lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 06 May 2015 15:42:50 +0200 From: Nicolas Dichtel <nicolas.dichtel@...nd.com> To: Thomas Graf <tgraf@...g.ch> CC: netdev@...r.kernel.org, davem@...emloft.net, ebiederm@...ssion.com Subject: Re: [PATCH net-next 6/6] netlink: allow to listen "all" netns Le 06/05/2015 14:10, Thomas Graf a écrit : > On 05/06/15 at 11:58am, Nicolas Dichtel wrote: [snip] >> +/* This function returns true is the peer netns has an id assigned into the >> + * current netns. >> + */ >> +bool peernet_has_id(struct net *net, struct net *peer) >> +{ >> + return peernet2id(net, peer) >= 0; >> +} > > Missing export? Only used by net/netlink/af_netlink.c, which cannot be compiled as a module. > >> + >> struct net *get_net_ns_by_id(struct net *net, int id) >> { >> unsigned long flags; >> diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c >> index ec4adbdcb9b4..bdbde542e952 100644 >> --- a/net/netlink/af_netlink.c >> +++ b/net/netlink/af_netlink.c >> @@ -83,6 +83,7 @@ struct listeners { >> #define NETLINK_RECV_PKTINFO 0x2 >> #define NETLINK_BROADCAST_SEND_ERROR 0x4 >> #define NETLINK_RECV_NO_ENOBUFS 0x8 >> +#define NETLINK_LISTEN_ALL 0x10 > > Maybe name this NETLINK_LISTEN_ALL_NSID just to make it clear? Yes ... but it's also the name of the socket option (see include/uapi/linux /netlink.h). I can introduce a patch before this one to rename all these private flags from NETLINK_FOO to NETLINK_F_FOO so that they will never overlap with netlink socket options. > >> + if (!file_ns_capable(sk->sk_socket->file, p->net->user_ns, >> + CAP_NET_BROADCAST)) >> + return; >> + } >> + NETLINK_CB(p->skb).net = p->net; > > Does this need a get_net()? The netns could disappear while the skb is > queued, right? > You're right. Thank you for your review. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists