net: Use netlink_ns_capable to verify the permisions of netlink messages

author Eric W. Biederman <ebiederm@xmission.com>

Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Thu, 26 Jun 2014 19:15:38 +0000 (15:15 -0400)
author Eric W. Biederman <ebiederm@xmission.com>
Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 26 Jun 2014 19:15:38 +0000 (15:15 -0400)
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c

index 1512e41cd93d74a4e7ab3fde6809e64468f797a8..43665d0d0905ddddf018fe68655c1ff7685b0b9e 100644 (file)
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -466,7 +466,7 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         type -= CRYPTO_MSG_BASE;
         link = &crypto_dispatch[type];
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&
diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c

index 18c5b9b16645dfa49a218d4b12253240f97310b7..3165811e2407df9bdc8242640dab50558c37db73 100644 (file)
--- a/drivers/connector/cn_proc.c
+++ b/drivers/connector/cn_proc.c
@@ -369,7 +369,7 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
                 return;
  
         /* Can only change if privileged. */
-       if (!capable(CAP_NET_ADMIN)) {
+       if (!__netlink_ns_capable(nsp, &init_user_ns, CAP_NET_ADMIN)) {
                 err = EPERM;
                 goto out;
         }
diff --git a/drivers/scsi/scsi_netlink.c b/drivers/scsi/scsi_netlink.c

index fe30ea94ffe67ef4e5d355fdc9cdcb71eee9e0d7..109802f776ed71cea6857eda9ae6ccc3e0b41f80 100644 (file)
--- a/drivers/scsi/scsi_netlink.c
+++ b/drivers/scsi/scsi_netlink.c
@@ -77,7 +77,7 @@ scsi_nl_rcv_msg(struct sk_buff *skb)
                         goto next_msg;
                 }
  
-               if (!capable(CAP_SYS_ADMIN)) {
+               if (!netlink_capable(skb, CAP_SYS_ADMIN)) {
                         err = -EPERM;
                         goto next_msg;
                 }
diff --git a/kernel/audit.c b/kernel/audit.c

index d5f31c17813ab501d7cc75e68da926815a257a20..0c9dc860cc15cda59afe5b8c6c3bc8c14b8f0513 100644 (file)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -639,13 +639,13 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
         case AUDIT_TTY_SET:
         case AUDIT_TRIM:
         case AUDIT_MAKE_EQUIV:
-               if (!capable(CAP_AUDIT_CONTROL))
+               if (!netlink_capable(skb, CAP_AUDIT_CONTROL))
                         err = -EPERM;
                 break;
         case AUDIT_USER:
         case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG:
         case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2:
-               if (!capable(CAP_AUDIT_WRITE))
+               if (!netlink_capable(skb, CAP_AUDIT_WRITE))
                         err = -EPERM;
                 break;
         default:  /* bad msg */
diff --git a/net/can/gw.c b/net/can/gw.c

index ac31891967da1ed811247d131dffbabfd7d28d11..050a2110d43f6b78f331b599569eaaf2d8803c24 100644 (file)
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -804,7 +804,7 @@ static int cgw_create_job(struct sk_buff *skb,  struct nlmsghdr *nlh)
         u8 limhops = 0;
         int err = 0;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (nlmsg_len(nlh) < sizeof(*r))
@@ -893,7 +893,7 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh)
         u8 limhops = 0;
         int err = 0;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (nlmsg_len(nlh) < sizeof(*r))
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c

index 83b9d6ae5119e81ed6254fb72fa5ed289cfc5f98..5cb7220e2abd3385ea6ae224c82d098d55cf12f8 100644 (file)
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1428,7 +1428,8 @@ static int do_set_master(struct net_device *dev, int ifindex)
         return 0;
  }
  
-static int do_setlink(struct net_device *dev, struct ifinfomsg *ifm,
+static int do_setlink(const struct sk_buff *skb,
+                     struct net_device *dev, struct ifinfomsg *ifm,
                       struct nlattr **tb, char *ifname, int modified)
  {
         const struct net_device_ops *ops = dev->netdev_ops;
@@ -1440,7 +1441,7 @@ static int do_setlink(struct net_device *dev, struct ifinfomsg *ifm,
                         err = PTR_ERR(net);
                         goto errout;
                 }
-               if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) {
+               if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) {
                         err = -EPERM;
                         goto errout;
                 }
@@ -1694,7 +1695,7 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh)
         if (err < 0)
                 goto errout;
  
-       err = do_setlink(dev, ifm, tb, ifname, 0);
+       err = do_setlink(skb, dev, ifm, tb, ifname, 0);
  errout:
         return err;
  }
@@ -1811,7 +1812,8 @@ err:
  }
  EXPORT_SYMBOL(rtnl_create_link);
  
