[ Sasha's backport helper bot ]
Hi,
The upstream commit SHA1 provided is correct: d1cacd74776895f6435941f86a1130e58f6dd226
Status in newer kernel trees:
6.12.y | Not found
Note: The patch differs from the upstream commit:
---
1: d1cacd747768 ! 1: 0686eb4ff47a netdev: prevent accessing NAPI instances from another namespace
@@ Metadata
## Commit message ##
netdev: prevent accessing NAPI instances from another namespace
+ [ Upstream commit d1cacd74776895f6435941f86a1130e58f6dd226 ]
+
The NAPI IDs were not fully exposed to user space prior to the netlink
API, so they were never namespaced. The netlink API must ensure that
at the very least NAPI instance belongs to the same netns as the owner
@@ net/core/netdev-genl.c: int netdev_nl_napi_get_doit(struct sk_buff *skb, struct
if (napi) {
err = netdev_nl_napi_fill_one(rsp, napi, info);
} else {
-@@ net/core/netdev-genl.c: int netdev_nl_napi_set_doit(struct sk_buff *skb, struct genl_info *info)
- rtnl_lock();
- rcu_read_lock();
-
-- napi = napi_by_id(napi_id);
-+ napi = netdev_napi_by_id(genl_info_net(info), napi_id);
- if (napi) {
- err = netdev_nl_napi_set_config(napi, info);
- } else {
---
Results of testing on various branches:
| Branch | Patch Apply | Build Test |
|---------------------------|-------------|------------|
| stable/linux-6.12.y | Success | Success |
