diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2008-01-24 03:13:18 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-28 18:00:03 -0500 |
| commit | 426b5303eb435d98b9bee37a807be386bc2b3320 (patch) | |
| tree | 86f7bd945101d9ac51afb22a210d22b8ff956a4e /include/net/neighbour.h | |
| parent | e1af9f270b69a3ad1dcbabb404dd1f40a96f43f5 (diff) | |
[NETNS]: Modify the neighbour table code so it handles multiple network namespaces
I'm actually surprised at how much was involved. At first glance it
appears that the neighbour table data structures are already split by
network device so all that should be needed is to modify the user
interface commands to filter the set of neighbours by the network
namespace of their devices.
However a couple things turned up while I was reading through the
code. The proxy neighbour table allows entries with no network
device, and the neighbour parms are per network device (except for the
defaults) so they now need a per network namespace default.
So I updated the two structures (which surprised me) with their very
own network namespace parameter. Updated the relevant lookup and
destroy routines with a network namespace parameter and modified the
code that interacts with users to filter out neighbour table entries
for devices of other namespaces.
I'm a little concerned that we can modify and display the global table
configuration and from all network namespaces. But this appears good
enough for now.
I keep thinking modifying the neighbour table to have per network
namespace instances of each table type would should be cleaner. The
hash table is already dynamically sized so there are it is not a
limiter. The default parameter would be straight forward to take care
of. However when I look at the how the network table is built and
used I still find some assumptions that there is only a single
neighbour table for each type of table in the kernel. The netlink
operations, neigh_seq_start, the non-core network users that call
neigh_lookup. So while it might be doable it would require more
refactoring than my current approach of just doing a little extra
filtering in the code.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/neighbour.h')
| -rw-r--r-- | include/net/neighbour.h | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/include/net/neighbour.h b/include/net/neighbour.h index a4f26187fc1a..11590f23d99d 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h | |||
| @@ -34,6 +34,7 @@ struct neighbour; | |||
| 34 | 34 | ||
| 35 | struct neigh_parms | 35 | struct neigh_parms |
| 36 | { | 36 | { |
| 37 | struct net *net; | ||
| 37 | struct net_device *dev; | 38 | struct net_device *dev; |
| 38 | struct neigh_parms *next; | 39 | struct neigh_parms *next; |
| 39 | int (*neigh_setup)(struct neighbour *); | 40 | int (*neigh_setup)(struct neighbour *); |
| @@ -126,7 +127,8 @@ struct neigh_ops | |||
| 126 | struct pneigh_entry | 127 | struct pneigh_entry |
| 127 | { | 128 | { |
| 128 | struct pneigh_entry *next; | 129 | struct pneigh_entry *next; |
| 129 | struct net_device *dev; | 130 | struct net *net; |
| 131 | struct net_device *dev; | ||
| 130 | u8 flags; | 132 | u8 flags; |
| 131 | u8 key[0]; | 133 | u8 key[0]; |
| 132 | }; | 134 | }; |
| @@ -187,6 +189,7 @@ extern struct neighbour * neigh_lookup(struct neigh_table *tbl, | |||
| 187 | const void *pkey, | 189 | const void *pkey, |
| 188 | struct net_device *dev); | 190 | struct net_device *dev); |
| 189 | extern struct neighbour * neigh_lookup_nodev(struct neigh_table *tbl, | 191 | extern struct neighbour * neigh_lookup_nodev(struct neigh_table *tbl, |
| 192 | struct net *net, | ||
| 190 | const void *pkey); | 193 | const void *pkey); |
| 191 | extern struct neighbour * neigh_create(struct neigh_table *tbl, | 194 | extern struct neighbour * neigh_create(struct neigh_table *tbl, |
| 192 | const void *pkey, | 195 | const void *pkey, |
| @@ -211,8 +214,8 @@ extern unsigned long neigh_rand_reach_time(unsigned long base); | |||
| 211 | 214 | ||
| 212 | extern void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, | 215 | extern void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, |
| 213 | struct sk_buff *skb); | 216 | struct sk_buff *skb); |
| 214 | extern struct pneigh_entry *pneigh_lookup(struct neigh_table *tbl, const void *key, struct net_device *dev, int creat); | 217 | extern struct pneigh_entry *pneigh_lookup(struct neigh_table *tbl, struct net *net, const void *key, struct net_device *dev, int creat); |
| 215 | extern int pneigh_delete(struct neigh_table *tbl, const void *key, struct net_device *dev); | 218 | extern int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *key, struct net_device *dev); |
| 216 | 219 | ||
| 217 | extern void neigh_app_ns(struct neighbour *n); | 220 | extern void neigh_app_ns(struct neighbour *n); |
| 218 | extern void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie); | 221 | extern void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie); |
| @@ -220,6 +223,7 @@ extern void __neigh_for_each_release(struct neigh_table *tbl, int (*cb)(struct n | |||
| 220 | extern void pneigh_for_each(struct neigh_table *tbl, void (*cb)(struct pneigh_entry *)); | 223 | extern void pneigh_for_each(struct neigh_table *tbl, void (*cb)(struct pneigh_entry *)); |
| 221 | 224 | ||
| 222 | struct neigh_seq_state { | 225 | struct neigh_seq_state { |
| 226 | struct net *net; | ||
| 223 | struct neigh_table *tbl; | 227 | struct neigh_table *tbl; |
| 224 | void *(*neigh_sub_iter)(struct neigh_seq_state *state, | 228 | void *(*neigh_sub_iter)(struct neigh_seq_state *state, |
| 225 | struct neighbour *n, loff_t *pos); | 229 | struct neighbour *n, loff_t *pos); |