[NETNS]: Minor information leak via /proc/net/ptype file.

This file displays the registered packet types, but some of them
(packet sockets creates such) can be bound to a net device and showing
them in a wrong namespace is not correct.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 4 insertions, 3 deletions

diff --git a/net/core/dev.c b/net/core/dev.c
index f973e38b81af..aebd08606040 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2615,7 +2615,7 @@ static int ptype_seq_show(struct seq_file *seq, void *v)
 
         if (v == SEQ_START_TOKEN)
                 seq_puts(seq, "Type Device      Function\n");
-        else {
+        else if (pt->dev == NULL || pt->dev->nd_net == seq_file_net(seq)) {
                 if (pt->type == htons(ETH_P_ALL))
                         seq_puts(seq, "ALL ");
                 else
@@ -2639,7 +2639,8 @@ static const struct seq_operations ptype_seq_ops = {
 
 static int ptype_seq_open(struct inode *inode, struct file *file)
 {
-        return seq_open(file, &ptype_seq_ops);
+        return seq_open_net(inode, file, &ptype_seq_ops,
+                        sizeof(struct seq_net_private));
 }
 
 static const struct file_operations ptype_seq_fops = {
@@ -2647,7 +2648,7 @@ static const struct file_operations ptype_seq_fops = {
         .open    = ptype_seq_open,
         .read    = seq_read,
         .llseek  = seq_lseek,
-        .release = seq_release,
+        .release = seq_release_net,
 };