audit: Send replies in the proper network namespace.

In perverse cases of file descriptor passing the current network
namespace of a process and the network namespace of a socket used by
that socket may differ.  Therefore use the network namespace of the
appropiate socket to ensure replies always go to the appropiate
socket.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

1 files changed, 5 insertions, 2 deletions

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index a5e3d73d73e4..e8d1c7c515d7 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -30,6 +30,7 @@
 #include <linux/slab.h>
 #include <linux/security.h>
 #include <net/net_namespace.h>
+#include <net/sock.h>
 #include "audit.h"
 
 /*
@@ -1069,8 +1070,10 @@ int audit_rule_change(int type, __u32 portid, int seq, void *data,
  * @portid: target portid for netlink audit messages
  * @seq: netlink audit message sequence (serial) number
  */
-int audit_list_rules_send(__u32 portid, int seq)
+int audit_list_rules_send(struct sk_buff *request_skb, int seq)
 {
+        u32 portid = NETLINK_CB(request_skb).portid;
+        struct net *net = sock_net(NETLINK_CB(request_skb).sk);
         struct task_struct *tsk;
         struct audit_netlink_list *dest;
         int err = 0;
@@ -1084,7 +1087,7 @@ int audit_list_rules_send(__u32 portid, int seq)
         dest = kmalloc(sizeof(struct audit_netlink_list), GFP_KERNEL);
         if (!dest)
                 return -ENOMEM;
-        dest->net = get_net(current->nsproxy->net_ns);
+        dest->net = get_net(net);
         dest->portid = portid;
         skb_queue_head_init(&dest->q);