aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDenis V. Lunev <den@openvz.org>2007-11-30 08:21:31 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:54:24 -0500
commitb854272b3c732316676e9128f7b9e6f1e1ff88b0 (patch)
treec90c74b9ec068453881f1173da4c57d6bb00a7d9
parentad5d20a63940fcfb40af76ba06148f36d5d0b433 (diff)
[NET]: Modify all rtnetlink methods to only work in the initial namespace (v2)
Before I can enable rtnetlink to work in all network namespaces I need to be certain that something won't break. So this patch deliberately disables all of the rtnletlink methods in everything except the initial network namespace. After the methods have been audited this extra check can be disabled. Changes from v1: - added IPv6 addrlabel protection Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--net/bridge/br_netlink.c9
-rw-r--r--net/core/fib_rules.c11
-rw-r--r--net/core/neighbour.c18
-rw-r--r--net/core/rtnetlink.c19
-rw-r--r--net/decnet/dn_dev.c14
-rw-r--r--net/decnet/dn_fib.c8
-rw-r--r--net/decnet/dn_route.c8
-rw-r--r--net/decnet/dn_table.c4
-rw-r--r--net/ipv4/devinet.c12
-rw-r--r--net/ipv4/fib_frontend.c12
-rw-r--r--net/ipv4/route.c4
-rw-r--r--net/ipv6/addrconf.c31
-rw-r--r--net/ipv6/addrlabel.c12
-rw-r--r--net/ipv6/ip6_fib.c4
-rw-r--r--net/ipv6/route.c12
-rw-r--r--net/sched/act_api.c10
-rw-r--r--net/sched/cls_api.c10
-rw-r--r--net/sched/sch_api.c21
18 files changed, 218 insertions, 1 deletions
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index 53ab8e0cb51..a4ffa2b63cd 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -13,6 +13,7 @@
13#include <linux/kernel.h> 13#include <linux/kernel.h>
14#include <net/rtnetlink.h> 14#include <net/rtnetlink.h>
15#include <net/net_namespace.h> 15#include <net/net_namespace.h>
16#include <net/sock.h>
16#include "br_private.h" 17#include "br_private.h"
17 18
18static inline size_t br_nlmsg_size(void) 19static inline size_t br_nlmsg_size(void)
@@ -107,9 +108,13 @@ errout:
107 */ 108 */
108static int br_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) 109static int br_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
109{ 110{
111 struct net *net = skb->sk->sk_net;
110 struct net_device *dev; 112 struct net_device *dev;
111 int idx; 113 int idx;
112 114
115 if (net != &init_net)
116 return 0;
117
113 idx = 0; 118 idx = 0;
114 for_each_netdev(&init_net, dev) { 119 for_each_netdev(&init_net, dev) {
115 /* not a bridge port */ 120 /* not a bridge port */
@@ -135,12 +140,16 @@ skip:
135 */ 140 */
136static int br_rtm_setlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 141static int br_rtm_setlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
137{ 142{
143 struct net *net = skb->sk->sk_net;
138 struct ifinfomsg *ifm; 144 struct ifinfomsg *ifm;
139 struct nlattr *protinfo; 145 struct nlattr *protinfo;
140 struct net_device *dev; 146 struct net_device *dev;
141 struct net_bridge_port *p; 147 struct net_bridge_port *p;
142 u8 new_state; 148 u8 new_state;
143 149
150 if (net != &init_net)
151 return -EINVAL;
152
144 if (nlmsg_len(nlh) < sizeof(*ifm)) 153 if (nlmsg_len(nlh) < sizeof(*ifm))
145 return -EINVAL; 154 return -EINVAL;
146 155
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index 848132b6cb7..3b20b6f0982 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -228,6 +228,9 @@ static int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
228 struct nlattr *tb[FRA_MAX+1]; 228 struct nlattr *tb[FRA_MAX+1];
229 int err = -EINVAL, unresolved = 0; 229 int err = -EINVAL, unresolved = 0;
230 230
231 if (net != &init_net)
232 return -EINVAL;
233
231 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh))) 234 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh)))
232 goto errout; 235 goto errout;
233 236
@@ -358,12 +361,16 @@ errout:
358 361
359static int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 362static int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
360{ 363{
364 struct net *net = skb->sk->sk_net;
361 struct fib_rule_hdr *frh = nlmsg_data(nlh); 365 struct fib_rule_hdr *frh = nlmsg_data(nlh);
362 struct fib_rules_ops *ops = NULL; 366 struct fib_rules_ops *ops = NULL;
363 struct fib_rule *rule, *tmp; 367 struct fib_rule *rule, *tmp;
364 struct nlattr *tb[FRA_MAX+1]; 368 struct nlattr *tb[FRA_MAX+1];
365 int err = -EINVAL; 369 int err = -EINVAL;
366 370
371 if (net != &init_net)
372 return -EINVAL;
373
367 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh))) 374 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh)))
368 goto errout; 375 goto errout;
369 376
@@ -539,9 +546,13 @@ skip:
539 546
540static int fib_nl_dumprule(struct sk_buff *skb, struct netlink_callback *cb) 547static int fib_nl_dumprule(struct sk_buff *skb, struct netlink_callback *cb)
541{ 548{
549 struct net *net = skb->sk->sk_net;
542 struct fib_rules_ops *ops; 550 struct fib_rules_ops *ops;
543 int idx = 0, family; 551 int idx = 0, family;
544 552
553 if (net != &init_net)
554 return -EINVAL;
555
545 family = rtnl_msg_family(cb->nlh); 556 family = rtnl_msg_family(cb->nlh);
546 if (family != AF_UNSPEC) { 557 if (family != AF_UNSPEC) {
547 /* Protocol specific dump request */ 558 /* Protocol specific dump request */
