From 024626e36d75fc8c6e32d50d4c68bfc3b8df5fdf Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Sat, 8 Dec 2007 00:09:24 -0800 Subject: [NET] sysctl: make the sys.net.core sysctls per-namespace Making them per-namespace is required for the following two reasons: First, some ctl values have a per-namespace meaning. Second, making them writable from the sub-namespace is an isolation hole. So I introduce the pernet operations to create these tables. For init_net I use the existing statically declared tables, for sub-namespace they are duplicated and the write bits are removed from the mode. Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller --- include/net/net_namespace.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/net') diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index f97b2a4469a..d5936115d97 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -37,6 +37,9 @@ struct net { struct sock *rtnl; /* rtnetlink socket */ + /* core sysctls */ + struct ctl_table_header *sysctl_core_hdr; + /* List of all packet sockets. */ rwlock_t packet_sklist_lock; struct hlist_head packet_sklist; -- cgit v1.2.3