On 2/19/21 10:51 AM, Lorenz Bauer wrote: > We need to distinguish which network namespace a socket belongs to. > BPF has the useful bpf_get_netns_cookie helper for this, but accessing > it from user space isn't possible. Add a read-only socket option that > returns the netns cookie, similar to SO_COOKIE. If network namespaces > are disabled, SO_NETNS_COOKIE returns the cookie of init_net. > > Signed-off-by: Lorenz Bauer <lmb@xxxxxxxxxxxxxx> > --- > diff --git a/net/core/sock.c b/net/core/sock.c > index 0ed98f20448a..de4644aeb58d 100644 > --- a/net/core/sock.c > +++ b/net/core/sock.c > @@ -1614,6 +1614,17 @@ int sock_getsockopt(struct socket *sock, int level, int optname, > v.val = sk->sk_bound_dev_if; > break; > > + case SO_NETNS_COOKIE: > + lv = sizeof(u64); > + if (len < lv) > + return -EINVAL; if (len != lv) return -EINVAL; (There is no reason to support bigger value before at least hundred years) > +#ifdef CONFIG_NET_NS > + v.val64 = sock_net(sk)->net_cookie; > +#else > + v.val64 = init_net.net_cookie; > +#endif > + break; > + Why using this ugly #ifdef ? The following should work just fine, even if CONFIG_NET_NS is not set. v.val64 = sock_net(sk)->net_cookie; > default: > /* We implement the SO_SNDLOWAT etc to not be settable > * (1003.1g 7). >