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 175bbc0a974..29f0a4d2008 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1449,6 +1449,9 @@ static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1449 struct net_device *dev = NULL; 1449 struct net_device *dev = NULL;
1450 int err = -EINVAL; 1450 int err = -EINVAL;
1451 1451
1452 if (net != &init_net)
1453 return -EINVAL;
1454
1452 if (nlmsg_len(nlh) < sizeof(*ndm)) 1455 if (nlmsg_len(nlh) < sizeof(*ndm))
1453 goto out; 1456 goto out;
1454 1457
@@ -1515,6 +1518,9 @@ static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1515 struct net_device *dev = NULL; 1518 struct net_device *dev = NULL;
1516 int err; 1519 int err;
1517 1520
1521 if (net != &init_net)
1522 return -EINVAL;
1523
1518 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL); 1524 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1519 if (err < 0) 1525 if (err < 0)
1520 goto out; 1526 goto out;
@@ -1789,11 +1795,15 @@ static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1789 1795
1790static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 1796static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1791{ 1797{
1798 struct net *net = skb->sk->sk_net;
1792 struct neigh_table *tbl; 1799 struct neigh_table *tbl;
1793 struct ndtmsg *ndtmsg; 1800 struct ndtmsg *ndtmsg;
1794 struct nlattr *tb[NDTA_MAX+1]; 1801 struct nlattr *tb[NDTA_MAX+1];
1795 int err; 1802 int err;
1796 1803
1804 if (net != &init_net)
1805 return -EINVAL;
1806
1797 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX, 1807 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
1798 nl_neightbl_policy); 1808 nl_neightbl_policy);
1799 if (err < 0) 1809 if (err < 0)
@@ -1913,11 +1923,15 @@ errout:
1913 1923
1914static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 1924static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
1915{ 1925{
1926 struct net *net = skb->sk->sk_net;
1916 int family, tidx, nidx = 0; 1927 int family, tidx, nidx = 0;
1917 int tbl_skip = cb->args[0]; 1928 int tbl_skip = cb->args[0];
1918 int neigh_skip = cb->args[1]; 1929 int neigh_skip = cb->args[1];
1919 struct neigh_table *tbl; 1930 struct neigh_table *tbl;
1920 1931
1932 if (net != &init_net)
1933 return 0;
1934
1921 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family; 1935 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
1922 1936
1923 read_lock(&neigh_tbl_lock); 1937 read_lock(&neigh_tbl_lock);
@@ -2042,9 +2056,13 @@ out:
2042 2056
2043static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2057static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2044{ 2058{
2059 struct net *net = skb->sk->sk_net;
2045 struct neigh_table *tbl; 2060 struct neigh_table *tbl;
2046 int t, family, s_t; 2061 int t, family, s_t;
2047 2062
2063 if (net != &init_net)
2064 return 0;
2065
2048 read_lock(&neigh_tbl_lock); 2066 read_lock(&neigh_tbl_lock);
2049 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family; 2067 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2050 s_t = cb->args[0]; 2068 s_t = cb->args[0];
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index fed95a323b2..4edc3dac4cc 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -703,6 +703,9 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
703 int s_idx = cb->args[0]; 703 int s_idx = cb->args[0];
704 struct net_device *dev; 704 struct net_device *dev;
705 705
706 if (net != &init_net)
707 return 0;
708
706 idx = 0; 709 idx = 0;
707 for_each_netdev(net, dev) { 710 for_each_netdev(net, dev) {
708 if (idx < s_idx) 711 if (idx < s_idx)
@@ -905,6 +908,9 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
905 struct nlattr *tb[IFLA_MAX+1]; 908 struct nlattr *tb[IFLA_MAX+1];
906 char ifname[IFNAMSIZ]; 909 char ifname[IFNAMSIZ];
907 910
911 if (net != &init_net)
912 return -EINVAL;
913
908 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy); 914 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy);
909 if (err < 0) 915 if (err < 0)
910 goto errout; 916 goto errout;
@@ -953,6 +959,9 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
953 struct nlattr *tb[IFLA_MAX+1]; 959 struct nlattr *tb[IFLA_MAX+1];
954 int err; 960 int err;
955 961
962 if (net != &init_net)
963 return -EINVAL;
964
956 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy); 965 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy);
957 if (err < 0) 966 if (err < 0)
958 return err; 967 return err;
@@ -1034,6 +1043,9 @@ static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1034 struct nlattr *linkinfo[IFLA_INFO_MAX+1]; 1043 struct nlattr *linkinfo[IFLA_INFO_MAX+1];
1035 int err; 1044 int err;
1036 1045
1046 if (net != &init_net)
1047 return -EINVAL;
1048
1037#ifdef CONFIG_KMOD 1049#ifdef CONFIG_KMOD
1038replay: 1050replay:
1039#endif 1051#endif
@@ -1160,6 +1172,9 @@ static int rtnl_getlink(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
1160 struct sk_buff *nskb; 1172 struct sk_buff *nskb;
1161 int err; 1173 int err;
1162 1174
1175 if (net != &init_net)
1176 return -EINVAL;
1177
1163 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy); 1178 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy);
1164 if (err < 0) 1179 if (err < 0)
1165 return err; 1180 return err;
@@ -1195,9 +1210,13 @@ errout:
1195 1210
1196static int rtnl_dump_all(struct sk_buff *skb, struct netlink_callback *cb) 1211static int rtnl_dump_all(struct sk_buff *skb, struct netlink_callback *cb)
