[NET]: Make /proc/net per network namespace

This patch makes /proc/net per network namespace. It modifies the global variables proc_net and proc_net_stat to be per network namespace. The proc_net file helpers are modified to take a network namespace argument, and all of their callers are fixed to pass &init_net for that argument. This ensures that all of the /proc/net files are only visible and usable in the initial network namespace until the code behind them has been updated to be handle multiple network namespaces. Making /proc/net per namespace is necessary as at least some files in /proc/net depend upon the set of network devices which is per network namespace, and even more files in /proc/net have contents that are relevant to a single network namespace. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Eric W. Biederman <ebiederm@xmission.com> 2007-09-12 06:01:34 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2007-10-10 19:49:06 -0400
commit: 457c4cbc5a3dde259d2a1f15d5f9785290397267 (patch)
tree: a2ceee88780cbce27433b9a4434b3e9251efd81a /net/ipv6
parent: 07feaebfcc10cd35e745c7073667935246494bee (diff)
8 files changed, 36 insertions, 28 deletions
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 45b4c82148a0..cd2db728d183 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -62,6 +62,7 @@
 #include <linux/notifier.h>
 #include <linux/string.h>
+#include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/snmp.h>
@@ -2827,14 +2828,14 @@ static const struct file_operations if6_fops = {
 int __init if6_proc_init(void)
 {
-        if (!proc_net_fops_create("if_inet6", S_IRUGO, &if6_fops))
+        if (!proc_net_fops_create(&init_net, "if_inet6", S_IRUGO, &if6_fops))
                return -ENOMEM;
        return 0;
 }
 void if6_proc_exit(void)
 {
-        proc_net_remove("if_inet6");
+        proc_net_remove(&init_net, "if_inet6");
 }
 #endif  /* CONFIG_PROC_FS */
@@ -4293,6 +4294,6 @@ void __exit addrconf_cleanup(void)
        rtnl_unlock();
 #ifdef CONFIG_PROC_FS
-        proc_net_remove("if_inet6");
+        proc_net_remove(&init_net, "if_inet6");
 #endif
 }
diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c
index b8c533fbdb63..0bd665498d06 100644
--- a/net/ipv6/anycast.c
+++ b/net/ipv6/anycast.c
@@ -30,6 +30,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
+#include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/snmp.h>
@@ -578,7 +579,7 @@ static const struct file_operations ac6_seq_fops = {
 int __init ac6_proc_init(void)
 {
-        if (!proc_net_fops_create("anycast6", S_IRUGO, &ac6_seq_fops))
+        if (!proc_net_fops_create(&init_net, "anycast6", S_IRUGO, &ac6_seq_fops))
                return -ENOMEM;
        return 0;
@@ -586,7 +587,7 @@ int __init ac6_proc_init(void)
 void ac6_proc_exit(void)
 {
-        proc_net_remove("anycast6");
+        proc_net_remove(&init_net, "anycast6");
 }
 #endif
diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c
index 413a4ebb195c..1791399c7f10 100644
--- a/net/ipv6/ip6_flowlabel.c
+++ b/net/ipv6/ip6_flowlabel.c
@@ -21,6 +21,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
+#include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/ipv6.h>
@@ -690,7 +691,7 @@ static const struct file_operations ip6fl_seq_fops = {
 void ip6_flowlabel_init(void)
 {
 #ifdef CONFIG_PROC_FS
-        proc_net_fops_create("ip6_flowlabel", S_IRUGO, &ip6fl_seq_fops);
+        proc_net_fops_create(&init_net, "ip6_flowlabel", S_IRUGO, &ip6fl_seq_fops);
 #endif
 }
@@ -698,6 +699,6 @@ void ip6_flowlabel_cleanup(void)
 {
        del_timer(&ip6_fl_gc_timer);
 #ifdef CONFIG_PROC_FS
-        proc_net_remove("ip6_flowlabel");
+        proc_net_remove(&init_net, "ip6_flowlabel");
 #endif
 }
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index ae9881832a7e..a41d5a0b50cc 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -49,6 +49,7 @@
 #include <linux/netfilter.h>
 #include <linux/netfilter_ipv6.h>
+#include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/snmp.h>
@@ -2658,8 +2659,8 @@ int __init igmp6_init(struct net_proto_family *ops)
        np->hop_limit = 1;
 #ifdef CONFIG_PROC_FS
-        proc_net_fops_create("igmp6", S_IRUGO, &igmp6_mc_seq_fops);
+        proc_net_fops_create(&init_net, "igmp6", S_IRUGO, &igmp6_mc_seq_fops);
-        proc_net_fops_create("mcfilter6", S_IRUGO, &igmp6_mcf_seq_fops);
+        proc_net_fops_create(&init_net, "mcfilter6", S_IRUGO, &igmp6_mcf_seq_fops);
 #endif
        return 0;
@@ -2671,7 +2672,7 @@ void igmp6_cleanup(void)
        igmp6_socket = NULL; /* for safety */
 #ifdef CONFIG_PROC_FS
-        proc_net_remove("mcfilter6");
+        proc_net_remove(&init_net, "mcfilter6");
-        proc_net_remove("igmp6");
+        proc_net_remove(&init_net, "igmp6");
 #endif
 }
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 0004db38af6d..dfc58fbdb68b 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -24,6 +24,7 @@
 #include <linux/sysctl.h>
 #include <linux/proc_fs.h>
 #include <linux/mutex.h>
