diff options
author | Denis V. Lunev <den@openvz.org> | 2008-02-28 23:48:49 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-02-28 23:48:49 -0500 |
commit | 2430aa85de8343662e8496dac9f9e4dade680023 (patch) | |
tree | e64ced549ad5b18cc9dc3ab36035c6ded65d1a19 /net/ipv4/igmp.c | |
parent | 0c65babd6ce758dd06330b3d9d677b7624f9e3fa (diff) |
[NETNS]: Disable multicaststing configuration inside non-initial namespace.
Do not calls hooks from device notifiers and disallow configuration from
ioctl/netlink layer.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/igmp.c')
-rw-r--r-- | net/ipv4/igmp.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index 732cd07e6071..d3f34a772f3b 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c | |||
@@ -1198,6 +1198,9 @@ void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) | |||
1198 | 1198 | ||
1199 | ASSERT_RTNL(); | 1199 | ASSERT_RTNL(); |
1200 | 1200 | ||
1201 | if (in_dev->dev->nd_net != &init_net) | ||
1202 | return; | ||
1203 | |||
1201 | for (im=in_dev->mc_list; im; im=im->next) { | 1204 | for (im=in_dev->mc_list; im; im=im->next) { |
1202 | if (im->multiaddr == addr) { | 1205 | if (im->multiaddr == addr) { |
1203 | im->users++; | 1206 | im->users++; |
@@ -1277,6 +1280,9 @@ void ip_mc_dec_group(struct in_device *in_dev, __be32 addr) | |||
1277 | 1280 | ||
1278 | ASSERT_RTNL(); | 1281 | ASSERT_RTNL(); |
1279 | 1282 | ||
1283 | if (in_dev->dev->nd_net != &init_net) | ||
1284 | return; | ||
1285 | |||
1280 | for (ip=&in_dev->mc_list; (i=*ip)!=NULL; ip=&i->next) { | 1286 | for (ip=&in_dev->mc_list; (i=*ip)!=NULL; ip=&i->next) { |
1281 | if (i->multiaddr==addr) { | 1287 | if (i->multiaddr==addr) { |
1282 | if (--i->users == 0) { | 1288 | if (--i->users == 0) { |
@@ -1304,6 +1310,9 @@ void ip_mc_down(struct in_device *in_dev) | |||
1304 | 1310 | ||
1305 | ASSERT_RTNL(); | 1311 | ASSERT_RTNL(); |
1306 | 1312 | ||
1313 | if (in_dev->dev->nd_net != &init_net) | ||
1314 | return; | ||
1315 | |||
1307 | for (i=in_dev->mc_list; i; i=i->next) | 1316 | for (i=in_dev->mc_list; i; i=i->next) |
1308 | igmp_group_dropped(i); | 1317 | igmp_group_dropped(i); |
1309 | 1318 | ||
@@ -1324,6 +1333,9 @@ void ip_mc_init_dev(struct in_device *in_dev) | |||
1324 | { | 1333 | { |
1325 | ASSERT_RTNL(); | 1334 | ASSERT_RTNL(); |
1326 | 1335 | ||
1336 | if (in_dev->dev->nd_net != &init_net) | ||
1337 | return; | ||
1338 | |||
1327 | in_dev->mc_tomb = NULL; | 1339 | in_dev->mc_tomb = NULL; |
1328 | #ifdef CONFIG_IP_MULTICAST | 1340 | #ifdef CONFIG_IP_MULTICAST |
1329 | in_dev->mr_gq_running = 0; | 1341 | in_dev->mr_gq_running = 0; |
@@ -1347,6 +1359,9 @@ void ip_mc_up(struct in_device *in_dev) | |||
1347 | 1359 | ||
1348 | ASSERT_RTNL(); | 1360 | ASSERT_RTNL(); |
1349 | 1361 | ||
1362 | if (in_dev->dev->nd_net != &init_net) | ||
1363 | return; | ||
1364 | |||
1350 | ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); | 1365 | ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); |
1351 | 1366 | ||
1352 | for (i=in_dev->mc_list; i; i=i->next) | 1367 | for (i=in_dev->mc_list; i; i=i->next) |
@@ -1363,6 +1378,9 @@ void ip_mc_destroy_dev(struct in_device *in_dev) | |||
1363 | 1378 | ||
1364 | ASSERT_RTNL(); | 1379 | ASSERT_RTNL(); |
1365 | 1380 | ||
1381 | if (in_dev->dev->nd_net != &init_net) | ||
1382 | return; | ||
1383 | |||
1366 | /* Deactivate timers */ | 1384 | /* Deactivate timers */ |
1367 | ip_mc_down(in_dev); | 1385 | ip_mc_down(in_dev); |