1197{ 1212{
1213 struct net *net = skb->sk->sk_net;
1198 int idx; 1214 int idx;
1199 int s_idx = cb->family; 1215 int s_idx = cb->family;
1200 1216
1217 if (net != &init_net)
1218 return 0;
1219
1201 if (s_idx == 0) 1220 if (s_idx == 0)
1202 s_idx = 1; 1221 s_idx = 1;
1203 for (idx=1; idx<NPROTO; idx++) { 1222 for (idx=1; idx<NPROTO; idx++) {
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index 3bc82dc83b3..94256845a05 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -647,11 +647,15 @@ static const struct nla_policy dn_ifa_policy[IFA_MAX+1] = {
647 647
648static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 648static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
649{ 649{
650 struct net *net = skb->sk->sk_net;
650 struct nlattr *tb[IFA_MAX+1]; 651 struct nlattr *tb[IFA_MAX+1];
651 struct dn_dev *dn_db; 652 struct dn_dev *dn_db;
652 struct ifaddrmsg *ifm; 653 struct ifaddrmsg *ifm;
653 struct dn_ifaddr *ifa, **ifap; 654 struct dn_ifaddr *ifa, **ifap;
654 int err; 655 int err = -EINVAL;
656
657 if (net != &init_net)
658 goto errout;
655 659
656 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy); 660 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy);
657 if (err < 0) 661 if (err < 0)
@@ -681,6 +685,7 @@ errout:
681 685
682static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 686static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
683{ 687{
688 struct net *net = skb->sk->sk_net;
684 struct nlattr *tb[IFA_MAX+1]; 689 struct nlattr *tb[IFA_MAX+1];
685 struct net_device *dev; 690 struct net_device *dev;
686 struct dn_dev *dn_db; 691 struct dn_dev *dn_db;
@@ -688,6 +693,9 @@ static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
688 struct dn_ifaddr *ifa; 693 struct dn_ifaddr *ifa;
689 int err; 694 int err;
690 695
696 if (net != &init_net)
697 return -EINVAL;
698
691 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy); 699 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy);
692 if (err < 0) 700 if (err < 0)
693 return err; 701 return err;
@@ -793,11 +801,15 @@ errout:
793 801
794static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 802static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
795{ 803{
804 struct net *net = skb->sk->sk_net;
796 int idx, dn_idx = 0, skip_ndevs, skip_naddr; 805 int idx, dn_idx = 0, skip_ndevs, skip_naddr;
797 struct net_device *dev; 806 struct net_device *dev;
798 struct dn_dev *dn_db; 807 struct dn_dev *dn_db;
799 struct dn_ifaddr *ifa; 808 struct dn_ifaddr *ifa;
800 809
810 if (net != &init_net)
811 return 0;
812
801 skip_ndevs = cb->args[0]; 813 skip_ndevs = cb->args[0];
802 skip_naddr = cb->args[1]; 814 skip_naddr = cb->args[1];
803 815
diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c
index 3760a20d10d..5413e1b75b5 100644
--- a/net/decnet/dn_fib.c
+++ b/net/decnet/dn_fib.c
@@ -506,10 +506,14 @@ static int dn_fib_check_attr(struct rtmsg *r, struct rtattr **rta)
506 506
507static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 507static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
508{ 508{
509 struct net *net = skb->sk->sk_net;
509 struct dn_fib_table *tb; 510 struct dn_fib_table *tb;
510 struct rtattr **rta = arg; 511 struct rtattr **rta = arg;
511 struct rtmsg *r = NLMSG_DATA(nlh); 512 struct rtmsg *r = NLMSG_DATA(nlh);
512 513
514 if (net != &init_net)
515 return -EINVAL;
516
513 if (dn_fib_check_attr(r, rta)) 517 if (dn_fib_check_attr(r, rta))
514 return -EINVAL; 518 return -EINVAL;
515 519
@@ -522,10 +526,14 @@ static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *
522 526
523static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 527static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
524{ 528{
529 struct net *net = skb->sk->sk_net;
525 struct dn_fib_table *tb; 530 struct dn_fib_table *tb;
526 struct rtattr **rta = arg; 531 struct rtattr **rta = arg;
527 struct rtmsg *r = NLMSG_DATA(nlh); 532 struct rtmsg *r = NLMSG_DATA(nlh);
528 533
534 if (net != &init_net)
535 return -EINVAL;
536
529 if (dn_fib_check_attr(r, rta)) 537 if (dn_fib_check_attr(r, rta))
530 return -EINVAL; 538 return -EINVAL;
531 539
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 2a5bb0714c7..28aeba15cf1 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -1511,6 +1511,7 @@ rtattr_failure:
1511 */ 1511 */
1512static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void *arg) 1512static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void *arg)
1513{ 1513{
1514 struct net *net = in_skb->sk->sk_net;
1514 struct rtattr **rta = arg; 1515 struct rtattr **rta = arg;
1515 struct rtmsg *rtm = NLMSG_DATA(nlh); 1516 struct rtmsg *rtm = NLMSG_DATA(nlh);
1516 struct dn_route *rt = NULL; 1517 struct dn_route *rt = NULL;
@@ -1519,6 +1520,9 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void
1519 struct sk_buff *skb; 1520 struct sk_buff *skb;
1520 struct flowi fl; 1521 struct flowi fl;
1521 1522
1523 if (net != &init_net)
1524 return -EINVAL;
1525
1522 memset(&fl, 0, sizeof(fl)); 1526 memset(&fl, 0, sizeof(fl));
1523 fl.proto = DNPROTO_NSP; 1527 fl.proto = DNPROTO_NSP;
1524 1528
@@ -1596,10 +1600,14 @@ out_free:
1596 */ 1600 */
1597int dn_cache_dump(struct sk_buff *skb, struct netlink_callback *cb) 1601int dn_cache_dump(struct sk_buff *skb, struct netlink_callback *cb)
