From: Gao feng <gaofeng@cn.fujitsu.com>
Date: Thu, 20 Jun 2013 02:01:33 +0000 (+0800)
Subject: neigh: only allow init_net to change the default neigh_parms
X-Git-Tag: upstream/snapshot3+hdmi~4705^2~48
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=170d6f99541600ec7512f1d2b0b0c349009098d2;hp=cf89d6b2803ab99ac596f95d585c3057d2be645c;p=platform%2Fadaptation%2Frenesas_rcar%2Frenesas_kernel.git

neigh: only allow init_net to change the default neigh_parms

Though we don't export the /proc/sys/net/ipv[4,6]/neigh/default/
directory to the un-init_net, but we can still use cmd such as
"ip ntable change name arp_cache locktime 129" to change the locktime
of default neigh_parms.

This patch disallows the un-init_net to find out the neigh_table.parms.
So the un-init_net will failed to influence the init_net.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 53eab51..86f9b16 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1419,7 +1419,7 @@ static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
 
 	for (p = &tbl->parms; p; p = p->next) {
 		if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
-		    (!p->dev && !ifindex))
+		    (!p->dev && !ifindex && net_eq(net, &init_net)))
 			return p;
 	}