[v3,net-next,10/15] socket: Introduce sock_create_net().

Message ID	20241213092152.14057-11-kuniyu@amazon.com (mailing list archive)
State	Changes Requested
Delegated to:	Netdev Maintainers
Headers	show Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 01A171B0103 for <netdev@vger.kernel.org>; Fri, 13 Dec 2024 09:25:33 +0000 (UTC) From: Kuniyuki Iwashima <kuniyu@amazon.com> To: "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>, Simon Horman <horms@kernel.org> CC: Kuniyuki Iwashima <kuniyu@amazon.com>, Kuniyuki Iwashima <kuni1840@gmail.com>, <netdev@vger.kernel.org> Subject: [PATCH v3 net-next 10/15] socket: Introduce sock_create_net(). Date: Fri, 13 Dec 2024 18:21:47 +0900 Message-ID: <20241213092152.14057-11-kuniyu@amazon.com> In-Reply-To: <20241213092152.14057-1-kuniyu@amazon.com> References: <20241213092152.14057-1-kuniyu@amazon.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	treewide: socket: Clean up sock_create() and friends. \| expand [v3,net-next,00/15] treewide: socket: Clean up sock_create() and friends. [v3,net-next,01/15] socket: Un-export __sock_create(). [v3,net-next,02/15] socket: Pass hold_net flag to __sock_create(). [v3,net-next,03/15] smc: Pass kern to smc_sock_alloc(). [v3,net-next,04/15] socket: Pass hold_net to struct net_proto_family.create(). [v3,net-next,05/15] ppp: Pass hold_net to struct pppox_proto.create(). [v3,net-next,06/15] nfc: Pass hold_net to struct nfc_protocol.create(). [v3,net-next,07/15] socket: Add hold_net flag to struct proto_accept_arg. [v3,net-next,08/15] socket: Pass hold_net to sk_alloc(). [v3,net-next,09/15] socket: Respect hold_net in sk_alloc(). [v3,net-next,10/15] socket: Introduce sock_create_net(). [v3,net-next,11/15] socket: Remove kernel socket conversion. [v3,net-next,12/15] socket: Move sock_inuse_add() to sock.c. [v3,net-next,13/15] socket: Use sock_create_net() instead of sock_create(). [v3,net-next,14/15] socket: Rename sock_create() to sock_create_user(). [v3,net-next,15/15] socket: Rename sock_create_kern() to sock_create_net_noref().

Message ID

20241213092152.14057-11-kuniyu@amazon.com (mailing list archive)

State

Changes Requested

Delegated to:

Netdev Maintainers

Headers

From: Kuniyuki Iwashima <kuniyu@amazon.com>
To: "David S. Miller" <davem@davemloft.net>, Eric Dumazet
	<edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni
	<pabeni@redhat.com>, Simon Horman <horms@kernel.org>
CC: Kuniyuki Iwashima <kuniyu@amazon.com>, Kuniyuki Iwashima
	<kuni1840@gmail.com>, <netdev@vger.kernel.org>
Subject: [PATCH v3 net-next 10/15] socket: Introduce sock_create_net().
Date: Fri, 13 Dec 2024 18:21:47 +0900
Message-ID: <20241213092152.14057-11-kuniyu@amazon.com>
In-Reply-To: <20241213092152.14057-1-kuniyu@amazon.com>
References: <20241213092152.14057-1-kuniyu@amazon.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain

Series

treewide: socket: Clean up sock_create() and friends. | expand

Context	Check	Description
netdev/series_format	success	Posting correctly formatted
netdev/tree_selection	success	Clearly marked for net-next, async
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 41 this patch: 41
netdev/build_tools	success	Errors and warnings before: 0 (+0) this patch: 0 (+0)
netdev/cc_maintainers	success	CCed 5 of 5 maintainers
netdev/build_clang	success	Errors and warnings before: 77 this patch: 77
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 4788 this patch: 4788
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 53 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 32 this patch: 32
netdev/source_inline	success	Was 0 now: 0
netdev/contest	success	net-next-2024-12-15--09-00 (tests: 795)