1598{ 1602{
1603 struct net *net = skb->sk->sk_net;
1599 struct dn_route *rt; 1604 struct dn_route *rt;
1600 int h, s_h; 1605 int h, s_h;
1601 int idx, s_idx; 1606 int idx, s_idx;
1602 1607
1608 if (net != &init_net)
1609 return 0;
1610
1603 if (NLMSG_PAYLOAD(cb->nlh, 0) < sizeof(struct rtmsg)) 1611 if (NLMSG_PAYLOAD(cb->nlh, 0) < sizeof(struct rtmsg))
1604 return -EINVAL; 1612 return -EINVAL;
1605 if (!(((struct rtmsg *)NLMSG_DATA(cb->nlh))->rtm_flags&RTM_F_CLONED)) 1613 if (!(((struct rtmsg *)NLMSG_DATA(cb->nlh))->rtm_flags&RTM_F_CLONED))
diff --git a/net/decnet/dn_table.c b/net/decnet/dn_table.c
index fda0772fa21..a3bdb8dd1fb 100644
--- a/net/decnet/dn_table.c
+++ b/net/decnet/dn_table.c
@@ -463,12 +463,16 @@ static int dn_fib_table_dump(struct dn_fib_table *tb, struct sk_buff *skb,
463 463
464int dn_fib_dump(struct sk_buff *skb, struct netlink_callback *cb) 464int dn_fib_dump(struct sk_buff *skb, struct netlink_callback *cb)
465{ 465{
466 struct net *net = skb->sk->sk_net;
466 unsigned int h, s_h; 467 unsigned int h, s_h;
467 unsigned int e = 0, s_e; 468 unsigned int e = 0, s_e;
468 struct dn_fib_table *tb; 469 struct dn_fib_table *tb;
469 struct hlist_node *node; 470 struct hlist_node *node;
470 int dumped = 0; 471 int dumped = 0;
471 472
473 if (net != &init_net)
474 return 0;
475
472 if (NLMSG_PAYLOAD(cb->nlh, 0) >= sizeof(struct rtmsg) && 476 if (NLMSG_PAYLOAD(cb->nlh, 0) >= sizeof(struct rtmsg) &&
473 ((struct rtmsg *)NLMSG_DATA(cb->nlh))->rtm_flags&RTM_F_CLONED) 477 ((struct rtmsg *)NLMSG_DATA(cb->nlh))->rtm_flags&RTM_F_CLONED)
474 return dn_cache_dump(skb, cb); 478 return dn_cache_dump(skb, cb);
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index b42f74617ba..c0eb26a0d0b 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -441,6 +441,7 @@ struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
441 441
442static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 442static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
443{ 443{
444 struct net *net = skb->sk->sk_net;
444 struct nlattr *tb[IFA_MAX+1]; 445 struct nlattr *tb[IFA_MAX+1];
445 struct in_device *in_dev; 446 struct in_device *in_dev;
446 struct ifaddrmsg *ifm; 447 struct ifaddrmsg *ifm;
@@ -449,6 +450,9 @@ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg
449 450
450 ASSERT_RTNL(); 451 ASSERT_RTNL();
451 452
453 if (net != &init_net)
454 return -EINVAL;
455
452 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy); 456 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
453 if (err < 0) 457 if (err < 0)
454 goto errout; 458 goto errout;
@@ -560,10 +564,14 @@ errout:
560 564
561static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 565static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
562{ 566{
567 struct net *net = skb->sk->sk_net;
563 struct in_ifaddr *ifa; 568 struct in_ifaddr *ifa;
564 569
565 ASSERT_RTNL(); 570 ASSERT_RTNL();
566 571
572 if (net != &init_net)
573 return -EINVAL;
574
567 ifa = rtm_to_ifaddr(nlh); 575 ifa = rtm_to_ifaddr(nlh);
568 if (IS_ERR(ifa)) 576 if (IS_ERR(ifa))
569 return PTR_ERR(ifa); 577 return PTR_ERR(ifa);
@@ -1174,12 +1182,16 @@ nla_put_failure:
1174 1182
1175static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 1183static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1176{ 1184{
1185 struct net *net = skb->sk->sk_net;
1177 int idx, ip_idx; 1186 int idx, ip_idx;
1178 struct net_device *dev; 1187 struct net_device *dev;
1179 struct in_device *in_dev; 1188 struct in_device *in_dev;
1180 struct in_ifaddr *ifa; 1189 struct in_ifaddr *ifa;
1181 int s_ip_idx, s_idx = cb->args[0]; 1190 int s_ip_idx, s_idx = cb->args[0];
1182 1191
1192 if (net != &init_net)
1193 return 0;
1194
1183 s_ip_idx = ip_idx = cb->args[1]; 1195 s_ip_idx = ip_idx = cb->args[1];
1184 idx = 0; 1196 idx = 0;
1185 for_each_netdev(&init_net, dev) { 1197 for_each_netdev(&init_net, dev) {
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 97abf934d18..e02aba5fa13 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -538,10 +538,14 @@ errout:
538 538
539static int inet_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 539static int inet_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
540{ 540{
541 struct net *net = skb->sk->sk_net;
541 struct fib_config cfg; 542 struct fib_config cfg;
542 struct fib_table *tb; 543 struct fib_table *tb;
543 int err; 544 int err;
544 545
546 if (net != &init_net)
547 return -EINVAL;
548
545 err = rtm_to_fib_config(skb, nlh, &cfg); 549 err = rtm_to_fib_config(skb, nlh, &cfg);
546 if (err < 0) 550 if (err < 0)
547 goto errout; 551 goto errout;
@@ -559,10 +563,14 @@ errout:
559 563
560static int inet_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 564static int inet_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
561{ 565{
566 struct net *net = skb->sk->sk_net;
562 struct fib_config cfg; 567 struct fib_config cfg;
563 struct fib_table *tb; 568 struct fib_table *tb;
564 int err; 569 int err;
565 570
571 if (net != &init_net)
572 return -EINVAL;
573
566 err = rtm_to_fib_config(skb, nlh, &cfg); 574 err = rtm_to_fib_config(skb, nlh, &cfg);
567 if (err < 0) 575 if (err < 0)
568 goto errout; 576 goto errout;
@@ -580,12 +588,16 @@ errout:
580 588
581static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) 589static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