-static int rtnl_group_changelink(struct net *net, int group,
+static int rtnl_group_changelink(const struct sk_buff *skb,
+               struct net *net, int group,
                 struct ifinfomsg *ifm,
                 struct nlattr **tb)
  {
@@ -1820,7 +1822,7 @@ static int rtnl_group_changelink(struct net *net, int group,
  
         for_each_netdev(net, dev) {
                 if (dev->group == group) {
-                       err = do_setlink(dev, ifm, tb, NULL, 0);
+                       err = do_setlink(skb, dev, ifm, tb, NULL, 0);
                         if (err < 0)
                                 return err;
                 }
@@ -1962,12 +1964,12 @@ replay:
                                 modified = 1;
                         }
  
-                       return do_setlink(dev, ifm, tb, ifname, modified);
+                       return do_setlink(skb, dev, ifm, tb, ifname, modified);
                 }
  
                 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
                         if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
-                               return rtnl_group_changelink(net,
+                               return rtnl_group_changelink(skb, net,
                                                 nla_get_u32(tb[IFLA_GROUP]),
                                                 ifm, tb);
                         return -ENODEV;
@@ -2354,7 +2356,7 @@ static int rtnl_fdb_del(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err = -EINVAL;
         __u8 *addr;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
@@ -2806,7 +2808,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         sz_idx = type>>2;
         kind = type&3;
  
-       if (kind != 2 && !ns_capable(net->user_ns, CAP_NET_ADMIN))
+       if (kind != 2 && !netlink_net_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) {
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c

index 553644402670b3461bde7fb26705ddde8729be75..f8b98d89c28527f049b4c3132aa7f0b412cfa0ef 100644 (file)
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -1669,7 +1669,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlmsghdr *reply_nlh = NULL;
         const struct reply_func *fn;
  
-       if ((nlh->nlmsg_type == RTM_SETDCB) && !capable(CAP_NET_ADMIN))
+       if ((nlh->nlmsg_type == RTM_SETDCB) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         ret = nlmsg_parse(nlh, sizeof(*dcb), tb, DCB_ATTR_MAX,
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c

index a603823a3e279c850d1641e5f4d59be983400488..3b726f31c64c0b88efcfacd4d64df7177260ad5c 100644 (file)
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -574,7 +574,7 @@ static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct dn_ifaddr __rcu **ifap;
         int err = -EINVAL;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
@@ -618,7 +618,7 @@ static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct dn_ifaddr *ifa;
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c

index 57dc159245ecfff38e318626cf0ea1ffa9db1cae..d332aefb0846f86a11d924e3e1e7ad23e279dda2 100644 (file)
--- a/net/decnet/dn_fib.c
+++ b/net/decnet/dn_fib.c
@@ -505,7 +505,7 @@ static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlattr *attrs[RTA_MAX+1];
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
@@ -530,7 +530,7 @@ static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh)
         struct nlattr *attrs[RTA_MAX+1];
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if (!net_eq(net, &init_net))
diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c

index e83015cecfa7507d551bd19e4b4121ad0f25eeaf..e4d9560a910b0eb96ed3a4ad59d63771f865de3c 100644 (file)
--- a/net/decnet/netfilter/dn_rtmsg.c
+++ b/net/decnet/netfilter/dn_rtmsg.c
@@ -107,7 +107,7 @@ static inline void dnrmg_receive_user_skb(struct sk_buff *skb)
         if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
                 return;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 RCV_SKB_FAIL(-EPERM);
  
         /* Eventually we might send routing messages too */
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c

index 880418d3ee506c292ddf57b62977b586b2887352..bf8a108b46e20134f6ed71de5db4138c58383f0e 100644 (file)
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -367,7 +367,7 @@ static void nfnetlink_rcv(struct sk_buff *skb)
             skb->len < nlh->nlmsg_len)
                 return;
  
-       if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) {
+       if (!netlink_net_capable(skb, CAP_NET_ADMIN)) {
                 netlink_ack(skb, nlh, -EPERM);
                 return;
         }
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c

index b1dcdb932a86ee919642f47f58dd3b716995ad76..a3ba3ca0ff9281dec15c0b4d42002394583c1d8d 100644 (file)
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -561,7 +561,7 @@ static int genl_family_rcv_msg(struct genl_family *family,
                 return -EOPNOTSUPP;
  
         if ((ops->flags & GENL_ADMIN_PERM) &&
-           !capable(CAP_NET_ADMIN))
+           !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if ((nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP) {
diff --git a/net/packet/diag.c b/net/packet/diag.c

index b34d0de2409167a4564056b1d3e0505e5e681992..92f2c7107eec4f307cc50cdfedfb4ea2db0e59de 100644 (file)
--- a/net/packet/diag.c
+++ b/net/packet/diag.c
@@ -194,7 +194,7 @@ static int packet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
  
         net = sock_net(skb->sk);
         req = nlmsg_data(cb->nlh);
-       may_report_filterinfo = ns_capable(net->user_ns, CAP_NET_ADMIN);
+       may_report_filterinfo = netlink_net_capable(cb->skb, CAP_NET_ADMIN);
  
         mutex_lock(&net->packet.sklist_lock);
         sk_for_each(sk, &net->packet.sklist) {
diff --git a/net/phonet/pn_netlink.c b/net/phonet/pn_netlink.c

index dc15f430080831e74fade00799a661ab10cc6f84..b64151ade6b33a9cbacb0980d3ddbe03d8f7b4c8 100644 (file)
--- a/net/phonet/pn_netlink.c
+++ b/net/phonet/pn_netlink.c
@@ -70,10 +70,10 @@ static int addr_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err;
         u8 pnaddr;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
-       if (!capable(CAP_SYS_ADMIN))
+       if (!netlink_capable(skb, CAP_SYS_ADMIN))
                 return -EPERM;
  
