diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2007-10-09 02:24:22 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-10-10 19:49:07 -0400 |
| commit | 1b8d7ae42d02e483ad94035cca851e4f7fbecb40 (patch) | |
| tree | 81f8cc0ee49ef99cc67dfed3dc7b7ecb510abf8b /net/tipc | |
| parent | 457c4cbc5a3dde259d2a1f15d5f9785290397267 (diff) | |
[NET]: Make socket creation namespace safe.
This patch passes in the namespace a new socket should be created in
and has the socket code do the appropriate reference counting. By
virtue of this all socket create methods are touched. In addition
the socket create methods are modified so that they will fail if
you attempt to create a socket in a non-default network namespace.
Failing if we attempt to create a socket outside of the default
network namespace ensures that as we incrementally make the network stack
network namespace aware we will not export functionality that someone
has not audited and made certain is network namespace safe.
Allowing us to partially enable network namespaces before all of the
exotic protocols are supported.
Any protocol layers I have missed will fail to compile because I now
pass an extra parameter into the socket creation code.
[ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ]
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tipc')
| -rw-r--r-- | net/tipc/socket.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/net/tipc/socket.c b/net/tipc/socket.c index 84110172031e..e36b4b5a5222 100644 --- a/net/tipc/socket.c +++ b/net/tipc/socket.c | |||
| @@ -162,13 +162,16 @@ static void advance_queue(struct tipc_sock *tsock) | |||
| 162 | * | 162 | * |
| 163 | * Returns 0 on success, errno otherwise | 163 | * Returns 0 on success, errno otherwise |
| 164 | */ | 164 | */ |
| 165 | static int tipc_create(struct socket *sock, int protocol) | 165 | static int tipc_create(struct net *net, struct socket *sock, int protocol) |
| 166 | { | 166 | { |
| 167 | struct tipc_sock *tsock; | 167 | struct tipc_sock *tsock; |
| 168 | struct tipc_port *port; | 168 | struct tipc_port *port; |
| 169 | struct sock *sk; | 169 | struct sock *sk; |
| 170 | u32 ref; | 170 | u32 ref; |
| 171 | 171 | ||
| 172 | if (net != &init_net) | ||
| 173 | return -EAFNOSUPPORT; | ||
| 174 | |||
| 172 | if (unlikely(protocol != 0)) | 175 | if (unlikely(protocol != 0)) |
| 173 | return -EPROTONOSUPPORT; | 176 | return -EPROTONOSUPPORT; |
| 174 | 177 | ||
| @@ -198,7 +201,7 @@ static int tipc_create(struct socket *sock, int protocol) | |||
| 198 | return -EPROTOTYPE; | 201 | return -EPROTOTYPE; |
| 199 | } | 202 | } |
| 200 | 203 | ||
| 201 | sk = sk_alloc(AF_TIPC, GFP_KERNEL, &tipc_proto, 1); | 204 | sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto, 1); |
| 202 | if (!sk) { | 205 | if (!sk) { |
| 203 | tipc_deleteport(ref); | 206 | tipc_deleteport(ref); |
| 204 | return -ENOMEM; | 207 | return -ENOMEM; |
| @@ -1372,7 +1375,7 @@ static int accept(struct socket *sock, struct socket *newsock, int flags) | |||
| 1372 | } | 1375 | } |
| 1373 | buf = skb_peek(&sock->sk->sk_receive_queue); | 1376 | buf = skb_peek(&sock->sk->sk_receive_queue); |
| 1374 | 1377 | ||
| 1375 | res = tipc_create(newsock, 0); | 1378 | res = tipc_create(sock->sk->sk_net, newsock, 0); |
| 1376 | if (!res) { | 1379 | if (!res) { |
| 1377 | struct tipc_sock *new_tsock = tipc_sk(newsock->sk); | 1380 | struct tipc_sock *new_tsock = tipc_sk(newsock->sk); |
| 1378 | struct tipc_portid id; | 1381 | struct tipc_portid id; |