582{ 590{
591 struct net *net = skb->sk->sk_net;
583 unsigned int h, s_h; 592 unsigned int h, s_h;
584 unsigned int e = 0, s_e; 593 unsigned int e = 0, s_e;
585 struct fib_table *tb; 594 struct fib_table *tb;
586 struct hlist_node *node; 595 struct hlist_node *node;
587 int dumped = 0; 596 int dumped = 0;
588 597
598 if (net != &init_net)
599 return 0;
600
589 if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && 601 if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) &&
590 ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) 602 ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED)
591 return ip_rt_dump(skb, cb); 603 return ip_rt_dump(skb, cb);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index a21021bf140..1d2839571d2 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2527,6 +2527,7 @@ nla_put_failure:
2527 2527
2528static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) 2528static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2529{ 2529{
2530 struct net *net = in_skb->sk->sk_net;
2530 struct rtmsg *rtm; 2531 struct rtmsg *rtm;
2531 struct nlattr *tb[RTA_MAX+1]; 2532 struct nlattr *tb[RTA_MAX+1];
2532 struct rtable *rt = NULL; 2533 struct rtable *rt = NULL;
@@ -2536,6 +2537,9 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void
2536 int err; 2537 int err;
2537 struct sk_buff *skb; 2538 struct sk_buff *skb;
2538 2539
2540 if (net != &init_net)
2541 return -EINVAL;
2542
2539 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy); 2543 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2540 if (err < 0) 2544 if (err < 0)
2541 goto errout; 2545 goto errout;
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index a70cecf8fc8..26de8ee5095 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -2971,11 +2971,15 @@ static const struct nla_policy ifa_ipv6_policy[IFA_MAX+1] = {
2971static int 2971static int
2972inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 2972inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
2973{ 2973{
2974 struct net *net = skb->sk->sk_net;
2974 struct ifaddrmsg *ifm; 2975 struct ifaddrmsg *ifm;
2975 struct nlattr *tb[IFA_MAX+1]; 2976 struct nlattr *tb[IFA_MAX+1];
2976 struct in6_addr *pfx; 2977 struct in6_addr *pfx;
2977 int err; 2978 int err;
2978 2979
2980 if (net != &init_net)
2981 return -EINVAL;
2982
2979 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 2983 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy);
2980 if (err < 0) 2984 if (err < 0)
2981 return err; 2985 return err;
@@ -3028,6 +3032,7 @@ static int inet6_addr_modify(struct inet6_ifaddr *ifp, u8 ifa_flags,
3028static int 3032static int
3029inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 3033inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
3030{ 3034{
3035 struct net *net = skb->sk->sk_net;
3031 struct ifaddrmsg *ifm; 3036 struct ifaddrmsg *ifm;
3032 struct nlattr *tb[IFA_MAX+1]; 3037 struct nlattr *tb[IFA_MAX+1];
3033 struct in6_addr *pfx; 3038 struct in6_addr *pfx;
@@ -3037,6 +3042,9 @@ inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
3037 u8 ifa_flags; 3042 u8 ifa_flags;
3038 int err; 3043 int err;
3039 3044
3045 if (net != &init_net)
3046 return -EINVAL;
3047
3040 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 3048 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy);
3041 if (err < 0) 3049 if (err < 0)
3042 return err; 3050 return err;
@@ -3310,26 +3318,42 @@ done:
3310 3318
3311static int inet6_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 3319static int inet6_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
3312{ 3320{
3321 struct net *net = skb->sk->sk_net;
3313 enum addr_type_t type = UNICAST_ADDR; 3322 enum addr_type_t type = UNICAST_ADDR;
3323
3324 if (net != &init_net)
3325 return 0;
3326
3314 return inet6_dump_addr(skb, cb, type); 3327 return inet6_dump_addr(skb, cb, type);
3315} 3328}
3316 3329
3317static int inet6_dump_ifmcaddr(struct sk_buff *skb, struct netlink_callback *cb) 3330static int inet6_dump_ifmcaddr(struct sk_buff *skb, struct netlink_callback *cb)
3318{ 3331{
3332 struct net *net = skb->sk->sk_net;
3319 enum addr_type_t type = MULTICAST_ADDR; 3333 enum addr_type_t type = MULTICAST_ADDR;
3334
3335 if (net != &init_net)
3336 return 0;
3337
3320 return inet6_dump_addr(skb, cb, type); 3338 return inet6_dump_addr(skb, cb, type);
3321} 3339}
3322 3340
3323 3341
3324static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) 3342static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb)
3325{ 3343{
3344 struct net *net = skb->sk->sk_net;
3326 enum addr_type_t type = ANYCAST_ADDR; 3345 enum addr_type_t type = ANYCAST_ADDR;
3346
3347 if (net != &init_net)
3348 return 0;
3349
3327 return inet6_dump_addr(skb, cb, type); 3350 return inet6_dump_addr(skb, cb, type);
3328} 3351}
3329 3352
3330static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, 3353static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh,
3331 void *arg) 3354 void *arg)
3332{ 3355{
3356 struct net *net = in_skb->sk->sk_net;
3333 struct ifaddrmsg *ifm; 3357 struct ifaddrmsg *ifm;
3334 struct nlattr *tb[IFA_MAX+1]; 3358 struct nlattr *tb[IFA_MAX+1];
3335 struct in6_addr *addr = NULL; 3359 struct in6_addr *addr = NULL;
