *net, u8, int dir, u32 id, int delete, int *err);
 int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info);
 u32 xfrm_get_acqseq(void);
 extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 0f44856c1f12..ca268116ac11 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2324,7 +2324,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
                        return err;
        }
-        xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN,
+        xp = xfrm_policy_bysel_ctx(&init_net, XFRM_POLICY_TYPE_MAIN,
                                   pol->sadb_x_policy_dir - 1, &sel, pol_ctx,
                                   1, &err);
        security_xfrm_policy_free(pol_ctx);
@@ -2571,8 +2571,8 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
                return -EINVAL;
        delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2);
-        xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir, pol->sadb_x_policy_id,
+        xp = xfrm_policy_byid(&init_net, XFRM_POLICY_TYPE_MAIN, dir,
-                              delete, &err);
+                              pol->sadb_x_policy_id, delete, &err);
        if (xp == NULL)
                return -ENOENT;
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 7c264a74edc0..96895ef61858 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -642,7 +642,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
 }
 EXPORT_SYMBOL(xfrm_policy_insert);
-struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
+struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir,
                                          struct xfrm_selector *sel,
                                          struct xfrm_sec_ctx *ctx, int delete,
                                          int *err)
@@ -653,7 +653,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
        *err = 0;
        write_lock_bh(&xfrm_policy_lock);
-        chain = policy_hash_bysel(&init_net, sel, sel->family, dir);
+        chain = policy_hash_bysel(net, sel, sel->family, dir);
        ret = NULL;
        hlist_for_each_entry(pol, entry, chain, bydst) {
                if (pol->type == type &&
@@ -670,7 +670,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
                                hlist_del(&pol->bydst);
                                hlist_del(&pol->byidx);
                                list_del(&pol->walk.all);
-                                init_net.xfrm.policy_count[dir]--;
+                                net->xfrm.policy_count[dir]--;
                        }
                        ret = pol;
                        break;
@@ -686,8 +686,8 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
 }
 EXPORT_SYMBOL(xfrm_policy_bysel_ctx);
-struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,
+struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id,
-                                     int *err)
+                                     int delete, int *err)
 {
        struct xfrm_policy *pol, *ret;
        struct hlist_head *chain;
@@ -699,7 +699,7 @@ struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,
        *err = 0;
        write_lock_bh(&xfrm_policy_lock);
-        chain = init_net.xfrm.policy_byidx + idx_hash(&init_net, id);
+        chain = net->xfrm.policy_byidx + idx_hash(net, id);
        ret = NULL;
        hlist_for_each_entry(pol, entry, chain, byidx) {
                if (pol->type == type && pol->index == id) {
@@ -714,7 +714,7 @@ struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,
                                hlist_del(&pol->bydst);
                                hlist_del(&pol->byidx);
                                list_del(&pol->walk.all);
-                                init_net.xfrm.policy_count[dir]--;
+                                net->xfrm.policy_count[dir]--;
                        }
                        ret = pol;
                        break;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d4983e831c34..efd6ab5c0aca 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1330,7 +1330,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                return err;
        if (p->index)
-                xp = xfrm_policy_byid(type, p->dir, p->index, delete, &err);
+                xp = xfrm_policy_byid(&init_net, type, p->dir, p->index, delete, &err);
        else {
                struct nlattr *rt = attrs[XFRMA_SEC_CTX];
                struct xfrm_sec_ctx *ctx;
@@ -1347,7 +1347,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                        if (err)
