aboutsummaryrefslogtreecommitdiffstats
path: root/net/decnet/dn_fib.c
diff options
context:
space:
mode:
authorDenis V. Lunev <den@openvz.org>2007-11-30 08:21:31 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:54:24 -0500
commitb854272b3c732316676e9128f7b9e6f1e1ff88b0 (patch)
treec90c74b9ec068453881f1173da4c57d6bb00a7d9 /net/decnet/dn_fib.c
parentad5d20a63940fcfb40af76ba06148f36d5d0b433 (diff)
[NET]: Modify all rtnetlink methods to only work in the initial namespace (v2)
Before I can enable rtnetlink to work in all network namespaces I need to be certain that something won't break. So this patch deliberately disables all of the rtnletlink methods in everything except the initial network namespace. After the methods have been audited this extra check can be disabled. Changes from v1: - added IPv6 addrlabel protection Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'net/decnet/dn_fib.c')
-rw-r--r--net/decnet/dn_fib.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c
index 3760a20d10d0..5413e1b75b5d 100644
--- a/net/decnet/dn_fib.c
+++ b/net/decnet/dn_fib.c
@@ -506,10 +506,14 @@ static int dn_fib_check_attr(struct rtmsg *r, struct rtattr **rta)
506 506
507static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 507static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
508{ 508{
509 struct net *net = skb->sk->sk_net;
509 struct dn_fib_table *tb; 510 struct dn_fib_table *tb;
510 struct rtattr **rta = arg; 511 struct rtattr **rta = arg;
511 struct rtmsg *r = NLMSG_DATA(nlh); 512 struct rtmsg *r = NLMSG_DATA(nlh);
512 513
514 if (net != &init_net)
515 return -EINVAL;
516
513 if (dn_fib_check_attr(r, rta)) 517 if (dn_fib_check_attr(r, rta))
514 return -EINVAL; 518 return -EINVAL;
515 519
@@ -522,10 +526,14 @@ static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *
522 526
523static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) 527static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
524{ 528{
529 struct net *net = skb->sk->sk_net;
525 struct dn_fib_table *tb; 530 struct dn_fib_table *tb;
526 struct rtattr **rta = arg; 531 struct rtattr **rta = arg;
527 struct rtmsg *r = NLMSG_DATA(nlh); 532 struct rtmsg *r = NLMSG_DATA(nlh);
528 533
534 if (net != &init_net)
535 return -EINVAL;
536
529 if (dn_fib_check_attr(r, rta)) 537 if (dn_fib_check_attr(r, rta))
530 return -EINVAL; 538 return -EINVAL;
531 539