@@ -3338,6 +3362,9 @@ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh,
3338 struct sk_buff *skb; 3362 struct sk_buff *skb;
3339 int err; 3363 int err;
3340 3364
3365 if (net != &init_net)
3366 return -EINVAL;
3367
3341 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 3368 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy);
3342 if (err < 0) 3369 if (err < 0)
3343 goto errout; 3370 goto errout;
@@ -3555,11 +3582,15 @@ nla_put_failure:
3555 3582
3556static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) 3583static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
3557{ 3584{
3585 struct net *net = skb->sk->sk_net;
3558 int idx, err; 3586 int idx, err;
3559 int s_idx = cb->args[0]; 3587 int s_idx = cb->args[0];
3560 struct net_device *dev; 3588 struct net_device *dev;
3561 struct inet6_dev *idev; 3589 struct inet6_dev *idev;
3562 3590
3591 if (net != &init_net)
3592 return 0;
3593
3563 read_lock(&dev_base_lock); 3594 read_lock(&dev_base_lock);
3564 idx = 0; 3595 idx = 0;
3565 for_each_netdev(&init_net, dev) { 3596 for_each_netdev(&init_net, dev) {
diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c
index 204d4d66834..b9b5d570714 100644
--- a/net/ipv6/addrlabel.c
+++ b/net/ipv6/addrlabel.c
@@ -361,12 +361,16 @@ static const struct nla_policy ifal_policy[IFAL_MAX+1] = {
361static int ip6addrlbl_newdel(struct sk_buff *skb, struct nlmsghdr *nlh, 361static int ip6addrlbl_newdel(struct sk_buff *skb, struct nlmsghdr *nlh,
362 void *arg) 362 void *arg)
363{ 363{
364 struct net *net = skb->sk->sk_net;
364 struct ifaddrlblmsg *ifal; 365 struct ifaddrlblmsg *ifal;
365 struct nlattr *tb[IFAL_MAX+1]; 366 struct nlattr *tb[IFAL_MAX+1];
366 struct in6_addr *pfx; 367 struct in6_addr *pfx;
367 u32 label; 368 u32 label;
368 int err = 0; 369 int err = 0;
369 370
371 if (net != &init_net)
372 return 0;
373
370 err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy); 374 err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy);
371 if (err < 0) 375 if (err < 0)
372 return err; 376 return err;
@@ -445,11 +449,15 @@ static int ip6addrlbl_fill(struct sk_buff *skb,
445 449
446static int ip6addrlbl_dump(struct sk_buff *skb, struct netlink_callback *cb) 450static int ip6addrlbl_dump(struct sk_buff *skb, struct netlink_callback *cb)
447{ 451{
452 struct net *net = skb->sk->sk_net;
448 struct ip6addrlbl_entry *p; 453 struct ip6addrlbl_entry *p;
449 struct hlist_node *pos; 454 struct hlist_node *pos;
450 int idx = 0, s_idx = cb->args[0]; 455 int idx = 0, s_idx = cb->args[0];
451 int err; 456 int err;
452 457
458 if (net != &init_net)
459 return 0;
460
453 rcu_read_lock(); 461 rcu_read_lock();
454 hlist_for_each_entry_rcu(p, pos, &ip6addrlbl_table.head, list) { 462 hlist_for_each_entry_rcu(p, pos, &ip6addrlbl_table.head, list) {
455 if (idx >= s_idx) { 463 if (idx >= s_idx) {
@@ -479,6 +487,7 @@ static inline int ip6addrlbl_msgsize(void)
479static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh, 487static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh,
480 void *arg) 488 void *arg)
481{ 489{
490 struct net *net = in_skb->sk->sk_net;
482 struct ifaddrlblmsg *ifal; 491 struct ifaddrlblmsg *ifal;
483 struct nlattr *tb[IFAL_MAX+1]; 492 struct nlattr *tb[IFAL_MAX+1];
484 struct in6_addr *addr; 493 struct in6_addr *addr;
@@ -487,6 +496,9 @@ static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh,
487 struct ip6addrlbl_entry *p; 496 struct ip6addrlbl_entry *p;
488 struct sk_buff *skb; 497 struct sk_buff *skb;
489 498
499 if (net != &init_net)
500 return 0;
501
490 err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy); 502 err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy);
491 if (err < 0) 503 if (err < 0)
492 return err; 504 return err;
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 946cf389ab9..31b60a02512 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -361,6 +361,7 @@ end:
361 361
362static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) 362static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
363{ 363{
364 struct net *net = skb->sk->sk_net;
364 unsigned int h, s_h; 365 unsigned int h, s_h;
365 unsigned int e = 0, s_e; 366 unsigned int e = 0, s_e;
366 struct rt6_rtnl_dump_arg arg; 367 struct rt6_rtnl_dump_arg arg;
@@ -369,6 +370,9 @@ static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
369 struct hlist_node *node; 370 struct hlist_node *node;
370 int res = 0; 371 int res = 0;
371 372
373 if (net != &init_net)
374 return 0;
375
372 s_h = cb->args[0]; 376 s_h = cb->args[0];
373 s_e = cb->args[1]; 377 s_e = cb->args[1];
374 378
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 4ef2cfaa346..5e1c5796761 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -2003,9 +2003,13 @@ errout:
2003 2003
2004static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 2004static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2005{ 2005{
2006 struct net *net = skb->sk->sk_net;
2006 struct fib6_config cfg; 2007 struct fib6_config cfg;
2007 int err; 2008 int err;
2008 2009
2010 if (net != &init_net)
2011 return -EINVAL;
2012
2009 err = rtm_to_fib6_config(skb, nlh, &cfg); 2013 err = rtm_to_fib6_config(skb, nlh, &cfg);
2010 if (err < 0) 2014 if (err < 0)
2011 return err; 2015 return err;
@@ -2015,9 +2019,13 @@ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *a
