linux/net
Pavel Emelyanov aca51397d0 netns: Fix arbitrary net_device-s corruptions on net_ns stop.
When a net namespace is destroyed, some devices (those, not killed
on ns stop explicitly) are moved back to init_net.

The problem, is that this net_ns change has one point of failure -
the __dev_alloc_name() may be called if a name collision occurs (and
this is easy to trigger). This allocator performs a likely-to-fail
GFP_ATOMIC allocation to find a suitable number. Other possible 
conditions that may cause error (for device being ns local or not
registered) are always false in this case.

So, when this call fails, the device is unregistered. But this is
*not* the right thing to do, since after this the device may be
released (and kfree-ed) improperly. E. g. bridges require more
actions (sysfs update, timer disarming, etc.), some other devices 
want to remove their private areas from lists, etc.

I. e. arbitrary use-after-free cases may occur.

The proposed fix is the following: since the only reason for the
dev_change_net_namespace to fail is the name generation, we may
give it a unique fall-back name w/o %d-s in it - the dev<ifindex>
one, since ifindexes are still unique.

So make this change, raise the failure-case printk loglevel to 
EMERG and replace the unregister_netdevice call with BUG().

[ Use snprintf() -DaveM ]

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-05-08 01:24:25 -07:00
..
9p Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-03 14:33:42 -07:00
802 [TR] net/802/tr.c: sysctl_tr_rif_timeout static 2008-01-31 19:28:31 -08:00
8021q vlan: assign PDE->data before gluing PDE into /proc tree 2008-05-02 04:09:11 -07:00
appletalk [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
atm Revert "atm: Do not free already unregistered net device." 2008-05-06 00:00:16 -07:00
ax25 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-14 02:30:23 -07:00
bluetooth bluetooth: use get/put_unaligned_* helpers 2008-05-02 16:25:46 -07:00
bridge bridge: Consolidate error paths in br_add_bridge(). 2008-05-04 17:58:07 -07:00
can can: Fix copy_from_user() results interpretation 2008-04-27 14:26:51 -07:00
core netns: Fix arbitrary net_device-s corruptions on net_ns stop. 2008-05-08 01:24:25 -07:00
dccp dccp: return -EINVAL on invalid feature length 2008-05-05 13:50:24 -07:00
decnet ip: Use inline function dst_metric() instead of direct access to dst->metric[] 2008-05-04 22:14:42 -07:00
econet [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
ethernet [NET]: Return more appropriate error from eth_validate_addr(). 2008-04-13 22:45:40 -07:00
ieee80211 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-14 02:30:23 -07:00
ipv4 net/ipv4: correct RFC 1122 section reference in comment 2008-05-08 01:11:04 -07:00
ipv6 ip: Use inline function dst_metric() instead of direct access to dst->metric[] 2008-05-04 22:14:42 -07:00
ipx [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
irda irda: use get_unaligned_* helpers 2008-05-02 16:21:52 -07:00
iucv iucv: Delay bus registration until core is ready. 2008-04-10 02:12:45 -07:00
key Audit: collect sessionid in netlink messages 2008-04-28 06:18:03 -04:00
lapb [LAPB] net/lapb/lapb_iface.c: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:52 -08:00
llc Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
mac80211 mac80211: Do not free net device after it is unregistered. 2008-05-04 17:59:30 -07:00
netfilter netfilter: Kconfig: default DCCP/SCTP conntrack support to the protocol config values 2008-05-08 01:16:04 -07:00
netlabel Audit: collect sessionid in netlink messages 2008-04-28 06:18:03 -04:00
netlink Audit: collect sessionid in netlink messages 2008-04-28 06:18:03 -04:00
netrom [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
packet [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
rfkill rfkill: Fix device type check when toggling states 2008-04-15 15:04:35 -04:00
rose rose: Wrong list_lock argument in rose_node seqops 2008-05-02 17:03:22 -07:00
rxrpc net: Add missing braces to multi-statement if()s 2008-05-02 16:20:10 -07:00
sched net_cls_act: act_simple dont ignore realloc code 2008-05-06 00:10:24 -07:00
sctp [NET]: Fix heavy stack usage in seq_file output routines. 2008-04-24 01:02:16 -07:00
sunrpc sunrpc: assign PDE->data before gluing PDE into /proc tree 2008-05-02 02:44:36 -07:00
tipc tipc: endianness annotations 2008-04-27 14:26:49 -07:00
unix Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-24 08:40:34 -07:00
wanrouter [WANROUTER]: Use proc_create() to setup ->proc_fops first 2008-02-28 14:15:56 -08:00
wireless Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-14 02:30:23 -07:00
x25 [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
xfrm Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 2008-04-29 11:41:22 -07:00
compat.c net: Add compat support for getsockopt (MCAST_MSFILTER) 2008-04-29 03:23:22 -07:00
Kconfig [IPV4]: Fix size description of CONFIG_INET. 2008-03-04 15:18:22 +09:00
Makefile [CAN]: Add PF_CAN core module 2008-01-28 14:54:10 -08:00
nonet.c
socket.c net: Unexport move_addr_to_{kernel,user} 2008-04-23 03:37:49 -07:00
sysctl_net.c net: fix returning void-valued expression warnings 2008-05-01 02:47:38 -07:00
TUNABLE