         ASSERT_RTNL();
@@ -233,10 +233,10 @@ static int route_doit(struct sk_buff *skb, struct nlmsghdr *nlh)
         int err;
         u8 dst;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
-       if (!capable(CAP_SYS_ADMIN))
+       if (!netlink_capable(skb, CAP_SYS_ADMIN))
                 return -EPERM;
  
         ASSERT_RTNL();
diff --git a/net/sched/act_api.c b/net/sched/act_api.c

index 72bdc71663458e8cc131ab392b6af7673f35207d..3b2265523552c73db7c03d23b8d0afb5f67e8578 100644 (file)
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -908,7 +908,7 @@ static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n)
         u32 portid = skb ? NETLINK_CB(skb).portid : 0;
         int ret = 0, ovr = 0;
  
-       if ((n->nlmsg_type != RTM_GETACTION) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETACTION) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL);
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c

index 29a30a14c31596cc51028be8db46eb4df9756f6e..bdbdb1a7920af99c1829ae62716caddafb114fef 100644 (file)
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -134,7 +134,7 @@ static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n)
         int err;
         int tp_created = 0;
  
-       if ((n->nlmsg_type != RTM_GETTFILTER) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETTFILTER) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
  replay:
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c

index a07d55e75698cf52068ebd54fb651a45d264817a..98532cfa7823fc8a41894d9172978f058901ae7e 100644 (file)
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -1084,7 +1084,7 @@ static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n)
         struct Qdisc *p = NULL;
         int err;
  
-       if ((n->nlmsg_type != RTM_GETQDISC) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETQDISC) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
@@ -1151,7 +1151,7 @@ static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n)
         struct Qdisc *q, *p;
         int err;
  
-       if (!capable(CAP_NET_ADMIN))
+       if (!netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
  replay:
@@ -1491,7 +1491,7 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n)
         u32 qid;
         int err;
  
-       if ((n->nlmsg_type != RTM_GETTCLASS) && !capable(CAP_NET_ADMIN))
+       if ((n->nlmsg_type != RTM_GETTCLASS) && !netlink_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c

index 3aaf73de9e2d017e96b3cc1124d5c9420d827abd..ad844d3653409a6f5ad2ceac53e1b52dc48eacaa 100644 (file)
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -47,7 +47,7 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
         int hdr_space = nlmsg_total_size(GENL_HDRLEN + TIPC_GENL_HDRLEN);
         u16 cmd;
  
-       if ((req_userhdr->cmd & 0xC000) && (!capable(CAP_NET_ADMIN)))
+       if ((req_userhdr->cmd & 0xC000) && (!netlink_capable(skb, CAP_NET_ADMIN)))
                 cmd = TIPC_CMD_NOT_NET_ADMIN;
         else
                 cmd = req_userhdr->cmd;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c

index 2f7ddc3a59b42db13c1df648b188a8dc312c5f8b..b10d04fa3933592358f5438c98397f0a35941391 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -2350,7 +2350,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
         link = &xfrm_dispatch[type];
  
         /* All operations require privileges, even GET */
-       if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
+       if (!netlink_net_capable(skb, CAP_NET_ADMIN))
                 return -EPERM;
  
         if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) ||
author	Eric W. Biederman <ebiederm@xmission.com>
	Wed, 23 Apr 2014 21:29:27 +0000 (14:29 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 26 Jun 2014 19:15:38 +0000 (15:15 -0400)
crypto/crypto_user.c		patch \| blob \| history
drivers/connector/cn_proc.c		patch \| blob \| history
drivers/scsi/scsi_netlink.c		patch \| blob \| history
kernel/audit.c		patch \| blob \| history
net/can/gw.c		patch \| blob \| history
net/core/rtnetlink.c		patch \| blob \| history
net/dcb/dcbnl.c		patch \| blob \| history
net/decnet/dn_dev.c		patch \| blob \| history
net/decnet/dn_fib.c		patch \| blob \| history
net/decnet/netfilter/dn_rtmsg.c		patch \| blob \| history
net/netfilter/nfnetlink.c		patch \| blob \| history
net/netlink/genetlink.c		patch \| blob \| history
net/packet/diag.c		patch \| blob \| history
net/phonet/pn_netlink.c		patch \| blob \| history
net/sched/act_api.c		patch \| blob \| history
net/sched/cls_api.c		patch \| blob \| history
net/sched/sch_api.c		patch \| blob \| history
net/tipc/netlink.c		patch \| blob \| history
net/xfrm/xfrm_user.c		patch \| blob \| history