diff options
| author |   Martin Willi <martin@strongswan.org> | 2016-05-09 18:33:59 +0200 |
|---|---|---|
| committer |   Johannes Berg <johannes.berg@intel.com> | 2016-05-31 11:36:34 +0200 |
| commit | 100cb9ff40e0c9eba1d88e3c9c21e9670faeb896 (patch) | |
| tree | d7bd5e666018bf601a06903f4289e83c8ad58970 /net/mac80211/debugfs_sta.c | |
| parent | nl80211: Allow privileged operations from user namespaces (diff) | |
| download | wireguard-linux-100cb9ff40e0c9eba1d88e3c9c21e9670faeb896.tar.xz wireguard-linux-100cb9ff40e0c9eba1d88e3c9c21e9670faeb896.zip | |
mac80211_hwsim: Allow managing radios from non-initial namespaces
While wiphys can be moved into network namespaces over nl80211, the
creation and removal of hwsim radios is currently limited to the initial
namespace. This patch allows management of namespaced radios from the
owning namespace by setting genetlink netnsok.
To prevent two arbitrary namespaces to communicate over the simulated
shared medium, radios are separated by netgroups. Each radio created in
the same namespace lives in the same netgroup and hence can communicate
with other radios in that group. When moving radios to other namespaces,
the netgroup is preserved, so two radios having the same netgroup can
communicate even if not in the same namespace; This allows a controlling
namespace to create radios and move them to other namespaces for
communication.
When a net namespace owning a radio exits, the radio is destroyed unless
it was created in the initial network namespace. This keeps the previous
behavior by returning them to the init namespace, but prevents unprivileged
users from creating radios in the initial namespace.
Signed-off-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/mac80211/debugfs_sta.c')
0 files changed, 0 insertions, 0 deletions