2015 2019
2016static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 2020static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2017{ 2021{
2022 struct net *net = skb->sk->sk_net;
2018 struct fib6_config cfg; 2023 struct fib6_config cfg;
2019 int err; 2024 int err;
2020 2025
2026 if (net != &init_net)
2027 return -EINVAL;
2028
2021 err = rtm_to_fib6_config(skb, nlh, &cfg); 2029 err = rtm_to_fib6_config(skb, nlh, &cfg);
2022 if (err < 0) 2030 if (err < 0)
2023 return err; 2031 return err;
@@ -2152,6 +2160,7 @@ int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2152 2160
2153static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) 2161static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2154{ 2162{
2163 struct net *net = in_skb->sk->sk_net;
2155 struct nlattr *tb[RTA_MAX+1]; 2164 struct nlattr *tb[RTA_MAX+1];
2156 struct rt6_info *rt; 2165 struct rt6_info *rt;
2157 struct sk_buff *skb; 2166 struct sk_buff *skb;
@@ -2159,6 +2168,9 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void
2159 struct flowi fl; 2168 struct flowi fl;
2160 int err, iif = 0; 2169 int err, iif = 0;
2161 2170
2171 if (net != &init_net)
2172 return -EINVAL;
2173
2162 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2174 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2163 if (err < 0) 2175 if (err < 0)
2164 goto errout; 2176 goto errout;
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index 72cdb0fade2..852829139c6 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -18,6 +18,8 @@
18#include <linux/skbuff.h> 18#include <linux/skbuff.h>
19#include <linux/init.h> 19#include <linux/init.h>
20#include <linux/kmod.h> 20#include <linux/kmod.h>
21#include <net/net_namespace.h>
22#include <net/sock.h>
21#include <net/sch_generic.h> 23#include <net/sch_generic.h>
22#include <net/act_api.h> 24#include <net/act_api.h>
23#include <net/netlink.h> 25#include <net/netlink.h>
@@ -924,10 +926,14 @@ done:
924 926
925static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, void *arg) 927static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
926{ 928{
929 struct net *net = skb->sk->sk_net;
927 struct rtattr **tca = arg; 930 struct rtattr **tca = arg;
928 u32 pid = skb ? NETLINK_CB(skb).pid : 0; 931 u32 pid = skb ? NETLINK_CB(skb).pid : 0;
929 int ret = 0, ovr = 0; 932 int ret = 0, ovr = 0;
930 933
934 if (net != &init_net)
935 return -EINVAL;
936
931 if (tca[TCA_ACT_TAB-1] == NULL) { 937 if (tca[TCA_ACT_TAB-1] == NULL) {
932 printk("tc_ctl_action: received NO action attribs\n"); 938 printk("tc_ctl_action: received NO action attribs\n");
933 return -EINVAL; 939 return -EINVAL;
@@ -997,6 +1003,7 @@ find_dump_kind(struct nlmsghdr *n)
997static int 1003static int
998tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1004tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
999{ 1005{
1006 struct net *net = skb->sk->sk_net;
1000 struct nlmsghdr *nlh; 1007 struct nlmsghdr *nlh;
1001 unsigned char *b = skb_tail_pointer(skb); 1008 unsigned char *b = skb_tail_pointer(skb);
1002 struct rtattr *x; 1009 struct rtattr *x;
@@ -1006,6 +1013,9 @@ tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
1006 struct tcamsg *t = (struct tcamsg *) NLMSG_DATA(cb->nlh); 1013 struct tcamsg *t = (struct tcamsg *) NLMSG_DATA(cb->nlh);
1007 struct rtattr *kind = find_dump_kind(cb->nlh); 1014 struct rtattr *kind = find_dump_kind(cb->nlh);
1008 1015
1016 if (net != &init_net)
1017 return 0;
1018
1009 if (kind == NULL) { 1019 if (kind == NULL) {
1010 printk("tc_dump_action: action bad kind\n"); 1020 printk("tc_dump_action: action bad kind\n");
1011 return 0; 1021 return 0;
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index bb98045d550..fdab6a530bb 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -23,6 +23,8 @@
23#include <linux/init.h> 23#include <linux/init.h>
24#include <linux/kmod.h> 24#include <linux/kmod.h>
25#include <linux/netlink.h> 25#include <linux/netlink.h>
26#include <net/net_namespace.h>
27#include <net/sock.h>
26#include <net/netlink.h> 28#include <net/netlink.h>
27#include <net/pkt_sched.h> 29#include <net/pkt_sched.h>
28#include <net/pkt_cls.h> 30#include <net/pkt_cls.h>
@@ -119,6 +121,7 @@ static __inline__ u32 tcf_auto_prio(struct tcf_proto *tp)
119 121
120static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n, void *arg) 122static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
121{ 123{
124 struct net *net = skb->sk->sk_net;
122 struct rtattr **tca; 125 struct rtattr **tca;
123 struct tcmsg *t; 126 struct tcmsg *t;
124 u32 protocol; 127 u32 protocol;
@@ -135,6 +138,9 @@ static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
135 unsigned long fh; 138 unsigned long fh;
136 int err; 139 int err;
137 140
141 if (net != &init_net)
142 return -EINVAL;
143
138replay: 144replay:
139 tca = arg; 145 tca = arg;
140 t = NLMSG_DATA(n); 146 t = NLMSG_DATA(n);
@@ -375,6 +381,7 @@ static int tcf_node_dump(struct tcf_proto *tp, unsigned long n, struct tcf_walke
375 381
376static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb) 382static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
377{ 383{
384 struct net *net = skb->sk->sk_net;
378 int t; 385 int t;
379 int s_t; 386 int s_t;
380 struct net_device *dev; 387 struct net_device *dev;
