7 files changed, 28 insertions, 25 deletions
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index 9e572daa15d5..02fc86d2348e 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -46,8 +46,8 @@ struct netlink_kernel_cfg {
        unsigned int    flags;
        void            (*input)(struct sk_buff *skb);
        struct mutex    *cb_mutex;
-        int             (*bind)(int group);
+        int             (*bind)(struct net *net, int group);
-        void            (*unbind)(int group);
+        void            (*unbind)(struct net *net, int group);
        bool            (*compare)(struct net *net, struct sock *sk);
 };
diff --git a/include/net/genetlink.h b/include/net/genetlink.h
index 3ed31e5a445b..84125088c309 100644
--- a/include/net/genetlink.h
+++ b/include/net/genetlink.h
@@ -56,8 +56,8 @@ struct genl_family {
        void                    (*post_doit)(const struct genl_ops *ops,
                                             struct sk_buff *skb,
                                             struct genl_info *info);
-        int                     (*mcast_bind)(int group);
+        int                     (*mcast_bind)(struct net *net, int group);
-        void                    (*mcast_unbind)(int group);
+        void                    (*mcast_unbind)(struct net *net, int group);
        struct nlattr **        attrbuf;        /* private */
        const struct genl_ops * ops;            /* private */
        const struct genl_multicast_group *mcgrps; /* private */
diff --git a/kernel/audit.c b/kernel/audit.c
index f8f203e8018c..aba9d9fadf0c 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1100,7 +1100,7 @@ static void audit_receive(struct sk_buff  *skb)
 }
 /* Run custom bind function on netlink socket group connect or bind requests. */
-static int audit_bind(int group)
+static int audit_bind(struct net *net, int group)
 {
        if (!capable(CAP_AUDIT_READ))
                return -EPERM;
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 13c2e17bbe27..cde4a6702fa3 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -463,7 +463,7 @@ static void nfnetlink_rcv(struct sk_buff *skb)
 }
 #ifdef CONFIG_MODULES
-static int nfnetlink_bind(int group)
+static int nfnetlink_bind(struct net *net, int group)
 {
        const struct nfnetlink_subsystem *ss;
        int type;
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index f29b63fad932..84ea76ca3f1f 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1141,8 +1141,8 @@ static int netlink_create(struct net *net, struct socket *sock, int protocol,
        struct module *module = NULL;
        struct mutex *cb_mutex;
        struct netlink_sock *nlk;
-        int (*bind)(int group);
+        int (*bind)(struct net *net, int group);
-        void (*unbind)(int group);
+        void (*unbind)(struct net *net, int group);
        int err = 0;
        sock->state = SS_UNCONNECTED;
@@ -1251,7 +1251,7 @@ static int netlink_release(struct socket *sock)
                for (i = 0; i < nlk->ngroups; i++)
                        if (test_bit(i, nlk->groups))
-                                nlk->netlink_unbind(i + 1);
+                                nlk->netlink_unbind(sock_net(sk), i + 1);
        }
        kfree(nlk->groups);
        nlk->groups = NULL;
@@ -1418,8 +1418,9 @@ static int netlink_realloc_groups(struct sock *sk)
 }
 static void netlink_undo_bind(int group, long unsigned int groups,
-                              struct netlink_sock *nlk)
+                              struct sock *sk)
 {
+        struct netlink_sock *nlk = nlk_sk(sk);
        int undo;
        if (!nlk->netlink_unbind)
@@ -1427,7 +1428,7 @@ static void netlink_undo_bind(int group, long unsigned int groups,
        for (undo = 0; undo < group; undo++)
                if (test_bit(undo, &groups))
-                        nlk->netlink_unbind(undo);
+                        nlk->netlink_unbind(sock_net(sk), undo);
 }
 static int netlink_bind(struct socket *sock, struct sockaddr *addr,
@@ -1465,10 +1466,10 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr,
                for (group = 0; group < nlk->ngroups; group++) {
                        if (!test_bit(group, &groups))
                                continue;
-                        err = nlk->netlink_bind(group);
+                        err = nlk->netlink_bind(net, group);
                        if (!err)
                                continue;
-                        netlink_undo_bind(group, groups, nlk);
