From f893cef8f91f770109e3c6d9bff1b11742a37ad2 Mon Sep 17 00:00:00 2001
From: Daniel Lezcano <dlezcano@fr.ibm.com>
Date: Thu, 10 Jan 2008 02:57:43 -0800
Subject: [PATCH] --- yaml --- r: 78729 b: refs/heads/master c:
 7c76509d0da99f29289b9b7ab134791e45d49b15 h: refs/heads/master i:   78727:
 9f3bad6f18da63012728c3d1d86bea7ceb2420b3 v: v3

---
 [refs]                           | 2 +-
 trunk/net/ipv6/sysctl_net_ipv6.c | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index 02ed54bc9085..c9beb78101fd 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: e71e0349eb32bc438fa80d8990c6f3592967d111
+refs/heads/master: 7c76509d0da99f29289b9b7ab134791e45d49b15
diff --git a/trunk/net/ipv6/sysctl_net_ipv6.c b/trunk/net/ipv6/sysctl_net_ipv6.c
index ae3cfd1b8e0e..d223159638d3 100644
--- a/trunk/net/ipv6/sysctl_net_ipv6.c
+++ b/trunk/net/ipv6/sysctl_net_ipv6.c
@@ -122,6 +122,12 @@ static int ipv6_sysctl_net_init(struct net *net)
 	ipv6_table[5].data = &net->ipv6.sysctl.frags.timeout;
 	ipv6_table[6].data = &net->ipv6.sysctl.frags.secret_interval;
 
+	/* We don't want this value to be per namespace, it should be global
+	   to all namespaces, so make it read-only when we are not in the
+	   init network namespace */
+	if (net != &init_net)
+		ipv6_table[7].mode = 0444;
+
 	net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path,
 							   ipv6_table);
 	if (!net->ipv6.sysctl.table)