@@ -385,6 +392,9 @@ static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
385 const struct Qdisc_class_ops *cops; 392 const struct Qdisc_class_ops *cops;
386 struct tcf_dump_args arg; 393 struct tcf_dump_args arg;
387 394
395 if (net != &init_net)
396 return 0;
397
388 if (cb->nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*tcm))) 398 if (cb->nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*tcm)))
389 return skb->len; 399 return skb->len;
390 if ((dev = dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL) 400 if ((dev = dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL)
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
index 259321be1ad..f30e3f7ad88 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -29,6 +29,7 @@
29#include <linux/hrtimer.h> 29#include <linux/hrtimer.h>
30 30
31#include <net/net_namespace.h> 31#include <net/net_namespace.h>
32#include <net/sock.h>
32#include <net/netlink.h> 33#include <net/netlink.h>
33#include <net/pkt_sched.h> 34#include <net/pkt_sched.h>
34 35
@@ -599,6 +600,7 @@ check_loop_fn(struct Qdisc *q, unsigned long cl, struct qdisc_walker *w)
599 600
600static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg) 601static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
601{ 602{
603 struct net *net = skb->sk->sk_net;
602 struct tcmsg *tcm = NLMSG_DATA(n); 604 struct tcmsg *tcm = NLMSG_DATA(n);
603 struct rtattr **tca = arg; 605 struct rtattr **tca = arg;
604 struct net_device *dev; 606 struct net_device *dev;
@@ -607,6 +609,9 @@ static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
607 struct Qdisc *p = NULL; 609 struct Qdisc *p = NULL;
608 int err; 610 int err;
609 611
612 if (net != &init_net)
613 return -EINVAL;
614
610 if ((dev = __dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL) 615 if ((dev = __dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL)
611 return -ENODEV; 616 return -ENODEV;
612 617
@@ -660,6 +665,7 @@ static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
660 665
661static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg) 666static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
662{ 667{
668 struct net *net = skb->sk->sk_net;
663 struct tcmsg *tcm; 669 struct tcmsg *tcm;
664 struct rtattr **tca; 670 struct rtattr **tca;
665 struct net_device *dev; 671 struct net_device *dev;
@@ -667,6 +673,9 @@ static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
667 struct Qdisc *q, *p; 673 struct Qdisc *q, *p;
668 int err; 674 int err;
669 675
676 if (net != &init_net)
677 return -EINVAL;
678
670replay: 679replay:
671 /* Reinit, just in case something touches this. */ 680 /* Reinit, just in case something touches this. */
672 tcm = NLMSG_DATA(n); 681 tcm = NLMSG_DATA(n);
@@ -872,11 +881,15 @@ err_out:
872 881
873static int tc_dump_qdisc(struct sk_buff *skb, struct netlink_callback *cb) 882static int tc_dump_qdisc(struct sk_buff *skb, struct netlink_callback *cb)
874{ 883{
884 struct net *net = skb->sk->sk_net;
875 int idx, q_idx; 885 int idx, q_idx;
876 int s_idx, s_q_idx; 886 int s_idx, s_q_idx;
877 struct net_device *dev; 887 struct net_device *dev;
878 struct Qdisc *q; 888 struct Qdisc *q;
879 889
890 if (net != &init_net)
891 return 0;
892
880 s_idx = cb->args[0]; 893 s_idx = cb->args[0];
881 s_q_idx = q_idx = cb->args[1]; 894 s_q_idx = q_idx = cb->args[1];
882 read_lock(&dev_base_lock); 895 read_lock(&dev_base_lock);
@@ -920,6 +933,7 @@ done:
920 933
921static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg) 934static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
922{ 935{
936 struct net *net = skb->sk->sk_net;
923 struct tcmsg *tcm = NLMSG_DATA(n); 937 struct tcmsg *tcm = NLMSG_DATA(n);
924 struct rtattr **tca = arg; 938 struct rtattr **tca = arg;
925 struct net_device *dev; 939 struct net_device *dev;
@@ -932,6 +946,9 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
932 u32 qid = TC_H_MAJ(clid); 946 u32 qid = TC_H_MAJ(clid);
933 int err; 947 int err;
934 948
949 if (net != &init_net)
950 return -EINVAL;
951
935 if ((dev = __dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL) 952 if ((dev = __dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL)
936 return -ENODEV; 953 return -ENODEV;
937 954
@@ -1106,6 +1123,7 @@ static int qdisc_class_dump(struct Qdisc *q, unsigned long cl, struct qdisc_walk
1106 1123
1107static int tc_dump_tclass(struct sk_buff *skb, struct netlink_callback *cb) 1124static int tc_dump_tclass(struct sk_buff *skb, struct netlink_callback *cb)
1108{ 1125{
1126 struct net *net = skb->sk->sk_net;
1109 int t; 1127 int t;
1110 int s_t; 1128 int s_t;
1111 struct net_device *dev; 1129 struct net_device *dev;
@@ -1113,6 +1131,9 @@ static int tc_dump_tclass(struct sk_buff *skb, struct netlink_callback *cb)
1113 struct tcmsg *tcm = (struct tcmsg*)NLMSG_DATA(cb->nlh); 1131 struct tcmsg *tcm = (struct tcmsg*)NLMSG_DATA(cb->nlh);
1114 struct qdisc_dump_args arg; 1132 struct qdisc_dump_args arg;
1115 1133
1134 if (net != &init_net)
1135 return 0;
1136
1116 if (cb->nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*tcm))) 1137 if (cb->nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*tcm)))
1117 return 0; 1138 return 0;
1118 if ((dev = dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL) 1139 if ((dev = dev_get_by_index(&init_net, tcm->tcm_ifindex)) == NULL)