net: Use netlink_ns_capable to verify the permisions of netlink messages

author Eric W. Biederman <ebiederm@xmission.com>

Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Thu, 26 Jun 2014 19:12:37 +0000 (15:12 -0400)
author Eric W. Biederman <ebiederm@xmission.com>
Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 26 Jun 2014 19:12:37 +0000 (15:12 -0400)
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c

index 1512e41cd93d74a4e7ab3fde6809e64468f797a8..43665d0d0905ddddf018fe68655c1ff7685b0b9e 100644 (file)
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -466,7 +466,7 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         type -= CRYPTO_MSG_BASE;
         link = &crypto_dispatch[type];
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&
diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c

index 18c5b9b16645dfa49a218d4b12253240f97310b7..3165811e2407df9bdc8242640dab50558c37db73 100644 (file)
--- a/drivers/connector/cn_proc.c
+++ b/drivers/connector/cn_proc.c
@@ -369,7 +369,7 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
                 return;
  
         /* Can only change if privileged. */
-       if (!capable(CAP_NET_ADMIN)) {
+       if (!__netlink_ns_capable(nsp, &init_user_ns, CAP_NET_ADMIN)) {
                 err = EPERM;
                 goto out;
         }
diff --git a/drivers/scsi/scsi_netlink.c b/drivers/scsi/scsi_netlink.c

index fe30ea94ffe67ef4e5d355fdc9cdcb71eee9e0d7..109802f776ed71cea6857eda9ae6ccc3e0b41f80 100644 (file)
--- a/drivers/scsi/scsi_netlink.c
+++ b/drivers/scsi/scsi_netlink.c
@@ -77,7 +77,7 @@ scsi_nl_rcv_msg(struct sk_buff *skb)
                         goto next_msg;
                 }
  
-               if (!capable(CAP_SYS_ADMIN)) {
+               if (!netlink_capable(skb, CAP_SYS_ADMIN)) {
                         err = -EPERM;
                         goto next_msg;
                 }
diff --git a/kernel/audit.c b/kernel/audit.c

index 6def25f1b351140fa2258bb164eb284dde01445f..a6c632757e57a3223c8daebf1219d8d94c218120 100644 (file)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -593,13 +593,13 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
         case AUDIT_TTY_SET:
         case AUDIT_TRIM:
         case AUDIT_MAKE_EQUIV:
-               if (!capable(CAP_AUDIT_CONTROL))
+               if (!netlink_capable(skb, CAP_AUDIT_CONTROL))
                         err = -EPERM;
                 break;
         case AUDIT_USER:
         case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
         case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2:
-               if (!capable(CAP_AUDIT_WRITE))
+               if (!netlink_capable(skb, CAP_AUDIT_WRITE))
                         err = -EPERM;
                 break;
         default:  /* bad msg */
diff --git a/net/can/gw.c b/net/can/gw.c

index 3ee690e8c7d32354a525ad398291b7b7c5155215..de25455b4e3e827bfae94b8a835a69c3191fe569 100644 (file)
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -784,7 +784,7 @@ static int cgw_create_job(struct sk_buff *skb,  struct nlmsghdr *nlh)
         struct cgw_job *gwj;
         int err = 0;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (nlmsg_len(nlh) < sizeof(*r))
@@ -876,7 +876,7 @@ static int cgw_remove_job(struct sk_buff *skb,  struct nlmsghdr *nlh)
         struct can_can_gw ccgw;
         int err = 0;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (nlmsg_len(nlh) < sizeof(*r))
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c

index 87ec574ffac8e82c8b482cd9cd138a0362a05c7f..054ebbf73236f5674b594ddcf4a03a331ceaf42a 100644 (file)
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1294,7 +1294,8 @@ static int do_set_master(struct net_device *dev, int ifindex)
         return 0;
  }
  
-static int do_setlink(struct net_device *dev, struct ifinfomsg *ifm,
+static int do_setlink(const struct sk_buff *skb,
+                     struct net_device *dev, struct ifinfomsg *ifm,
                       struct nlattr **tb, char *ifname, int modified)
  {
         const struct net_device_ops *ops = dev->netdev_ops;
@@ -1306,7 +1307,7 @@ static int do_setlink(struct net_device *dev, struct ifinfomsg *ifm,
                         err = PTR_ERR(net);
                         goto errout;
                 }
-               if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) {
+               if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) {
                         err = -EPERM;
                         goto errout;
                 }
@@ -1560,7 +1561,7 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh)
         if (err < 0)
                 goto errout;
  
-       err = do_setlink(dev, ifm, tb, ifname, 0);
+       err = do_setlink(skb, dev, ifm, tb, ifname, 0);
  errout:
         return err;
  }
@@ -1678,7 +1679,8 @@ err:
  }
  EXPORT_SYMBOL(rtnl_create_link);
  
