On 2/10/21 1:04 PM, Lorenz Bauer wrote:
> We need to distinguish which network namespace a socket belongs to.
> BPF has the useful bpf_get_netns_cookie helper for this, but accessing
> it from user space isn't possible. Add a read-only socket option that
> returns the netns cookie, similar to SO_COOKIE. If network namespaces
> are disabled, SO_NETNS_COOKIE returns the cookie of init_net.
>
> The BPF helpers change slightly: instead of returning 0 when network
> namespaces are disabled we return the init_net cookie as for the
> socket option.
>
> Cc: linux-api@xxxxxxxxxxxxxxx
> Signed-off-by: Lorenz Bauer <lmb@xxxxxxxxxxxxxx>
> ---
...
>
> +static inline u64 __sock_gen_netns_cookie(struct sock *sk)
> +{
> +#ifdef CONFIG_NET_NS
> + return __net_gen_cookie(sk->sk_net.net);
> +#else
> + return __net_gen_cookie(&init_net);
> +#endif
> +}
> +
> +static inline u64 sock_gen_netns_cookie(struct sock *sk)
> +{
> + u64 cookie;
> +
> + preempt_disable();
> + cookie = __sock_gen_netns_cookie(sk);
> + preempt_enable();
> +
> + return cookie;
> +}
> +
>
I suggest we make net->net_cookie a mere u64 initialized in setup_net(),
instead of having to preempt_disable() around reading it.
(Here and in your patch 2/4)
Your patches would be much simpler.
Cleanup patch :
https://patchwork.kernel.org/project/netdevbpf/patch/20210210144144.24284-1-eric.dumazet@xxxxxxxxx/
