diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/dev.c | 4 | ||||
| -rw-r--r-- | net/core/net_namespace.c | 3 |
2 files changed, 7 insertions, 0 deletions
diff --git a/net/core/dev.c b/net/core/dev.c index 68d8df0992ab..c421a1f8f0b9 100644 --- a/net/core/dev.c +++ b/net/core/dev.c | |||
| @@ -2077,6 +2077,10 @@ int netif_receive_skb(struct sk_buff *skb) | |||
| 2077 | 2077 | ||
| 2078 | rcu_read_lock(); | 2078 | rcu_read_lock(); |
| 2079 | 2079 | ||
| 2080 | /* Don't receive packets in an exiting network namespace */ | ||
| 2081 | if (!net_alive(dev_net(skb->dev))) | ||
| 2082 | goto out; | ||
| 2083 | |||
| 2080 | #ifdef CONFIG_NET_CLS_ACT | 2084 | #ifdef CONFIG_NET_CLS_ACT |
| 2081 | if (skb->tc_verd & TC_NCLS) { | 2085 | if (skb->tc_verd & TC_NCLS) { |
| 2082 | skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); | 2086 | skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); |
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 72b4c184dd84..7c52fe277b62 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c | |||
| @@ -140,6 +140,9 @@ static void cleanup_net(struct work_struct *work) | |||
| 140 | struct pernet_operations *ops; | 140 | struct pernet_operations *ops; |
| 141 | struct net *net; | 141 | struct net *net; |
| 142 | 142 | ||
| 143 | /* Be very certain incoming network packets will not find us */ | ||
| 144 | rcu_barrier(); | ||
| 145 | |||
| 143 | net = container_of(work, struct net, work); | 146 | net = container_of(work, struct net, work); |
| 144 | 147 | ||
| 145 | mutex_lock(&net_mutex); | 148 | mutex_lock(&net_mutex); |