                                return err;
                }
-                xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx,
+                xp = xfrm_policy_bysel_ctx(&init_net, type, p->dir, &p->sel, ctx,
                                           delete, &err);
                security_xfrm_policy_free(ctx);
        }
@@ -1571,7 +1571,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
                return err;
        if (p->index)
-                xp = xfrm_policy_byid(type, p->dir, p->index, 0, &err);
+                xp = xfrm_policy_byid(&init_net, type, p->dir, p->index, 0, &err);
        else {
                struct nlattr *rt = attrs[XFRMA_SEC_CTX];
                struct xfrm_sec_ctx *ctx;
@@ -1588,7 +1588,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
                        if (err)
                                return err;
                }
-                xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx, 0, &err);
+                xp = xfrm_policy_bysel_ctx(&init_net, type, p->dir, &p->sel, ctx, 0, &err);
                security_xfrm_policy_free(ctx);
        }
        if (xp == NULL)
author	Alexey Dobriyan <adobriyan@gmail.com>	2008-11-25 20:34:20 -0500
committer	David S. Miller <davem@davemloft.net>	2008-11-25 20:34:20 -0500
commit	8d1211a6aaea43ea36151c17b0193eb763ff2d7e (patch)
tree	8e58601a897ec0e2afb3b2b1df695560b0d76ed4
parent	33ffbbd52c327225a3e28485c39dc5746d81be03 (diff)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 766cc71e96d4..ec2b7a9b3aa9 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h
@@ -1439,11 +1439,11 @@ extern int xfrm_policy_walk(struct xfrm_policy_walk *walk,
1439	int (func)(struct xfrm_policy , int, int, void), void );	1439	int (func)(struct xfrm_policy , int, int, void), void );
1440	extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);	1440	extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);
1441	int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);	1441	int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
1442	struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,	1442	struct xfrm_policy xfrm_policy_bysel_ctx(struct net net, u8 type, int dir,
1443	struct xfrm_selector *sel,	1443	struct xfrm_selector *sel,
1444	struct xfrm_sec_ctx *ctx, int delete,	1444	struct xfrm_sec_ctx *ctx, int delete,
1445	int *err);	1445	int *err);
1446	struct xfrm_policy xfrm_policy_byid(u8, int dir, u32 id, int delete, int err);	1446	struct xfrm_policy xfrm_policy_byid(struct net net, u8, int dir, u32 id, int delete, int *err);
1447	int xfrm_policy_flush(struct net net, u8 type, struct xfrm_audit audit_info);	1447	int xfrm_policy_flush(struct net net, u8 type, struct xfrm_audit audit_info);
1448	u32 xfrm_get_acqseq(void);	1448	u32 xfrm_get_acqseq(void);
1449	extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);	1449	extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);


diff --git a/net/key/af_key.c b/net/key/af_key.c index 0f44856c1f12..ca268116ac11 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c
@@ -2324,7 +2324,7 @@ static int pfkey_spddelete(struct sock sk, struct sk_buff skb, struct sadb_msg
2324	return err;	2324	return err;
2325	}	2325	}
2326		2326
2327	xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN,	2327	xp = xfrm_policy_bysel_ctx(&init_net, XFRM_POLICY_TYPE_MAIN,
2328	pol->sadb_x_policy_dir - 1, &sel, pol_ctx,	2328	pol->sadb_x_policy_dir - 1, &sel, pol_ctx,
2329	1, &err);	2329	1, &err);
2330	security_xfrm_policy_free(pol_ctx);	2330	security_xfrm_policy_free(pol_ctx);
@@ -2571,8 +2571,8 @@ static int pfkey_spdget(struct sock sk, struct sk_buff skb, struct sadb_msg *h
2571	return -EINVAL;	2571	return -EINVAL;
2572		2572
2573	delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2);	2573	delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2);
2574	xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir, pol->sadb_x_policy_id,	2574	xp = xfrm_policy_byid(&init_net, XFRM_POLICY_TYPE_MAIN, dir,
2575	delete, &err);	2575	pol->sadb_x_policy_id, delete, &err);
2576	if (xp == NULL)	2576	if (xp == NULL)
2577	return -ENOENT;	2577	return -ENOENT;
2578		2578


diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 7c264a74edc0..96895ef61858 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c
@@ -642,7 +642,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
642	}	642	}
643	EXPORT_SYMBOL(xfrm_policy_insert);	643	EXPORT_SYMBOL(xfrm_policy_insert);
644		644
645	struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,	645	struct xfrm_policy xfrm_policy_bysel_ctx(struct net net, u8 type, int dir,
