On 2/2/18 1:51 AM, Christian Brauner wrote:
> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> index 56af8e41abfc..d0b7ab22eff4 100644
> --- a/net/core/rtnetlink.c
> +++ b/net/core/rtnetlink.c
> @@ -1951,6 +1951,18 @@ static struct net *rtnl_link_get_net_capable(const
> struct sk_buff *skb,
> return net;
> }
>
> +/* Verify that rtnetlink requests that support network namespace ids do not
> pass
> + * additional properties that allow to identify a network namespace as they
> + * might conflict.
> + */
> +static int rtnl_ensure_unique_netns_attr(struct nlattr *tb[])
> +{
> + if (tb[IFLA_IF_NETNSID] && (tb[IFLA_NET_NS_PID] || tb[IFLA_NET_NS_FD]))
> + return -EINVAL;
The days of just returning EINVAL are over; please plumb extack arg to
this message and add a string describing the problem. There are plenty
of examples in rtnetlink.c
Also, what if those NSID's all point to the same namespace? That should
not fail right?
