提交 300bf591 编写于 作者: D Daniel Lezcano 提交者: David S. Miller

[NETNS][IPV6] proc - protect snmp6 from non-init_net calls

This patchset avoids creation of the /proc entry for snmp6 when
the call is made from a network namespace different from the init_net.
Signed-off-by: NDaniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 075de939
...@@ -220,6 +220,9 @@ int snmp6_register_dev(struct inet6_dev *idev) ...@@ -220,6 +220,9 @@ int snmp6_register_dev(struct inet6_dev *idev)
if (!idev || !idev->dev) if (!idev || !idev->dev)
return -EINVAL; return -EINVAL;
if (idev->dev->nd_net != &init_net)
return 0;
if (!proc_net_devsnmp6) if (!proc_net_devsnmp6)
return -ENOENT; return -ENOENT;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册