aboutsummaryrefslogtreecommitdiffstats
path: root/net/appletalk
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2007-09-17 14:53:39 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-10 19:49:08 -0400
commite730c15519d09ea528b4d2f1103681fa5937c0e6 (patch)
treec117294523f4d004fb1d740610b6403e5744cdfc /net/appletalk
parent6d34b1c27a72d5d1c73c567b2f6b1fde316e0eae (diff)
[NET]: Make packet reception network namespace safe
This patch modifies every packet receive function registered with dev_add_pack() to drop packets if they are not from the initial network namespace. This should ensure that the various network stacks do not receive packets in a anything but the initial network namespace until the code has been converted and is ready for them. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/appletalk')
-rw-r--r--net/appletalk/aarp.c3
-rw-r--r--net/appletalk/ddp.c6
2 files changed, 9 insertions, 0 deletions
diff --git a/net/appletalk/aarp.c b/net/appletalk/aarp.c
index 80b54148460..9267f481879 100644
--- a/net/appletalk/aarp.c
+++ b/net/appletalk/aarp.c
@@ -713,6 +713,9 @@ static int aarp_rcv(struct sk_buff *skb, struct net_device *dev,
713 struct atalk_addr sa, *ma, da; 713 struct atalk_addr sa, *ma, da;
714 struct atalk_iface *ifa; 714 struct atalk_iface *ifa;
715 715
716 if (dev->nd_net != &init_net)
717 goto out0;
718
716 /* We only do Ethernet SNAP AARP. */ 719 /* We only do Ethernet SNAP AARP. */
717 if (dev->type != ARPHRD_ETHER) 720 if (dev->type != ARPHRD_ETHER)
718 goto out0; 721 goto out0;
diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index fd1d52f0970..c1f1367cad4 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -1403,6 +1403,9 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1403 int origlen; 1403 int origlen;
1404 __u16 len_hops; 1404 __u16 len_hops;
1405 1405
1406 if (dev->nd_net != &init_net)
1407 goto freeit;
1408
1406 /* Don't mangle buffer if shared */ 1409 /* Don't mangle buffer if shared */
1407 if (!(skb = skb_share_check(skb, GFP_ATOMIC))) 1410 if (!(skb = skb_share_check(skb, GFP_ATOMIC)))
1408 goto out; 1411 goto out;
@@ -1488,6 +1491,9 @@ freeit:
1488static int ltalk_rcv(struct sk_buff *skb, struct net_device *dev, 1491static int ltalk_rcv(struct sk_buff *skb, struct net_device *dev,
1489 struct packet_type *pt, struct net_device *orig_dev) 1492 struct packet_type *pt, struct net_device *orig_dev)
1490{ 1493{
1494 if (dev->nd_net != &init_net)
1495 goto freeit;
1496
1491 /* Expand any short form frames */ 1497 /* Expand any short form frames */
1492 if (skb_mac_header(skb)[2] == 1) { 1498 if (skb_mac_header(skb)[2] == 1) {
1493 struct ddpehdr *ddp; 1499 struct ddpehdr *ddp;