-static int rtnl_group_changelink(struct net *net, int group,
+static int rtnl_group_changelink(const struct sk_buff *skb,
+               struct net *net, int group,
                 struct ifinfomsg *ifm,
                 struct nlattr **tb)
  {
@@ -1687,7 +1689,7 @@ static int rtnl_group_changelink(struct net *net, int group,
  
         for_each_netdev(net, dev) {
                 if (dev->group == group) {
-                       err = do_setlink(dev, ifm, tb, NULL, 0);
+                       err = do_setlink(skb, dev, ifm, tb, NULL, 0);
                         if (err < 0)
                                 return err;
                 }
@@ -1789,12 +1791,12 @@ replay:
                                 modified = 1;
                         }
  
-                       return do_setlink(dev, ifm, tb, ifname, modified);
+                       return do_setlink(skb, dev, ifm, tb, ifname, modified);
                 }
  
                 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
                         if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
-                               return rtnl_group_changelink(net,
+                               return rtnl_group_changelink(skb, net,
                                                 nla_get_u32(tb[IFLA_GROUP]),
                                                 ifm, tb);
                         return -ENODEV;
@@ -2179,7 +2181,7 @@ static int rtnl_fdb_del(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err = -EINVAL;
         __u8 *addr;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
@@ -2635,7 +2637,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         sz_idx = type>>2;
         kind = type&3;
  
-       if (kind != 2 && !ns_capable(net->user_ns, CAP_NET_ADMIN))
+       if (kind != 2 && !netlink_net_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) {
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c

index 40d5829ed36aaa6945c9c4c2056325b68ab64c03..1074ffb6d533993dd0332c04558192ed9d8373a8 100644 (file)
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -1670,7 +1670,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlmsghdr *reply_nlh = NULL;
         const struct reply_func *fn;
  
-       if ((nlh->nlmsg_type == RTM_SETDCB) && !capable(CAP_NET_ADMIN))
+       if ((nlh->nlmsg_type == RTM_SETDCB) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         ret = nlmsg_parse(nlh, sizeof(*dcb), tb, DCB_ATTR_MAX,
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c

index 7d9197063ebb98beee6c778b25c5e675ecedfb4b..b5e52100a89a1ab3ea24b5e697339e7db478218c 100644 (file)
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -573,7 +573,7 @@ static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct dn_ifaddr __rcu **ifap;
         int err = -EINVAL;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
@@ -617,7 +617,7 @@ static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct dn_ifaddr *ifa;
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c

index 57dc159245ecfff38e318626cf0ea1ffa9db1cae..d332aefb0846f86a11d924e3e1e7ad23e279dda2 100644 (file)
--- a/net/decnet/dn_fib.c
+++ b/net/decnet/dn_fib.c
@@ -505,7 +505,7 @@ static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlattr *attrs[RTA_MAX+1];
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
@@ -530,7 +530,7 @@ static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlattr *attrs[RTA_MAX+1];
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c

index 2a7efe388344fdd37b10487c50ba3d712eedbf8a..f3dc69a41d63446d53bb24925c9dad8bdbef5e47 100644 (file)
--- a/net/decnet/netfilter/dn_rtmsg.c
+++ b/net/decnet/netfilter/dn_rtmsg.c
@@ -107,7 +107,7 @@ static inline void dnrmg_receive_user_skb(struct sk_buff *skb)
         if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
                 return;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 RCV_SKB_FAIL(-EPERM);
  
         /* Eventually we might send routing messages too */
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c

index 572d87dc116ffa838d2f9f8838129156add7284e..0a03662bfbefbb41bc433999966196f38d7674bd 100644 (file)
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -147,7 +147,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         const struct nfnetlink_subsystem *ss;
         int type, err;
  
-       if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
+       if (!netlink_net_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         /* All the messages must at least contain nfgenmsg */
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c

index 393f17eea1a2f148a4c48a423c1611553473019c..ade434b8abd883400855d3ddddf2a76e578fe347 100644 (file)
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -592,7 +592,7 @@ static int genl_family_rcv_msg(struct genl_family *family,
                 return -EOPNOTSUPP;
  
         if ((ops->flags & GENL_ADMIN_PERM) &&
-           !capable(CAP_NET_ADMIN))
+           !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (nlh->nlmsg_flags & NLM_F_DUMP) {
diff --git a/net/packet/diag.c b/net/packet/diag.c

index 01cd1ac44ff51e11e54756aa4b175ca303c8ff72..674b0a65df6c02eb49d36869c969a1439982ab2e 100644 (file)
--- a/net/packet/diag.c
+++ b/net/packet/diag.c
@@ -193,7 +193,7 @@ static int packet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
  
         net = sock_net(skb->sk);
         req = nlmsg_data(cb->nlh);
-       may_report_filterinfo = ns_capable(net->user_ns, CAP_NET_ADMIN);
+       may_report_filterinfo = netlink_net_capable(cb->skb, CAP_NET_ADMIN);
  
         mutex_lock(&net->packet.sklist_lock);
         sk_for_each(sk, &net->packet.sklist) {
diff --git a/net/phonet/pn_netlink.c b/net/phonet/pn_netlink.c

index dc15f430080831e74fade00799a661ab10cc6f84..b64151ade6b33a9cbacb0980d3ddbe03d8f7b4c8 100644 (file)
--- a/net/phonet/pn_netlink.c
+++ b/net/phonet/pn_netlink.c
@@ -70,10 +70,10 @@ static int addr_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err;
         u8 pnaddr;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
-       if (!capable(CAP_SYS_ADMIN))
+       if (!netlink_capable(skb, CAP_SYS_ADMIN))
                 return -EPERM;
  