Context

Check

Description

netdev/series_format

success

Posting correctly formatted

netdev/tree_selection

success

Clearly marked for net-next, async

netdev/ynl

success

Generated files up to date; no warnings/errors; no diff in generated;

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 41 this patch: 41

netdev/build_tools

success

Errors and warnings before: 0 (+0) this patch: 0 (+0)

netdev/cc_maintainers

success

CCed 5 of 5 maintainers

netdev/build_clang

success

Errors and warnings before: 77 this patch: 77

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/deprecated_api

success

None detected

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 4788 this patch: 4788

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 53 lines checked

netdev/build_clang_rust

success

No Rust files in patch. Skipping build

netdev/kdoc

success

Errors and warnings before: 32 this patch: 32

netdev/source_inline

success

Was 0 now: 0

netdev/contest

success

net-next-2024-12-15--09-00 (tests: 795)

Commit Message

Kuniyuki Iwashima Dec. 13, 2024, 9:21 a.m. UTC

Let's add a new API to create a kernel socket with netns refcnt held.

We will remove the ugly kernel socket conversion in the next patch.

DEBUG_NET_WARN_ON_ONCE() is to catch a path calling sock_create_net()
from __net_init functions, which leak netns.

Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
---
 include/linux/net.h |  2 ++
 net/core/sock.c     |  1 +
 net/socket.c        | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/include/linux/net.h b/include/linux/net.h
index c2a35a102ee2..758c99af6cf4 100644
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -252,6 +252,8 @@  int sock_register(const struct net_proto_family *fam);
 void sock_unregister(int family);
 bool sock_is_registered(int family);
 int sock_create(int family, int type, int proto, struct socket **res);
+int sock_create_net(struct net *net, int family, int type, int proto,
+		    struct socket **res);
 int sock_create_kern(struct net *net, int family, int type, int proto, struct socket **res);
 int sock_create_lite(int family, int type, int proto, struct socket **res);
 struct socket *sock_alloc(void);
diff --git a/net/core/sock.c b/net/core/sock.c
index 11aa6d8c0cdd..9fb57afe6848 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -2229,6 +2229,7 @@  struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
 		sk->sk_kern_sock = kern;
 		sock_lock_init(sk);
 
+		DEBUG_NET_WARN_ON_ONCE(hold_net && !net_initialized(net));
 		sk->sk_net_refcnt = hold_net;
 		if (likely(sk->sk_net_refcnt)) {
 			get_net_track(net, &sk->ns_tracker, priority);
diff --git a/net/socket.c b/net/socket.c
index a8796d7f06be..00ece8401b17 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1623,6 +1623,38 @@  int sock_create(int family, int type, int protocol, struct socket **res)
 }
 EXPORT_SYMBOL(sock_create);
 
+/**
+ * sock_create_net - creates a socket for kernel space
+ *
+ * @net: net namespace
+ * @family: protocol family (AF_INET, ...)
+ * @type: communication type (SOCK_STREAM, ...)
+ * @protocol: protocol (0, ...)
+ * @res: new socket
+ *
+ * Creates a new socket and assigns it to @res, passing through LSM.
+ *
+ * The socket is for kernel space and should not be exposed to
+ * userspace via a file descriptor nor BPF hooks except for LSM
+ * (see inet_create(), inet_release(), etc).
+ *
+ * The socket holds a reference count of @net so that the caller does
+ * not need to care about @net's lifetime.
+ *
+ * This MUST NOT be called from the __net_init path and @net MUST be
+ * alive as of calling sock_create_net().
+ *
+ * Context: Process context. This function internally uses GFP_KERNEL.
+ * Return: 0 or an error.
+ */
+
+int sock_create_net(struct net *net, int family, int type, int protocol,
+		    struct socket **res)
+{
+	return __sock_create(net, family, type, protocol, res, true, true);
+}
+EXPORT_SYMBOL(sock_create_net);
+
 /**
  *	sock_create_kern - creates a socket (kernel space)
  *	@net: net namespace

[v3,net-next,10/15] socket: Introduce sock_create_net().

Checks

Commit Message

Patch