[Devel] [PATCH] ve/bridge: br_dev_init: check if "bridge" feature is enabled

[Evgenii Shatokhin]

https://jira.sw.ru/browse/PSBM-50009

Currently, the feature is checked in br_ioctl_deviceless_stub() which is
called when "brctl addbr" runs. However, "ip link add br1 type bridge"
goes a different path and still succeeds even if the feature is disabled
for a CT:
	rtnl_newlink
	  rtnl_create_link
	    br_dev_setup
          register_netdevice
	    br_dev_init
	    ...

Let us check the "bridge" feature in br_dev_init() instead, to cover both
cases.

Signed-off-by: Evgenii Shatokhin <eshatokhin at virtuozzo.com>
---
 net/bridge/br_device.c | 4 ++++
 net/bridge/br_ioctl.c  | 3 ---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
index 5e3347b..db206a3 100644
--- a/net/bridge/br_device.c
+++ b/net/bridge/br_device.c
@@ -88,8 +88,12 @@ out:
 static int br_dev_init(struct net_device *dev)
 {
 	struct net_bridge *br = netdev_priv(dev);
+	struct net *net = dev_net(dev);
 	int err;
 
+	if (!(net->owner_ve->features & VE_FEATURE_BRIDGE))
+		return -EACCES;
+
 	br->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
 	if (!br->stats)
 		return -ENOMEM;
diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c
index 98447b8..cd8c3a4 100644
--- a/net/bridge/br_ioctl.c
+++ b/net/bridge/br_ioctl.c
@@ -351,9 +351,6 @@ static int old_deviceless(struct net *net, void __user *uarg)
 
 int br_ioctl_deviceless_stub(struct net *net, unsigned int cmd, void __user *uarg)
 {
-	if (!(net->owner_ve->features & VE_FEATURE_BRIDGE))
-		return -ENOTTY;
-
 	switch (cmd) {
 	case SIOCGIFBR:
 	case SIOCSIFBR:
-- 
2.7.3