+                        netlink_undo_bind(group, groups, sk);
                        return err;
                }
        }
@@ -1478,7 +1479,7 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr,
                        netlink_insert(sk, net, nladdr->nl_pid) :
                        netlink_autobind(sock);
                if (err) {
-                        netlink_undo_bind(nlk->ngroups, groups, nlk);
+                        netlink_undo_bind(nlk->ngroups, groups, sk);
                        return err;
                }
        }
@@ -2129,7 +2130,7 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname,
                if (!val || val - 1 >= nlk->ngroups)
                        return -EINVAL;
                if (optname == NETLINK_ADD_MEMBERSHIP && nlk->netlink_bind) {
-                        err = nlk->netlink_bind(val);
+                        err = nlk->netlink_bind(sock_net(sk), val);
                        if (err)
                                return err;
                }
@@ -2138,7 +2139,7 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname,
                                         optname == NETLINK_ADD_MEMBERSHIP);
                netlink_table_ungrab();
                if (optname == NETLINK_DROP_MEMBERSHIP && nlk->netlink_unbind)
-                        nlk->netlink_unbind(val);
+                        nlk->netlink_unbind(sock_net(sk), val);
                err = 0;
                break;
diff --git a/net/netlink/af_netlink.h b/net/netlink/af_netlink.h
index b20a1731759b..f123a88496f8 100644
--- a/net/netlink/af_netlink.h
+++ b/net/netlink/af_netlink.h
@@ -39,8 +39,8 @@ struct netlink_sock {
        struct mutex            *cb_mutex;
        struct mutex            cb_def_mutex;
        void                    (*netlink_rcv)(struct sk_buff *skb);
-        int                     (*netlink_bind)(int group);
+        int                     (*netlink_bind)(struct net *net, int group);
-        void                    (*netlink_unbind)(int group);
+        void                    (*netlink_unbind)(struct net *net, int group);
        struct module           *module;
 #ifdef CONFIG_NETLINK_MMAP
        struct mutex            pg_vec_lock;
@@ -65,8 +65,8 @@ struct netlink_table {
        unsigned int            groups;
        struct mutex            *cb_mutex;
        struct module           *module;
-        int                     (*bind)(int group);
+        int                     (*bind)(struct net *net, int group);
-        void                    (*unbind)(int group);
+        void                    (*unbind)(struct net *net, int group);
        bool                    (*compare)(struct net *net, struct sock *sock);
        int                     registered;
 };
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index 05bf40bbd189..91566ed36c43 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -983,7 +983,7 @@ static struct genl_multicast_group genl_ctrl_groups[] = {
        { .name = "notify", },
 };
-static int genl_bind(int group)
+static int genl_bind(struct net *net, int group)
 {
        int i, err;
        bool found = false;
@@ -997,8 +997,10 @@ static int genl_bind(int group)
                            group < f->mcgrp_offset + f->n_mcgrps) {
                                int fam_grp = group - f->mcgrp_offset;
-                                if (f->mcast_bind)
+                                if (!f->netnsok && net != &init_net)
-                                        err = f->mcast_bind(fam_grp);
+                                        err = -ENOENT;
+                                else if (f->mcast_bind)
+                                        err = f->mcast_bind(net, fam_grp);
                                else
                                        err = 0;
                                found = true;
@@ -1014,7 +1016,7 @@ static int genl_bind(int group)
        return err;
 }
-static void genl_unbind(int group)
+static void genl_unbind(struct net *net, int group)
 {
        int i;
        bool found = false;
@@ -1029,7 +1031,7 @@ static void genl_unbind(int group)
                                int fam_grp = group - f->mcgrp_offset;
                                if (f->mcast_unbind)
-                                        f->mcast_unbind(fam_grp);
+                                        f->mcast_unbind(net, fam_grp);
                                found = true;
                                break;
                        }