Commit 300bf591 authored by Daniel Lezcano's avatar Daniel Lezcano Committed by David S. Miller

[NETNS][IPV6] proc - protect snmp6 from non-init_net calls

This patchset avoids creation of the /proc entry for snmp6 when
the call is made from a network namespace different from the init_net.
Signed-off-by: default avatarDaniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 075de939
...@@ -220,6 +220,9 @@ int snmp6_register_dev(struct inet6_dev *idev) ...@@ -220,6 +220,9 @@ int snmp6_register_dev(struct inet6_dev *idev)
if (!idev || !idev->dev) if (!idev || !idev->dev)
return -EINVAL; return -EINVAL;
if (idev->dev->nd_net != &init_net)
return 0;
if (!proc_net_devsnmp6) if (!proc_net_devsnmp6)
return -ENOENT; return -ENOENT;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment