[Devel] [PATCH] tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of tun device

Kirill Tkhai ktkhai at virtuozzo.com
Wed Nov 6 14:09:16 MSK 2019 

On 06.11.2019 13:57, Alexander Mikhalitsyn wrote:
> In commit f2780d6d7475 "tun: Add ioctl() SIOCGSKNS cmd to allow
> obtaining net ns of tun device" it was missed that tun may change
> its net ns, while net ns of socket remains the same as it was
> created initially. SIOCGSKNS returns net ns of socket, so it is
> not suitable for obtaining net ns of device.
> 
> We may have two tun devices with the same names in two net ns,
> and in this case it's not possible to determ, which of them
> fd refers to (TUNGETIFF will return the same name).
> 
> This patch adds new ioctl() cmd for obtaining net ns of a device.
> 
> Reported-by: Harald Albrecht <harald.albrecht at gmx.net>
> Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> Signed-off-by: David S. Miller <davem at davemloft.net>
> 
> https://jira.sw.ru/browse/PSBM-99027
> (ported from commit 0c3e0e3bb623c3735b8c9ab8aa8332f944f83a9f)
> Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>

Acked-by: Kirill Tkhai <ktkhai at virtuozzo.com>

> ---
>  drivers/net/tun.c           | 10 ++++++++++
>  include/uapi/linux/if_tun.h |  1 +
>  2 files changed, 11 insertions(+)
> 
> diff --git a/drivers/net/tun.c b/drivers/net/tun.c
> index e65ded4..d4c3866 100644
> --- a/drivers/net/tun.c
> +++ b/drivers/net/tun.c
> @@ -2326,6 +2326,7 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd,
>  	void __user* argp = (void __user*)arg;
>  	unsigned int ifindex, carrier;
>  	struct ifreq ifr;
> +	struct net *net;
>  	kuid_t owner;
>  	kgid_t group;
>  	int sndbuf;
> @@ -2402,6 +2403,7 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd,
>  
>  	tun_debug(KERN_INFO, tun, "tun_chr_ioctl cmd %u\n", cmd);
>  
> +	net = dev_net(tun->dev);
>  	ret = 0;
>  	switch (cmd) {
>  	case TUNGETIFF:
> @@ -2615,6 +2617,14 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd,
>  		ret = tun_net_change_carrier(tun->dev, (bool)carrier);
>  		break;
>  
> +	case TUNGETDEVNETNS:
> +		ret = -EPERM;
> +		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
> +			goto unlock;
> +
> +		ret = open_net_ns_fd(net);
> +		break;
> +
>  	default:
>  		ret = -EINVAL;
>  		break;
> diff --git a/include/uapi/linux/if_tun.h b/include/uapi/linux/if_tun.h
> index af37baf..b248123 100644
> --- a/include/uapi/linux/if_tun.h
> +++ b/include/uapi/linux/if_tun.h
> @@ -57,6 +57,7 @@
>  #define TUNSETVNETBE _IOW('T', 222, int)
>  #define TUNGETVNETBE _IOR('T', 223, int)
>  #define TUNSETCARRIER _IOW('T', 226, int)
> +#define TUNGETDEVNETNS _IO('T', 227)
>  
>  /* CONFIG_VE_TUNTAP_ACCOUNTING should be set */
>  #define TUNSETACCTID _IOW('T', 300, struct ifreq)
>

More information about the Devel mailing list