bridge: make sure objects belong to container's owner When creating various bridge objects in /sys/class/net/... make sure that they belong to the container's owner instead of global root (if they belong to a container/namespace). Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 705e0dea4d52ef420a7d37fd9cc6725092e5e1ff [log] [tgz]
author: Tyler Hicks <tyhicks@canonical.com> Fri Jul 20 21:56:54 2018 +0000
committer: David S. Miller <davem@davemloft.net> Fri Jul 20 23:44:36 2018 -0700
tree: ecb58544a2cc3dec04f902788b427ee63fef2bd1
parent: fbdeaed408cf2728c62640c10848ddb1b67e63d3 [diff] [blame]
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index 05e42d8..e7c8d55 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c

@@ -26,6 +26,7 @@
 #include <net/sock.h>
 #include <linux/if_vlan.h>
 #include <net/switchdev.h>
+#include <net/net_namespace.h>
 
 #include "br_private.h"
 
@@ -204,11 +205,19 @@ static void release_nbp(struct kobject *kobj)
 	kfree(p);
 }
 
+static void brport_get_ownership(struct kobject *kobj, kuid_t *uid, kgid_t *gid)
+{
+	struct net_bridge_port *p = kobj_to_brport(kobj);
+
+	net_ns_get_ownership(dev_net(p->dev), uid, gid);
+}
+
 static struct kobj_type brport_ktype = {
 #ifdef CONFIG_SYSFS
 	.sysfs_ops = &brport_sysfs_ops,
 #endif
 	.release = release_nbp,
+	.get_ownership = brport_get_ownership,
 };
 
 static void destroy_nbp(struct net_bridge_port *p)
commit	705e0dea4d52ef420a7d37fd9cc6725092e5e1ff	[log] [tgz]
author	Tyler Hicks <tyhicks@canonical.com>	Fri Jul 20 21:56:54 2018 +0000
committer	David S. Miller <davem@davemloft.net>	Fri Jul 20 23:44:36 2018 -0700
tree	ecb58544a2cc3dec04f902788b427ee63fef2bd1
parent	fbdeaed408cf2728c62640c10848ddb1b67e63d3 [diff] [blame]