7 years ago · c383edc424
--- a/include/net/rtnetlink.h
+++ b/include/net/rtnetlink.h
@@ -165,6 +165,7 @@ int rtnl_configure_link(struct net_device *dev, const struct ifinfomsg *ifm);
 
				 
			
 
				 int rtnl_nla_parse_ifla(struct nlattr **tb, const struct nlattr *head, int len,
			
 
				 			struct netlink_ext_ack *exterr);
			
 
				+struct net *rtnl_get_net_ns_capable(struct sock *sk, int netnsid);
			
 
				 
			
 
				 #define MODULE_ALIAS_RTNL_LINK(kind) MODULE_ALIAS("rtnl-link-" kind)
			
 
				 
			
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1845,7 +1845,15 @@ static bool link_dump_filtered(struct net_device *dev,
 
				 	return false;
			
 
				 }
			
 
				 
			
 
				-static struct net *get_target_net(struct sock *sk, int netnsid)
			
 
				+/**
			
 
				+ * rtnl_get_net_ns_capable - Get netns if sufficiently privileged.
			
 
				+ * @sk: netlink socket
			
 
				+ * @netnsid: network namespace identifier
			
 
				+ *
			
 
				+ * Returns the network namespace identified by netnsid on success or an error
			
 
				+ * pointer on failure.
			
 
				+ */
			
 
				+struct net *rtnl_get_net_ns_capable(struct sock *sk, int netnsid)
			
 
				 {
			
 
				 	struct net *net;
			
 
				 
			
@@ -1862,6 +1870,7 @@ static struct net *get_target_net(struct sock *sk, int netnsid)
 
				 	}
			
 
				 	return net;
			
 
				 }
			
 
				+EXPORT_SYMBOL_GPL(rtnl_get_net_ns_capable);
			
 
				 
			
 
				 static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
			
 
				 {
			
@@ -1897,7 +1906,7 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
 
				 			ifla_policy, NULL) >= 0) {
			
 
				 		if (tb[IFLA_IF_NETNSID]) {
			
 
				 			netnsid = nla_get_s32(tb[IFLA_IF_NETNSID]);
			
 
				-			tgt_net = get_target_net(skb->sk, netnsid);
			
 
				+			tgt_net = rtnl_get_net_ns_capable(skb->sk, netnsid);
			
 
				 			if (IS_ERR(tgt_net)) {
			
 
				 				tgt_net = net;
			
 
				 				netnsid = -1;
			
@@ -2765,7 +2774,7 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh,
 
				 
			
 
				 	if (tb[IFLA_IF_NETNSID]) {
			
 
				 		netnsid = nla_get_s32(tb[IFLA_IF_NETNSID]);
			
 
				-		tgt_net = get_target_net(NETLINK_CB(skb).sk, netnsid);
			
 
				+		tgt_net = rtnl_get_net_ns_capable(NETLINK_CB(skb).sk, netnsid);
			
 
				 		if (IS_ERR(tgt_net))
			
 
				 			return PTR_ERR(tgt_net);
			
 
				 	}
			
@@ -3175,7 +3184,7 @@ static int rtnl_getlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 
				 
			
 
				 	if (tb[IFLA_IF_NETNSID]) {
			
 
				 		netnsid = nla_get_s32(tb[IFLA_IF_NETNSID]);
			
 
				-		tgt_net = get_target_net(NETLINK_CB(skb).sk, netnsid);
			
 
				+		tgt_net = rtnl_get_net_ns_capable(NETLINK_CB(skb).sk, netnsid);
			
 
				 		if (IS_ERR(tgt_net))
			
 
				 			return PTR_ERR(tgt_net);
			
 
				 	}