diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/core.c | 8 | ||||
| -rw-r--r-- | net/netfilter/nf_sockopt.c | 3 |
2 files changed, 0 insertions, 11 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index b16cd79951c6..a90ac83c5918 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c | |||
| @@ -165,14 +165,6 @@ int nf_hook_slow(u_int8_t pf, unsigned int hook, struct sk_buff *skb, | |||
| 165 | unsigned int verdict; | 165 | unsigned int verdict; |
| 166 | int ret = 0; | 166 | int ret = 0; |
| 167 | 167 | ||
| 168 | #ifdef CONFIG_NET_NS | ||
| 169 | struct net *net; | ||
| 170 | |||
| 171 | net = indev == NULL ? dev_net(outdev) : dev_net(indev); | ||
| 172 | if (net != &init_net) | ||
| 173 | return 1; | ||
| 174 | #endif | ||
| 175 | |||
| 176 | /* We may already have this, but read-locks nest anyway */ | 168 | /* We may already have this, but read-locks nest anyway */ |
| 177 | rcu_read_lock(); | 169 | rcu_read_lock(); |
| 178 | 170 | ||
diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c index f9b46de6a3db..8ab829f86574 100644 --- a/net/netfilter/nf_sockopt.c +++ b/net/netfilter/nf_sockopt.c | |||
| @@ -65,9 +65,6 @@ static struct nf_sockopt_ops *nf_sockopt_find(struct sock *sk, u_int8_t pf, | |||
| 65 | { | 65 | { |
| 66 | struct nf_sockopt_ops *ops; | 66 | struct nf_sockopt_ops *ops; |
| 67 | 67 | ||
| 68 | if (!net_eq(sock_net(sk), &init_net)) | ||
| 69 | return ERR_PTR(-ENOPROTOOPT); | ||
| 70 | |||
| 71 | if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0) | 68 | if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0) |
| 72 | return ERR_PTR(-EINTR); | 69 | return ERR_PTR(-EINTR); |
| 73 | 70 | ||