econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849

[firefly-linux-kernel-4.4.55.git] / net / phonet / pn_dev.c

diff --git a/net/phonet/pn_dev.c b/net/phonet/pn_dev.c
index 5f42f30dd1682bdc2427e7b387390fe231ab305e..5a2275c4ee79d8ad6b4432916af37e73982c92ea 100644 (file)
--- a/net/phonet/pn_dev.c
+++ b/net/phonet/pn_dev.c
@@ -246,7 +246,11 @@ static struct notifier_block phonet_device_notifier = {
 /* Per-namespace Phonet devices handling */
 static int phonet_init_net(struct net *net)
 {
-       struct phonet_net *pnn = kmalloc(sizeof(*pnn), GFP_KERNEL);
+       struct phonet_net *pnn;
+
+       if (!net_eq(net, &init_net))
+               return 0;
+       pnn = kmalloc(sizeof(*pnn), GFP_KERNEL);
        if (!pnn)
                return -ENOMEM;
 
@@ -263,9 +267,13 @@ static int phonet_init_net(struct net *net)
 
 static void phonet_exit_net(struct net *net)
 {
-       struct phonet_net *pnn = net_generic(net, phonet_net_id);
+       struct phonet_net *pnn;
        struct net_device *dev;
 
+       if (!net_eq(net, &init_net))
+               return;
+       pnn = net_generic(net, phonet_net_id);
+
        rtnl_lock();
        for_each_netdev(net, dev)
                phonet_device_destroy(dev);