commit dfc47ef8639facd77210e74be831943c2fdd9c74
author Eric W. Biederman <ebiederm@xmission.com> Fri Nov 16 03:03:00 2012 +0000
committer David S. Miller <davem@davemloft.net> Sun Nov 18 20:32:44 2012 -0500
tree 5c7e9f93a999bf1d38b216af346ce2159e5f18ec
parent 464dc801c76aa0db88e16e8f5f47c6879858b9b2

net: Push capable(CAP_NET_ADMIN) into the rtnl methods

- In rtnetlink_rcv_msg convert the capable(CAP_NET_ADMIN) check
  to ns_capable(net->user-ns, CAP_NET_ADMIN).  Allowing unprivileged
  users to make netlink calls to modify their local network
  namespace.

- In the rtnetlink doit methods add capable(CAP_NET_ADMIN) so
  that calls that are not safe for unprivileged users are still
  protected.

Later patches will remove the extra capable calls from methods
that are safe for unprivilged users.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv6/addrconf.c

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index b24b4de..e21bdb9 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -3514,6 +3514,9 @@
 	struct in6_addr *pfx;
 	int err;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy);
 	if (err < 0)
 		return err;
@@ -3584,6 +3587,9 @@
 	u8 ifa_flags;
 	int err;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy);
 	if (err < 0)
 		return err;

net/ipv6/addrlabel.c

diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c
index ff76eec..b106f80 100644
--- a/net/ipv6/addrlabel.c
+++ b/net/ipv6/addrlabel.c
@@ -425,6 +425,9 @@
 	u32 label;
 	int err = 0;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy);
 	if (err < 0)
 		return err;

net/ipv6/route.c

diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 021a48e..c6215e2 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -2446,6 +2446,9 @@
 	struct fib6_config cfg;
 	int err;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	err = rtm_to_fib6_config(skb, nlh, &cfg);
 	if (err < 0)
 		return err;
@@ -2461,6 +2464,9 @@
 	struct fib6_config cfg;
 	int err;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	err = rtm_to_fib6_config(skb, nlh, &cfg);
 	if (err < 0)
 		return err;