Merge tag 'platform-drivers-x86-v4.5-1' of git://git.infradead.org/users/dvhart/linux...

[linux-2.6-block.git] / net / netfilter / nfnetlink_log.c

diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 740cce4685acfab8920a46d5d33e40a68da02f8c..8ca932057c13b32e39161de128edc81d21219ff6 100644 (file)
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -293,24 +293,20 @@ nfulnl_set_nlbufsiz(struct nfulnl_instance *inst, u_int32_t nlbufsiz)
        return status;
 }
 
-static int
+static void
 nfulnl_set_timeout(struct nfulnl_instance *inst, u_int32_t timeout)
 {
        spin_lock_bh(&inst->lock);
        inst->flushtimeout = timeout;
        spin_unlock_bh(&inst->lock);
-
-       return 0;
 }
 
-static int
+static void
 nfulnl_set_qthresh(struct nfulnl_instance *inst, u_int32_t qthresh)
 {
        spin_lock_bh(&inst->lock);
        inst->qthreshold = qthresh;
        spin_unlock_bh(&inst->lock);
-
-       return 0;
 }
 
 static int
@@ -789,10 +785,9 @@ static struct notifier_block nfulnl_rtnl_notifier = {
        .notifier_call  = nfulnl_rcv_nl_event,
 };
 
-static int
-nfulnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb,
-                  const struct nlmsghdr *nlh,
-                  const struct nlattr * const nfqa[])
+static int nfulnl_recv_unsupp(struct net *net, struct sock *ctnl,
+                             struct sk_buff *skb, const struct nlmsghdr *nlh,
+                             const struct nlattr * const nfqa[])
 {
        return -ENOTSUPP;
 }
@@ -813,16 +808,14 @@ static const struct nla_policy nfula_cfg_policy[NFULA_CFG_MAX+1] = {
        [NFULA_CFG_FLAGS]       = { .type = NLA_U16 },
 };
 
-static int
-nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
-                  const struct nlmsghdr *nlh,
-                  const struct nlattr * const nfula[])
+static int nfulnl_recv_config(struct net *net, struct sock *ctnl,
+                             struct sk_buff *skb, const struct nlmsghdr *nlh,
+                             const struct nlattr * const nfula[])
 {
        struct nfgenmsg *nfmsg = nlmsg_data(nlh);
        u_int16_t group_num = ntohs(nfmsg->res_id);
        struct nfulnl_instance *inst;
        struct nfulnl_msg_config_cmd *cmd = NULL;
-       struct net *net = sock_net(ctnl);
        struct nfnl_log_net *log = nfnl_log_pernet(net);
        int ret = 0;
        u16 flags = 0;
@@ -895,7 +888,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
                        goto out_put;
                default:
                        ret = -ENOTSUPP;
-                       break;
+                       goto out_put;
                }
        } else if (!inst) {
                ret = -ENODEV;
@@ -1064,15 +1057,26 @@ static int __net_init nfnl_log_net_init(struct net *net)
 {
        unsigned int i;
        struct nfnl_log_net *log = nfnl_log_pernet(net);
+#ifdef CONFIG_PROC_FS
+       struct proc_dir_entry *proc;
+       kuid_t root_uid;
+       kgid_t root_gid;
+#endif
 
        for (i = 0; i < INSTANCE_BUCKETS; i++)
                INIT_HLIST_HEAD(&log->instance_table[i]);
        spin_lock_init(&log->instances_lock);
 
 #ifdef CONFIG_PROC_FS
-       if (!proc_create("nfnetlink_log", 0440,
-                        net->nf.proc_netfilter, &nful_file_ops))
+       proc = proc_create("nfnetlink_log", 0440,
+                          net->nf.proc_netfilter, &nful_file_ops);
+       if (!proc)
                return -ENOMEM;
+
+       root_uid = make_kuid(net->user_ns, 0);
+       root_gid = make_kgid(net->user_ns, 0);
+       if (uid_valid(root_uid) && gid_valid(root_gid))
+               proc_set_user(proc, root_uid, root_gid);
 #endif
        return 0;
 }