cfg80211: make aware of net namespaces

In order to make cfg80211/nl80211 aware of network namespaces,
we have to do the following things:

 * del_virtual_intf method takes an interface index rather
   than a netdev pointer - simply change this

 * nl80211 uses init_net a lot, it changes to use the sender's
   network namespace

 * scan requests use the interface index, hold a netdev pointer
   and reference instead

 * we want a wiphy and its associated virtual interfaces to be
   in one netns together, so
    - we need to be able to change ns for a given interface, so
      export dev_change_net_namespace()
    - for each virtual interface set the NETIF_F_NETNS_LOCAL
      flag, and clear that flag only when the wiphy changes ns,
      to disallow breaking this invariant

 * when a network namespace goes away, we need to reparent the
   wiphy to init_net

 * cfg80211 users that support creating virtual interfaces must
   create them in the wiphy's namespace, currently this affects
   only mac80211

The end result is that you can now switch an entire wiphy into
a different network namespace with the new command
	iw phy#<idx> set netns <pid>
and all virtual interfaces will follow (or the operation fails).

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

2 files changed, 45 insertions, 4 deletions

diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h
index 962e2232a074..cb3dc6027fd9 100644
--- a/include/linux/nl80211.h
+++ b/include/linux/nl80211.h
@@ -262,6 +262,9 @@
  *      reasons, for this the %NL80211_ATTR_DISCONNECTED_BY_AP and
  *      %NL80211_ATTR_REASON_CODE attributes are used.
  *
+ * @NL80211_CMD_SET_WIPHY_NETNS: Set a wiphy's netns. Note that all devices
+ *      associated with this wiphy must be down and will follow.
+ *
  * @NL80211_CMD_MAX: highest used command number
  * @__NL80211_CMD_AFTER_LAST: internal use
  */
@@ -336,6 +339,8 @@ enum nl80211_commands {
         NL80211_CMD_ROAM,
         NL80211_CMD_DISCONNECT,
 
+        NL80211_CMD_SET_WIPHY_NETNS,
+
         /* add new commands above here */
 
         /* used to define NL80211_CMD_MAX below */
@@ -573,6 +578,8 @@ enum nl80211_commands {
  *      and join_ibss(), key information is in a nested attribute each
  *      with %NL80211_KEY_* sub-attributes
  *
+ * @NL80211_ATTR_PID: Process ID of a network namespace.
+ *
  * @NL80211_ATTR_MAX: highest attribute number currently defined
  * @__NL80211_ATTR_AFTER_LAST: internal use
  */
@@ -701,6 +708,8 @@ enum nl80211_attrs {
         NL80211_ATTR_KEY,
         NL80211_ATTR_KEYS,
 
+        NL80211_ATTR_PID,
+
         /* add attributes here, update the policy in nl80211.c */
 
         __NL80211_ATTR_AFTER_LAST,
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index a981ca8a5701..0d278777e39c 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -542,7 +542,7 @@ struct cfg80211_ssid {
  * @ie: optional information element(s) to add into Probe Request or %NULL
  * @ie_len: length of ie in octets
  * @wiphy: the wiphy this was for
- * @ifidx: the interface index
+ * @dev: the interface
  */
 struct cfg80211_scan_request {
         struct cfg80211_ssid *ssids;
@@ -554,7 +554,7 @@ struct cfg80211_scan_request {
 
         /* internal */
         struct wiphy *wiphy;
-        int ifidx;
+        struct net_device *dev;
         bool aborted;
 };
 
@@ -845,7 +845,8 @@ struct cfg80211_bitrate_mask {
  * @resume: wiphy device needs to be resumed
  *
  * @add_virtual_intf: create a new virtual interface with the given name,
- *      must set the struct wireless_dev's iftype.
+ *      must set the struct wireless_dev's iftype. Beware: You must create
+ *      the new netdev in the wiphy's network namespace!
  *
  * @del_virtual_intf: remove the virtual interface determined by ifindex.
  *
@@ -937,7 +938,7 @@ struct cfg80211_ops {
         int     (*add_virtual_intf)(struct wiphy *wiphy, char *name,
                                     enum nl80211_iftype type, u32 *flags,
                                     struct vif_params *params);
-        int     (*del_virtual_intf)(struct wiphy *wiphy, int ifindex);
+        int     (*del_virtual_intf)(struct wiphy *wiphy, struct net_device *dev);
         int     (*change_virtual_intf)(struct wiphy *wiphy,
                                        struct net_device *dev,
                                        enum nl80211_iftype type, u32 *flags,
@@ -1088,6 +1089,9 @@ struct cfg80211_ops {
  * @frag_threshold: Fragmentation threshold (dot11FragmentationThreshold);
  *      -1 = fragmentation disabled, only odd values >= 256 used
  * @rts_threshold: RTS threshold (dot11RTSThreshold); -1 = RTS/CTS disabled
+ * @net: the network namespace this wiphy currently lives in
+ * @netnsok: if set to false, do not allow changing the netns of this
+ *      wiphy at all
  */
 struct wiphy {
         /* assign these fields before you register the wiphy */
@@ -1101,6 +1105,8 @@ struct wiphy {
         bool custom_regulatory;
         bool strict_regulatory;
 
+        bool netnsok;
+
         enum cfg80211_signal_type signal_type;
 
         int bss_priv_size;
@@ -1139,9 +1145,35 @@ struct wiphy {
         /* dir in debugfs: ieee80211/<wiphyname> */
         struct dentry *debugfsdir;
 
+#ifdef CONFIG_NET_NS
+        /* the network namespace this phy lives in currently */
+        struct net *_net;
+#endif
+
         char priv[0] __attribute__((__aligned__(NETDEV_ALIGN)));
 };
 
+#ifdef CONFIG_NET_NS
+static inline struct net *wiphy_net(struct wiphy *wiphy)
+{
+        return wiphy->_net;
+}
+
+static inline void wiphy_net_set(struct wiphy *wiphy, struct net *net)
+{
+        wiphy->_net = net;
+}
+#else
+static inline struct net *wiphy_net(struct wiphy *wiphy)
+{
+        return &init_net;
+}
+
+static inline void wiphy_net_set(struct wiphy *wiphy, struct net *net)
+{
+}
+#endif
+
 /**
  * wiphy_priv - return priv from wiphy
  *