646	struct xfrm_selector *sel,	646	struct xfrm_selector *sel,
647	struct xfrm_sec_ctx *ctx, int delete,	647	struct xfrm_sec_ctx *ctx, int delete,
648	int *err)	648	int *err)
@@ -653,7 +653,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
653		653
654	*err = 0;	654	*err = 0;
655	write_lock_bh(&xfrm_policy_lock);	655	write_lock_bh(&xfrm_policy_lock);
656	chain = policy_hash_bysel(&init_net, sel, sel->family, dir);	656	chain = policy_hash_bysel(net, sel, sel->family, dir);
657	ret = NULL;	657	ret = NULL;
658	hlist_for_each_entry(pol, entry, chain, bydst) {	658	hlist_for_each_entry(pol, entry, chain, bydst) {
659	if (pol->type == type &&	659	if (pol->type == type &&
@@ -670,7 +670,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
670	hlist_del(&pol->bydst);	670	hlist_del(&pol->bydst);
671	hlist_del(&pol->byidx);	671	hlist_del(&pol->byidx);
672	list_del(&pol->walk.all);	672	list_del(&pol->walk.all);
673	init_net.xfrm.policy_count[dir]--;	673	net->xfrm.policy_count[dir]--;
674	}	674	}
675	ret = pol;	675	ret = pol;
676	break;	676	break;
@@ -686,8 +686,8 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
686	}	686	}
687	EXPORT_SYMBOL(xfrm_policy_bysel_ctx);	687	EXPORT_SYMBOL(xfrm_policy_bysel_ctx);
688		688
689	struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,	689	struct xfrm_policy xfrm_policy_byid(struct net net, u8 type, int dir, u32 id,
690	int *err)	690	int delete, int *err)
691	{	691	{
692	struct xfrm_policy pol, ret;	692	struct xfrm_policy pol, ret;
693	struct hlist_head *chain;	693	struct hlist_head *chain;
@@ -699,7 +699,7 @@ struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,
699		699
700	*err = 0;	700	*err = 0;
701	write_lock_bh(&xfrm_policy_lock);	701	write_lock_bh(&xfrm_policy_lock);
702	chain = init_net.xfrm.policy_byidx + idx_hash(&init_net, id);	702	chain = net->xfrm.policy_byidx + idx_hash(net, id);
703	ret = NULL;	703	ret = NULL;
704	hlist_for_each_entry(pol, entry, chain, byidx) {	704	hlist_for_each_entry(pol, entry, chain, byidx) {
705	if (pol->type == type && pol->index == id) {	705	if (pol->type == type && pol->index == id) {
@@ -714,7 +714,7 @@ struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete,
714	hlist_del(&pol->bydst);	714	hlist_del(&pol->bydst);
715	hlist_del(&pol->byidx);	715	hlist_del(&pol->byidx);
716	list_del(&pol->walk.all);	716	list_del(&pol->walk.all);
717	init_net.xfrm.policy_count[dir]--;	717	net->xfrm.policy_count[dir]--;
718	}	718	}
719	ret = pol;	719	ret = pol;
720	break;	720	break;


diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index d4983e831c34..efd6ab5c0aca 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c
@@ -1330,7 +1330,7 @@ static int xfrm_get_policy(struct sk_buff skb, struct nlmsghdr nlh,
1330	return err;	1330	return err;
1331		1331
1332	if (p->index)	1332	if (p->index)
1333	xp = xfrm_policy_byid(type, p->dir, p->index, delete, &err);	1333	xp = xfrm_policy_byid(&init_net, type, p->dir, p->index, delete, &err);
1334	else {	1334	else {
1335	struct nlattr *rt = attrs[XFRMA_SEC_CTX];	1335	struct nlattr *rt = attrs[XFRMA_SEC_CTX];
1336	struct xfrm_sec_ctx *ctx;	1336	struct xfrm_sec_ctx *ctx;
@@ -1347,7 +1347,7 @@ static int xfrm_get_policy(struct sk_buff skb, struct nlmsghdr nlh,
1347	if (err)	1347	if (err)
1348	return err;	1348	return err;
1349	}	1349	}
1350	xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx,	1350	xp = xfrm_policy_bysel_ctx(&init_net, type, p->dir, &p->sel, ctx,
1351	delete, &err);	1351	delete, &err);
1352	security_xfrm_policy_free(ctx);	1352	security_xfrm_policy_free(ctx);
1353	}	1353	}
@@ -1571,7 +1571,7 @@ static int xfrm_add_pol_expire(struct sk_buff skb, struct nlmsghdr nlh,
1571	return err;	1571	return err;
1572		1572
1573	if (p->index)	1573	if (p->index)
1574	xp = xfrm_policy_byid(type, p->dir, p->index, 0, &err);	1574	xp = xfrm_policy_byid(&init_net, type, p->dir, p->index, 0, &err);
1575	else {	1575	else {
1576	struct nlattr *rt = attrs[XFRMA_SEC_CTX];	1576	struct nlattr *rt = attrs[XFRMA_SEC_CTX];
1577	struct xfrm_sec_ctx *ctx;	1577	struct xfrm_sec_ctx *ctx;
@@ -1588,7 +1588,7 @@ static int xfrm_add_pol_expire(struct sk_buff skb, struct nlmsghdr nlh,
1588	if (err)	1588	if (err)
1589	return err;	1589	return err;
1590	}	1590	}
1591	xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx, 0, &err);	1591	xp = xfrm_policy_bysel_ctx(&init_net, type, p->dir, &p->sel, ctx, 0, &err);
1592	security_xfrm_policy_free(ctx);	1592	security_xfrm_policy_free(ctx);
1593	}	1593	}
1594	if (xp == NULL)	1594	if (xp == NULL)