1368 | 1386 | ||
@@ -1744,6 +1762,9 @@ int ip_mc_join_group(struct sock *sk , struct ip_mreqn *imr) | |||
1744 | if (!ipv4_is_multicast(addr)) | 1762 | if (!ipv4_is_multicast(addr)) |
1745 | return -EINVAL; | 1763 | return -EINVAL; |
1746 | 1764 | ||
1765 | if (sk->sk_net != &init_net) | ||
1766 | return -EPROTONOSUPPORT; | ||
1767 | |||
1747 | rtnl_lock(); | 1768 | rtnl_lock(); |
1748 | 1769 | ||
1749 | in_dev = ip_mc_find_dev(imr); | 1770 | in_dev = ip_mc_find_dev(imr); |
@@ -1812,6 +1833,9 @@ int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr) | |||
1812 | u32 ifindex; | 1833 | u32 ifindex; |
1813 | int ret = -EADDRNOTAVAIL; | 1834 | int ret = -EADDRNOTAVAIL; |
1814 | 1835 | ||
1836 | if (sk->sk_net != &init_net) | ||
1837 | return -EPROTONOSUPPORT; | ||
1838 | |||
1815 | rtnl_lock(); | 1839 | rtnl_lock(); |
1816 | in_dev = ip_mc_find_dev(imr); | 1840 | in_dev = ip_mc_find_dev(imr); |
1817 | ifindex = imr->imr_ifindex; | 1841 | ifindex = imr->imr_ifindex; |
@@ -1857,6 +1881,9 @@ int ip_mc_source(int add, int omode, struct sock *sk, struct | |||
1857 | if (!ipv4_is_multicast(addr)) | 1881 | if (!ipv4_is_multicast(addr)) |
1858 | return -EINVAL; | 1882 | return -EINVAL; |
1859 | 1883 | ||
1884 | if (sk->sk_net != &init_net) | ||
1885 | return -EPROTONOSUPPORT; | ||
1886 | |||
1860 | rtnl_lock(); | 1887 | rtnl_lock(); |
1861 | 1888 | ||
1862 | imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; | 1889 | imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; |
@@ -1990,6 +2017,9 @@ int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) | |||
1990 | msf->imsf_fmode != MCAST_EXCLUDE) | 2017 | msf->imsf_fmode != MCAST_EXCLUDE) |
1991 | return -EINVAL; | 2018 | return -EINVAL; |
1992 | 2019 | ||
2020 | if (sk->sk_net != &init_net) | ||
2021 | return -EPROTONOSUPPORT; | ||
2022 | |||
1993 | rtnl_lock(); | 2023 | rtnl_lock(); |
1994 | 2024 | ||
1995 | imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; | 2025 | imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; |
@@ -2070,6 +2100,9 @@ int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, | |||
2070 | if (!ipv4_is_multicast(addr)) | 2100 | if (!ipv4_is_multicast(addr)) |
2071 | return -EINVAL; | 2101 | return -EINVAL; |
2072 | 2102 | ||
2103 | if (sk->sk_net != &init_net) | ||
2104 | return -EPROTONOSUPPORT; | ||
2105 | |||
2073 | rtnl_lock(); | 2106 | rtnl_lock(); |
2074 | 2107 | ||
2075 | imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; | 2108 | imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; |
@@ -2132,6 +2165,9 @@ int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, | |||
2132 | if (!ipv4_is_multicast(addr)) | 2165 | if (!ipv4_is_multicast(addr)) |
2133 | return -EINVAL; | 2166 | return -EINVAL; |
2134 | 2167 | ||
2168 | if (sk->sk_net != &init_net) | ||
2169 | return -EPROTONOSUPPORT; | ||
2170 | |||
2135 | rtnl_lock(); | 2171 | rtnl_lock(); |
2136 | 2172 | ||
2137 | err = -EADDRNOTAVAIL; | 2173 | err = -EADDRNOTAVAIL; |
@@ -2216,6 +2252,9 @@ void ip_mc_drop_socket(struct sock *sk) | |||
2216 | if (inet->mc_list == NULL) | 2252 | if (inet->mc_list == NULL) |
2217 | return; | 2253 | return; |
2218 | 2254 | ||
2255 | if (sk->sk_net != &init_net) | ||
2256 | return; | ||
2257 | |||
2219 | rtnl_lock(); | 2258 | rtnl_lock(); |
2220 | while ((iml = inet->mc_list) != NULL) { | 2259 | while ((iml = inet->mc_list) != NULL) { |
2221 | struct in_device *in_dev; | 2260 | struct in_device *in_dev; |