Christian Brauner <> writes:

>> At a practical level there should be no receivers.  Plus performance
>> issues.  At least my memory is that any unprivileged user on the system
>> is allowed to listen to those events.
> Any unprivileged user is allowed to listen to uevents if they have
> net_broadcast in the user namespace the uevent socket was opened in;
> unless I'm misreading.

I believe you are.

This code in do_one_broadcast.

        if (!net_eq(sock_net(sk), p->net)) {
                if (!(nlk->flags & NETLINK_F_LISTEN_ALL_NSID))

                if (!peernet_has_id(sock_net(sk), p->net))

                if (!file_ns_capable(sk->sk_socket->file, p->net->user_ns,

Used to just be:
        if (!net_eq(sock_net(sk), p->net))

Which makes sense when you have a shared hash table and a shared mc_list
between network namespaces.

There is a non-container use of network namespaces where you just need
different contexts were ip addresses can overlap etc.  In that
configuration where a single program is mananging multiple network
namespaces being able to listen to rtnetlink events in all of them is an

For that case a special socket option NETLINK_F_LISTEN_ALL_NSID was
added that allowed one socket to listen for events from multiple network

If we rework the code in af_netlink.c that matters.  However for just
understanding uevents you can assume there are no sockets with


Reply via email to