[lxc-devel] share_via_fs patch for 2.6.33 ?

Julian Thomé frostisch at yahoo.de
Thu Apr 15 11:57:55 UTC 2010 

Hello mailing list,

Daniel Lezcano wrote a patch to make it possible to connect to a unix
domain socket, which belongs to another network namespace.

The patch from Daniel Lezcano is as follows:

----------------------------------------------------snip-----8<-------

Subject: share af_unix socket through fs
From: Daniel Lezcano <daniel.lezcano at free.fr>

This patch allows to connect to a socket belonging to another
network namespace but visible via the file system.
The 'host' network namespace has to allow another network
namespace to use its sockets via sysctl:

echo 1 > /proc/sys/net/unix/share_via_fs

Signed-off-by: Daniel Lezcano <daniel.lezcano at free.fr>
---
 include/linux/sysctl.h     |    1 +
 include/net/netns/unix.h   |    1 +
 kernel/sysctl_check.c      |    1 +
 net/unix/af_unix.c         |    4 +++-
 net/unix/sysctl_net_unix.c |    9 +++++++++
 5 files changed, 15 insertions(+), 1 deletion(-)

Index: linux-2.6/include/net/netns/unix.h
===================================================================
--- linux-2.6.orig/include/net/netns/unix.h
+++ linux-2.6/include/net/netns/unix.h
@@ -7,6 +7,7 @@
 struct ctl_table_header;
 struct netns_unix {
 	int			sysctl_max_dgram_qlen;
+	bool                    sysctl_share_via_fs;
 	struct ctl_table_header	*ctl;
 };

Index: linux-2.6/net/unix/af_unix.c
===================================================================
--- linux-2.6.orig/net/unix/af_unix.c
+++ linux-2.6/net/unix/af_unix.c
@@ -292,7 +292,8 @@ static struct sock *unix_find_socket_byi
 		    &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
 		struct dentry *dentry = unix_sk(s)->dentry;

-		if (!net_eq(sock_net(s), net))
+		if (!sock_net(s)->unx.sysctl_share_via_fs &&
+		    !net_eq(sock_net(s), net))
 			continue;

 		if (dentry && dentry->d_inode == i) {
@@ -2228,6 +2229,7 @@ static int unix_net_init(struct net *net
 	int error = -ENOMEM;

 	net->unx.sysctl_max_dgram_qlen = 10;
+	net->unx.sysctl_share_via_fs = false;
 	if (unix_sysctl_register(net))
 		goto out;

Index: linux-2.6/net/unix/sysctl_net_unix.c
===================================================================
--- linux-2.6.orig/net/unix/sysctl_net_unix.c
+++ linux-2.6/net/unix/sysctl_net_unix.c
@@ -23,6 +23,14 @@ static ctl_table unix_table[] = {
 		.mode		= 0644,
 		.proc_handler	= proc_dointvec
 	},
+	{
+		.ctl_name	= NET_UNIX_SHARE_VIA_FS,
+		.procname	= "share_via_fs",
+		.data		= &init_net.unx.sysctl_share_via_fs,
+		.maxlen		= sizeof(int),
+		.mode		= 0644,
+		.proc_handler	= proc_dointvec
+	},
 	{ .ctl_name = 0 }
 };

@@ -41,6 +49,7 @@ int unix_sysctl_register(struct net *net
 		goto err_alloc;

 	table[0].data = &net->unx.sysctl_max_dgram_qlen;
+	table[1].data = &net->unx.sysctl_share_via_fs;
 	net->unx.ctl = register_net_sysctl_table(net, unix_path, table);
 	if (net->unx.ctl == NULL)
 		goto err_reg;
Index: linux-2.6/include/linux/sysctl.h
===================================================================
--- linux-2.6.orig/include/linux/sysctl.h
+++ linux-2.6/include/linux/sysctl.h
@@ -297,6 +297,7 @@ enum
 	NET_UNIX_DESTROY_DELAY=1,
 	NET_UNIX_DELETE_DELAY=2,
 	NET_UNIX_MAX_DGRAM_QLEN=3,
+	NET_UNIX_SHARE_VIA_FS=4,
 };

 /* /proc/sys/net/netfilter */
Index: linux-2.6/kernel/sysctl_check.c
===================================================================
--- linux-2.6.orig/kernel/sysctl_check.c
+++ linux-2.6/kernel/sysctl_check.c
@@ -169,6 +169,7 @@ static const struct trans_ctl_table tran
 	/* NET_UNIX_DESTROY_DELAY unused */
 	/* NET_UNIX_DELETE_DELAY unused */
 	{ NET_UNIX_MAX_DGRAM_QLEN,	"max_dgram_qlen" },
+	{ NET_UNIX_SHARE_VIA_FS,	"share_via_fs" },
 	{}
 };

----------------------------------------------------snap----->8-------

With the kernel version 2.6.33 this patch doesn't work anymore as you
can see here:

----------------------------------------------------snip-----8<-------

user at host:/usr/src/linux-2.6.33# patch -p1 <
../share-af-unix-socket-sysctl.patch
patching file include/net/netns/unix.h
patching file net/unix/af_unix.c
Hunk #2 succeeded at 2230 (offset 1 line).
patching file net/unix/sysctl_net_unix.c
Hunk #1 FAILED at 23.
Hunk #2 succeeded at 48 (offset -1 lines).
1 out of 2 hunks FAILED -- saving rejects to file
net/unix/sysctl_net_unix.c.rej
patching file include/linux/sysctl.h
Hunk #1 succeeded at 288 (offset -9 lines).
patching file kernel/sysctl_check.c
Hunk #1 FAILED at 169.
1 out of 1 hunk FAILED -- saving rejects to file kernel/sysctl_check.c.rej
----------------------------------------------------snap----->8-------

Does anybody know if an updated version of this patch (working with
2.6.33) exists ?

Thank you very much
  Julian Thomé

	
		
___________________________________________________________ 
Der frühe Vogel fängt den Wurm. Hier gelangen Sie zum neuen Yahoo! Mail: http://mail.yahoo.de

More information about the lxc-devel mailing list