summaryrefslogtreecommitdiff
path: root/include/net/netns
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-05-24 20:34:21 +0400
committerEric W. Biederman <ebiederm@xmission.com>2012-08-15 08:49:10 +0400
commit7064d16e162adf8199f0288b694e6af823ed5431 (patch)
tree02563996ee28d686b1cb9a16ba389b382aa6bb4f /include/net/netns
parenta7cb5a49bf64ba64864ae16a6be028f8b0d3cc06 (diff)
downloadlinux-7064d16e162adf8199f0288b694e6af823ed5431.tar.xz
userns: Use kgids for sysctl_ping_group_range
- Store sysctl_ping_group_range as a paire of kgid_t values instead of a pair of gid_t values. - Move the kgid conversion work from ping_init_sock into ipv4_ping_group_range - For invalid cases reset to the default disabled state. With the kgid_t conversion made part of the original value sanitation from userspace understand how the code will react becomes clearer and it becomes possible to set the sysctl ping group range from something other than the initial user namespace. Cc: Vasiliy Kulikov <segoon@openwall.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'include/net/netns')
-rw-r--r--include/net/netns/ipv4.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 1474dd65c66f..3516dc0cc615 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -5,6 +5,7 @@
#ifndef __NETNS_IPV4_H__
#define __NETNS_IPV4_H__
+#include <linux/uidgid.h>
#include <net/inet_frag.h>
struct tcpm_hash_bucket;
@@ -62,7 +63,7 @@ struct netns_ipv4 {
int sysctl_icmp_ratemask;
int sysctl_icmp_errors_use_inbound_ifaddr;
- unsigned int sysctl_ping_group_range[2];
+ kgid_t sysctl_ping_group_range[2];
long sysctl_tcp_mem[3];
atomic_t rt_genid;