lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Mon, 5 May 2014 12:10:59 +1000
From:	Stephen Rothwell <sfr@...b.auug.org.au>
To:	David Miller <davem@...emloft.net>, <netdev@...r.kernel.org>
Cc:	linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	"Stéphane Graber" 
	<stgraber@...ntu.com>
Subject: linux-next: manual merge of the net-next tree with the net tree

Hi all,

Today's linux-next merge of the net-next tree got conflicts in
net/sched/sch_api.c and net/sched/cls_api.c between commit 90f62cf30a78
("net: Use netlink_ns_capable to verify the permisions of netlink
messages") from the net tree and commit 4e8bbb819d15 ("net: Allow tc
changes in user namespaces") from the net-next tree.

I fixed it up (hopefully, see below) and can carry the fix as necessary
(no action is required).

-- 
Cheers,
Stephen Rothwell <sfr@...b.auug.org.au>

diff --cc net/sched/cls_api.c
index bdbdb1a7920a,1a4a20267787..000000000000
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@@ -134,7 -134,8 +134,8 @@@ static int tc_ctl_tfilter(struct sk_buf
  	int err;
  	int tp_created = 0;
  
- 	if ((n->nlmsg_type != RTM_GETTFILTER) && !netlink_capable(skb, CAP_NET_ADMIN))
+ 	if ((n->nlmsg_type != RTM_GETTFILTER) &&
 -	    !ns_capable(net->user_ns, CAP_NET_ADMIN))
++	    !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
  		return -EPERM;
  
  replay:
diff --cc net/sched/sch_api.c
index 400769014bbd,86f8edfd6b8a..000000000000
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@@ -1084,7 -1084,8 +1084,8 @@@ static int tc_get_qdisc(struct sk_buff 
  	struct Qdisc *p = NULL;
  	int err;
  
- 	if ((n->nlmsg_type != RTM_GETQDISC) && !netlink_capable(skb, CAP_NET_ADMIN))
+ 	if ((n->nlmsg_type != RTM_GETQDISC) &&
 -	    !ns_capable(net->user_ns, CAP_NET_ADMIN))
++	    !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
  		return -EPERM;
  
  	err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
@@@ -1151,7 -1152,7 +1152,7 @@@ static int tc_modify_qdisc(struct sk_bu
  	struct Qdisc *q, *p;
  	int err;
  
- 	if (!netlink_capable(skb, CAP_NET_ADMIN))
 -	if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
++	if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
  		return -EPERM;
  
  replay:
@@@ -1490,7 -1491,8 +1491,8 @@@ static int tc_ctl_tclass(struct sk_buf
  	u32 qid;
  	int err;
  
- 	if ((n->nlmsg_type != RTM_GETTCLASS) && !netlink_capable(skb, CAP_NET_ADMIN))
+ 	if ((n->nlmsg_type != RTM_GETTCLASS) &&
 -	    !ns_capable(net->user_ns, CAP_NET_ADMIN))
++	    !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
  		return -EPERM;
  
  	err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists