[NET] sysctl: make the sys.net.core sysctls per-namespace Making them per-namespace is required for the following two reasons: First, some ctl values have a per-namespace meaning. Second, making them writable from the sub-namespace is an isolation hole. So I introduce the pernet operations to create these tables. For init_net I use the existing statically declared tables, for sub-namespace they are duplicated and the write bits are removed from the mode. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 024626e36d75fc8c6e32d50d4c68bfc3b8df5fdf [log] [tgz]
author: Pavel Emelyanov <xemul@openvz.org> Sat Dec 08 00:09:24 2007 -0800
committer: David S. Miller <davem@davemloft.net> Mon Jan 28 14:56:56 2008 -0800
tree: ada6c8c215a5c4fa57e9e34f3b139609b95b2c5f
parent: cbbb90e68cd073b8d63b491166066e347902b7e9 [diff] [blame]
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index f97b2a4..d593611 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h

@@ -37,6 +37,9 @@
 
 	struct sock 		*rtnl;			/* rtnetlink socket */
 
+	/* core sysctls */
+	struct ctl_table_header	*sysctl_core_hdr;
+
 	/* List of all packet sockets. */
 	rwlock_t		packet_sklist_lock;
 	struct hlist_head	packet_sklist;
commit	024626e36d75fc8c6e32d50d4c68bfc3b8df5fdf	[log] [tgz]
author	Pavel Emelyanov <xemul@openvz.org>	Sat Dec 08 00:09:24 2007 -0800
committer	David S. Miller <davem@davemloft.net>	Mon Jan 28 14:56:56 2008 -0800
tree	ada6c8c215a5c4fa57e9e34f3b139609b95b2c5f
parent	cbbb90e68cd073b8d63b491166066e347902b7e9 [diff] [blame]