patch-k-chvrf

1. diff --git a/include/linux/sched.h b/include/linux/sched.h
2. index 52c4847..b0f3bc3 100644
3. --- a/include/linux/sched.h
4. +++ b/include/linux/sched.h
5. @@ -1586,6 +1586,8 @@ struct task_struct {
6.         struct files_struct *files;
7.  /* namespaces */
8.         struct nsproxy *nsproxy;
9. +/* network */
10. +    int sk_bind_dev_if;
11.  /* signal handlers */
12.         struct signal_struct *signal;
13.         struct sighand_struct *sighand;
14. diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
15. index a8d0759..f681672 100644
16. --- a/include/uapi/linux/prctl.h
17. +++ b/include/uapi/linux/prctl.h
18. @@ -197,4 +197,8 @@ struct prctl_mm_map {
19.  # define PR_CAP_AMBIENT_LOWER          3
20.  # define PR_CAP_AMBIENT_CLEAR_ALL      4
21.  
22. +/* get/set network interface sockets are bound to by default */
23. +#define PR_SET_SK_BIND_DEV_IF   48
24. +#define PR_GET_SK_BIND_DEV_IF   49
25. +
26.  #endif /* _LINUX_PRCTL_H */
27. diff --git a/kernel/fork.c b/kernel/fork.c
28. index d277e83..9171aa4 100644
29. --- a/kernel/fork.c
30. +++ b/kernel/fork.c
31. @@ -390,6 +390,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
32.         tsk->splice_pipe = NULL;
33.         tsk->task_frag.page = NULL;
34.         tsk->wake_q.next = NULL;
35. +    tsk->sk_bind_dev_if = orig->sk_bind_dev_if;
36.  
37.         account_kernel_stack(ti, 1);
38.  
39. diff --git a/kernel/sys.c b/kernel/sys.c
40. index cf8ba54..6a28ead 100644
41. --- a/kernel/sys.c
42. +++ b/kernel/sys.c
43. @@ -52,6 +52,7 @@
44.  #include <linux/rcupdate.h>
45.  #include <linux/uidgid.h>
46.  #include <linux/cred.h>
47. +#include <linux/netdevice.h>
48.  
49.  #include <linux/kmsg_dump.h>
50.  /* Move somewhere else to avoid recompiling? */
51. @@ -2269,6 +2270,40 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
52.         case PR_GET_FP_MODE:
53.                 error = GET_FP_MODE(me);
54.                 break;
55. +#ifdef CONFIG_NET
56. +   case PR_SET_SK_BIND_DEV_IF:
57. +   {
58. +       struct net_device *dev;
59. +       int idx = (int) arg2;
60. +
61. +       if (!capable(CAP_NET_ADMIN))
62. +           return -EPERM;
63. +
64. +       if (idx) {
65. +           dev = dev_get_by_index(me->nsproxy->net_ns, idx);
66. +           if (!dev)
67. +               return -EINVAL;
68. +           dev_put(dev);
69. +       }
70. +       me->sk_bind_dev_if = idx;
71. +       break;
72. +   }
73. +   case PR_GET_SK_BIND_DEV_IF:
74. +   {
75. +       struct task_struct *tsk;
76. +       int sk_bind_dev_if = -EINVAL;
77. +
78. +       rcu_read_lock();
79. +       tsk = find_task_by_vpid(arg2);
80. +       if (tsk)
81. +           sk_bind_dev_if = tsk->sk_bind_dev_if;
82. +       rcu_read_unlock();
83. +       if (tsk != me && !capable(CAP_NET_ADMIN))
84. +           return -EPERM;
85. +       error = sk_bind_dev_if;
86. +       break;
87. +   }
88. +#endif
89.         default:
90.                 error = -EINVAL;
91.                 break;
92. diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
93. index 9e48199..68c86e2 100644
94. --- a/net/ipv4/af_inet.c
95. +++ b/net/ipv4/af_inet.c
96. @@ -351,6 +351,7 @@ lookup_protocol:
97.         sk->sk_destruct    = inet_sock_destruct;
98.         sk->sk_protocol    = protocol;
99.         sk->sk_backlog_rcv = sk->sk_prot->backlog_rcv;
100. +    sk->sk_bound_dev_if = current->sk_bind_dev_if;
101.  
102.         inet->uc_ttl    = -1;
103.         inet->mc_loop   = 1;
104. diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
105. index b11c37c..b895ad0 100644
106. --- a/net/ipv6/af_inet6.c
107. +++ b/net/ipv6/af_inet6.c
108. @@ -192,6 +192,7 @@ lookup_protocol:
109.         sk->sk_destruct         = inet_sock_destruct;
110.         sk->sk_family           = PF_INET6;
111.         sk->sk_protocol         = protocol;
112. +    sk->sk_bound_dev_if = current->sk_bind_dev_if;
113.  
114.         sk->sk_backlog_rcv      = answer->prot->backlog_rcv;
115.  
116. (END)