From 300bf591deca8d108799e70e9300dc31765643e3 Mon Sep 17 00:00:00 2001 From: Daniel Lezcano Date: Wed, 5 Mar 2008 10:46:31 -0800 Subject: [NETNS][IPV6] proc - protect snmp6 from non-init_net calls This patchset avoids creation of the /proc entry for snmp6 when the call is made from a network namespace different from the init_net. Signed-off-by: Daniel Lezcano Signed-off-by: David S. Miller --- net/ipv6/proc.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'net') diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c index 5ba7ae849d0..2453f2229ef 100644 --- a/net/ipv6/proc.c +++ b/net/ipv6/proc.c @@ -220,6 +220,9 @@ int snmp6_register_dev(struct inet6_dev *idev) if (!idev || !idev->dev) return -EINVAL; + if (idev->dev->nd_net != &init_net) + return 0; + if (!proc_net_devsnmp6) return -ENOENT; -- cgit v1.2.3-18-g5258