         ASSERT_RTNL();
@@ -233,10 +233,10 @@ static int route_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err;
         u8 dst;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
-       if (!capable(CAP_SYS_ADMIN))
+       if (!netlink_capable(skb, CAP_SYS_ADMIN))
                 return -EPERM;
  
         ASSERT_RTNL();
diff --git a/net/sched/act_api.c b/net/sched/act_api.c

index fd7072827a40139c4ffba595aaa261282641e37f..15d46b9166debf2d4b832e4c837e3981b7401606 100644 (file)
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -989,7 +989,7 @@ static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n)
         u32 portid = skb ? NETLINK_CB(skb).portid : 0;
         int ret = 0, ovr = 0;
  
-       if ((n->nlmsg_type != RTM_GETACTION) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETACTION) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL);
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c

index 8e118af9097345a500e1006bff6fa5c108435603..2ea40d1877a6cce9230b574463b12c637b8ac86e 100644 (file)
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -138,7 +138,7 @@ static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n)
         int err;
         int tp_created = 0;
  
-       if ((n->nlmsg_type != RTM_GETTFILTER) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETTFILTER) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
  replay:
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c

index 51b968d3febb477be1e4183c8a94258c97fdcd18..2d2f07945c85a3324275bfbe61f4faf6ccd242ad 100644 (file)
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -1024,7 +1024,7 @@ static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n)
         struct Qdisc *p = NULL;
         int err;
  
-       if ((n->nlmsg_type != RTM_GETQDISC) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETQDISC) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
@@ -1091,7 +1091,7 @@ static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n)
         struct Qdisc *q, *p;
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
  replay:
@@ -1431,7 +1431,7 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n)
         u32 qid;
         int err;
  
-       if ((n->nlmsg_type != RTM_GETTCLASS) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETTCLASS) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c

index 8bcd4985d0fb341f795346f06c55d1f059c4c643..1e6081fb60788f35d5413dd799e107652177ba97 100644 (file)
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -47,7 +47,7 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
         int hdr_space = nlmsg_total_size(GENL_HDRLEN + TIPC_GENL_HDRLEN);
         u16 cmd;
  
-       if ((req_userhdr->cmd & 0xC000) && (!capable(CAP_NET_ADMIN)))
+       if ((req_userhdr->cmd & 0xC000) && (!netlink_capable(skb, CAP_NET_ADMIN)))
                 cmd = TIPC_CMD_NOT_NET_ADMIN;
         else
                 cmd = req_userhdr->cmd;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c

index 3f565e495ac68cea83e1d52cf7db7e820fe777ad..7a70a5a5671aa1c592446e3794ccd5b53e59fc1c 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -2362,7 +2362,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         link = &xfrm_dispatch[type];
  
         /* All operations require privileges, even GET */
-       if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
+       if (!netlink_net_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) ||
author	Eric W. Biederman <ebiederm@xmission.com>
	Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 26 Jun 2014 19:12:37 +0000 (15:12 -0400)
crypto/crypto_user.c		patch \| blob \| blame \| history
drivers/connector/cn_proc.c		patch \| blob \| blame \| history
drivers/scsi/scsi_netlink.c		patch \| blob \| blame \| history
kernel/audit.c		patch \| blob \| blame \| history
net/can/gw.c		patch \| blob \| blame \| history
net/core/rtnetlink.c		patch \| blob \| blame \| history
net/dcb/dcbnl.c		patch \| blob \| blame \| history
net/decnet/dn_dev.c		patch \| blob \| blame \| history
net/decnet/dn_fib.c		patch \| blob \| blame \| history
net/decnet/netfilter/dn_rtmsg.c		patch \| blob \| blame \| history
net/netfilter/nfnetlink.c		patch \| blob \| blame \| history
net/netlink/genetlink.c		patch \| blob \| blame \| history
net/packet/diag.c		patch \| blob \| blame \| history
net/phonet/pn_netlink.c		patch \| blob \| blame \| history
net/sched/act_api.c		patch \| blob \| blame \| history
net/sched/cls_api.c		patch \| blob \| blame \| history
net/sched/sch_api.c		patch \| blob \| blame \| history
net/tipc/netlink.c		patch \| blob \| blame \| history
net/xfrm/xfrm_user.c		patch \| blob \| blame \| history