+#include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/ipv6.h>
 #include <net/ip6_route.h>
@@ -664,7 +665,7 @@ static int __init ip6_queue_init(void)
                goto cleanup_netlink_notifier;
        }
-        proc = proc_net_create(IPQ_PROC_FS_NAME, 0, ipq_get_info);
+        proc = proc_net_create(&init_net, IPQ_PROC_FS_NAME, 0, ipq_get_info);
        if (proc)
                proc->owner = THIS_MODULE;
        else {
@@ -685,7 +686,7 @@ static int __init ip6_queue_init(void)
 cleanup_sysctl:
        unregister_sysctl_table(ipq_sysctl_header);
        unregister_netdevice_notifier(&ipq_dev_notifier);
-        proc_net_remove(IPQ_PROC_FS_NAME);
+        proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
 cleanup_ipqnl:
        sock_release(ipqnl->sk_socket);
@@ -705,7 +706,7 @@ static void __exit ip6_queue_fini(void)
        unregister_sysctl_table(ipq_sysctl_header);
        unregister_netdevice_notifier(&ipq_dev_notifier);
-        proc_net_remove(IPQ_PROC_FS_NAME);
+        proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
        sock_release(ipqnl->sk_socket);
        mutex_lock(&ipqnl_mutex);
diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c
index 920dc9cf6a84..a712a2289484 100644
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -23,6 +23,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
 #include <linux/stddef.h>
+#include <net/net_namespace.h>
 #include <net/ip.h>
 #include <net/sock.h>
 #include <net/tcp.h>
@@ -231,22 +232,22 @@ int __init ipv6_misc_proc_init(void)
 {
        int rc = 0;
-        if (!proc_net_fops_create("snmp6", S_IRUGO, &snmp6_seq_fops))
+        if (!proc_net_fops_create(&init_net, "snmp6", S_IRUGO, &snmp6_seq_fops))
                goto proc_snmp6_fail;
-        proc_net_devsnmp6 = proc_mkdir("dev_snmp6", proc_net);
+        proc_net_devsnmp6 = proc_mkdir("dev_snmp6", init_net.proc_net);
        if (!proc_net_devsnmp6)
                goto proc_dev_snmp6_fail;
-        if (!proc_net_fops_create("sockstat6", S_IRUGO, &sockstat6_seq_fops))
+        if (!proc_net_fops_create(&init_net, "sockstat6", S_IRUGO, &sockstat6_seq_fops))
                goto proc_sockstat6_fail;
 out:
        return rc;
 proc_sockstat6_fail:
-        proc_net_remove("dev_snmp6");
+        proc_net_remove(&init_net, "dev_snmp6");
 proc_dev_snmp6_fail:
-        proc_net_remove("snmp6");
+        proc_net_remove(&init_net, "snmp6");
 proc_snmp6_fail:
        rc = -ENOMEM;
        goto out;
@@ -254,8 +255,8 @@ proc_snmp6_fail:
 void ipv6_misc_proc_exit(void)
 {
-        proc_net_remove("sockstat6");
+        proc_net_remove(&init_net, "sockstat6");
-        proc_net_remove("dev_snmp6");
+        proc_net_remove(&init_net, "dev_snmp6");
-        proc_net_remove("snmp6");
+        proc_net_remove(&init_net, "snmp6");
 }
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 77167afa3455..38a3d21c2585 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -35,6 +35,7 @@
 #include <asm/uaccess.h>
 #include <asm/ioctls.h>
+#include <net/net_namespace.h>
 #include <net/ip.h>
 #include <net/sock.h>
 #include <net/snmp.h>
@@ -1315,13 +1316,13 @@ static const struct file_operations raw6_seq_fops = {
 int __init raw6_proc_init(void)
 {
-        if (!proc_net_fops_create("raw6", S_IRUGO, &raw6_seq_fops))
+        if (!proc_net_fops_create(&init_net, "raw6", S_IRUGO, &raw6_seq_fops))
                return -ENOMEM;
        return 0;
 }
 void raw6_proc_exit(void)
 {
-        proc_net_remove("raw6");
+        proc_net_remove(&init_net, "raw6");
 }
 #endif  /* CONFIG_PROC_FS */
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 55ea80fac601..f4f0c341e5c8 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -44,6 +44,7 @@
 #include <linux/seq_file.h>
 #endif
+#include <net/net_namespace.h>
 #include <net/snmp.h>
 #include <net/ipv6.h>
 #include <net/ip6_fib.h>
@@ -2561,11 +2562,11 @@ void __init ip6_route_init(void)
        fib6_init();
 #ifdef  CONFIG_PROC_FS
-        p = proc_net_create("ipv6_route", 0, rt6_proc_info);
+        p = proc_net_create(&init_net, "ipv6_route", 0, rt6_proc_info);
        if (p)
                p->owner = THIS_MODULE;
-        proc_net_fops_create("rt6_stats", S_IRUGO, &rt6_stats_seq_fops);
+        proc_net_fops_create(&init_net, "rt6_stats", S_IRUGO, &rt6_stats_seq_fops);
 #endif
 #ifdef CONFIG_XFRM
        xfrm6_init();
@@ -2585,8 +2586,8 @@ void ip6_route_cleanup(void)
        fib6_rules_cleanup();
 #endif
 #ifdef CONFIG_PROC_FS
-        proc_net_remove("ipv6_route");
+        proc_net_remove(&init_net, "ipv6_route");
-        proc_net_remove("rt6_stats");
+        proc_net_remove(&init_net, "rt6_stats");
 #endif
 #ifdef CONFIG_XFRM
        xfrm6_fini();
author	Eric W. Biederman <ebiederm@xmission.com>	2007-09-12 06:01:34 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2007-10-10 19:49:06 -0400
commit	457c4cbc5a3dde259d2a1f15d5f9785290397267 (patch)
tree	a2ceee88780cbce27433b9a4434b3e9251efd81a /net/ipv6
parent	07feaebfcc10cd35e745c7073667935246494bee (diff)