lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140509120702.62c609a3@canb.auug.org.au>
Date:	Fri, 9 May 2014 12:07:02 +1000
From:	Stephen Rothwell <sfr@...b.auug.org.au>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	David Miller <davem@...emloft.net>,
	"Matthias-Christian Ott" <ott@...ix.org>
Subject: linux-next: manual merge of the crypto tree with Linus' tree

Hi Herbert,

Today's linux-next merge of the crypto tree got a conflict in
crypto/crypto_user.c between commit 90f62cf30a78 ("net: Use
netlink_ns_capable to verify the permisions of netlink messages") from
Linus' tree and commit c568398aa05f ("crypto: user - Allow
CRYPTO_MSG_GETALG without CAP_NET_ADMIN") from the crypto tree.

I fixed it up (I hope - see below) and can carry the fix as necessary
(no action is required).

-- 
Cheers,
Stephen Rothwell                    sfr@...b.auug.org.au

diff --cc crypto/crypto_user.c
index 43665d0d0905,aa906b8fdd17..000000000000
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@@ -265,6 -265,9 +265,9 @@@ static int crypto_update_alg(struct sk_
  	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
  	LIST_HEAD(list);
  
 -	if (!capable(CAP_NET_ADMIN))
++	if (!netlink_capable(skb, CAP_NET_ADMIN))
+ 		return -EPERM;
+ 
  	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
  		return -EINVAL;
  
@@@ -295,6 -298,9 +298,9 @@@ static int crypto_del_alg(struct sk_buf
  	struct crypto_alg *alg;
  	struct crypto_user_alg *p = nlmsg_data(nlh);
  
 -	if (!capable(CAP_NET_ADMIN))
++	if (!netlink_capable(skb, CAP_NET_ADMIN))
+ 		return -EPERM;
+ 
  	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
  		return -EINVAL;
  
@@@ -379,6 -385,9 +385,9 @@@ static int crypto_add_alg(struct sk_buf
  	struct crypto_user_alg *p = nlmsg_data(nlh);
  	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
  
 -	if (!capable(CAP_NET_ADMIN))
++	if (!netlink_capable(skb, CAP_NET_ADMIN))
+ 		return -EPERM;
+ 
  	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
  		return -EINVAL;
  

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