Michael Kerrisk wrote:
On Fri, Oct 31, 2008 at 4:56 PM, Daniel Lezcano <[EMAIL PROTECTED]> wrote:
This patch adds the socketat syscall which allows to specify in
which network namespace we want to create a socket. The network
namespace destination is referred by a socket fd previously opened
in the destination network namespace.
Daniel,
Is there any documentation for this system call, and/or test programs?
Not yet.
This small patch is a proposition to Andreas and Vivien to have a single
process being able to manage several network namespaces.
When a process unshares the network, it creates a socket which is used
as a socket control (it belongs to the network namespace). Each time a
network namespace is created, a socket control is created.
When the process has to create a socket for a specific network
namespace, it can use the socket control to specify it. This is the
purpose of the socketat syscall.
One example for a program in userspace:
int main(int argc, char *argv[])
{
const int maxunshare = 128;
int scs[maxunshare];
int i, fd;
for (i = 0; i < maxunshare; i++) {
scs[i] = socket(PF_INET, SOCK_DGRAM, 0);
unshare(CLONE_NEWNET);
}
....
/* I want to create a socket inside the network namespace #10 */
fd = socketat(scs[10], PF_INET, SOCKET_STREAM, 0);
....
bind, listen, etc ...
}
Signed-off-by: Daniel Lezcano <[EMAIL PROTECTED]>
---
arch/x86/include/asm/unistd_32.h | 1
arch/x86/include/asm/unistd_64.h | 3 +-
arch/x86/kernel/syscall_table_32.S | 1
include/linux/syscalls.h | 1
kernel/sys_ni.c | 1
net/socket.c | 45 +++++++++++++++++++++++++++++++++++++
6 files changed, 51 insertions(+), 1 deletion(-)
Index: net-next-2.6/arch/x86/include/asm/unistd_32.h
===================================================================
--- net-next-2.6.orig/arch/x86/include/asm/unistd_32.h
+++ net-next-2.6/arch/x86/include/asm/unistd_32.h
@@ -338,6 +338,7 @@
#define __NR_dup3 330
#define __NR_pipe2 331
#define __NR_inotify_init1 332
+#define __NR_socketat 333
#ifdef __KERNEL__
Index: net-next-2.6/arch/x86/include/asm/unistd_64.h
===================================================================
--- net-next-2.6.orig/arch/x86/include/asm/unistd_64.h
+++ net-next-2.6/arch/x86/include/asm/unistd_64.h
@@ -653,7 +653,8 @@ __SYSCALL(__NR_dup3, sys_dup3)
__SYSCALL(__NR_pipe2, sys_pipe2)
#define __NR_inotify_init1 294
__SYSCALL(__NR_inotify_init1, sys_inotify_init1)
-
+#define __NR_socketat 295
+__SYSCALL(__NR_socketat, sys_socketat)
#ifndef __NO_STUBS
#define __ARCH_WANT_OLD_READDIR
Index: net-next-2.6/arch/x86/kernel/syscall_table_32.S
===================================================================
--- net-next-2.6.orig/arch/x86/kernel/syscall_table_32.S
+++ net-next-2.6/arch/x86/kernel/syscall_table_32.S
@@ -332,3 +332,4 @@ ENTRY(sys_call_table)
.long sys_dup3 /* 330 */
.long sys_pipe2
.long sys_inotify_init1
+ .long sys_socketat
Index: net-next-2.6/net/socket.c
===================================================================
--- net-next-2.6.orig/net/socket.c
+++ net-next-2.6/net/socket.c
@@ -1253,6 +1253,51 @@ out_release:
return retval;
}
+asmlinkage long sys_socketat(int fd, int family, int type, int protocol)
+{
+ int retval, fput_needed;
+ struct socket *sock;
+ struct socket *sockat;
+ struct net *net;
+ int flags;
+
+ /* Check the SOCK_* constants for consistency. */
+ BUILD_BUG_ON(SOCK_CLOEXEC != O_CLOEXEC);
+ BUILD_BUG_ON((SOCK_MAX | SOCK_TYPE_MASK) != SOCK_TYPE_MASK);
+ BUILD_BUG_ON(SOCK_CLOEXEC & SOCK_TYPE_MASK);
+ BUILD_BUG_ON(SOCK_NONBLOCK & SOCK_TYPE_MASK);
+
+ flags = type & ~SOCK_TYPE_MASK;
+ if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
+ return -EINVAL;
+ type &= SOCK_TYPE_MASK;
+
+ if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
+ flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
+
+ sock = sockfd_lookup_light(fd, &retval, &fput_needed);
+ if (!sock)
+ goto out;
+
+ net = sock_net(sock->sk);
+
+ retval = __sock_create(net, family, type, protocol, &sockat, 0);
+ if (retval)
+ goto out_fput;
+
+ retval = sock_map_fd(sock, flags & (O_CLOEXEC | O_NONBLOCK));
+ if (retval < 0)
+ goto out_release;
+out_fput:
+ fput_light(sock->file, fput_needed);
+out:
+ return retval;
+
+out_release:
+ sock_release(sockat);
+ goto out;
+}
+
/*
* Create a pair of connected sockets.
*/
Index: net-next-2.6/include/linux/syscalls.h
===================================================================
--- net-next-2.6.orig/include/linux/syscalls.h
+++ net-next-2.6/include/linux/syscalls.h
@@ -423,6 +423,7 @@ asmlinkage long sys_recvfrom(int, void _
struct sockaddr __user *, int __user *);
asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned flags);
asmlinkage long sys_socket(int, int, int);
+asmlinkage long sys_socketat(int, int, int, int);
asmlinkage long sys_socketpair(int, int, int, int __user *);
asmlinkage long sys_socketcall(int call, unsigned long __user *args);
asmlinkage long sys_listen(int, int);
Index: net-next-2.6/kernel/sys_ni.c
===================================================================
--- net-next-2.6.orig/kernel/sys_ni.c
+++ net-next-2.6/kernel/sys_ni.c
@@ -40,6 +40,7 @@ cond_syscall(sys_send);
cond_syscall(sys_recvfrom);
cond_syscall(sys_recv);
cond_syscall(sys_socket);
+cond_syscall(sys_socketat);
cond_syscall(sys_setsockopt);
cond_syscall(compat_sys_setsockopt);
cond_syscall(sys_getsockopt);
--
_______________________________________________
Containers mailing list
[EMAIL PROTECTED]
https://lists.linux-foundation.org/mailman/listinfo/containers
--
Michael Kerrisk Linux man-pages maintainer;
http://www.kernel.org/doc/man-pages/ Found a documentation bug?
http://www.kernel.org/doc/man-pages/reporting_bugs.html
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Sauf indication contraire ci-dessus:
Compagnie IBM France
Siège Social : Tour Descartes, 2, avenue Gambetta, La Défense 5, 92400
Courbevoie
RCS Nanterre 552 118 465
Forme Sociale : S.A.S.
Capital Social : 542.737.118 ?
SIREN/SIRET : 552 118 465 02430
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
