netfilter: nft_compat: restrict match/target protocol to u16

[platform/kernel/linux-rpi.git] / net / core / drop_monitor.c

diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c
index aff31cd..b240d9a 100644 (file)
--- a/net/core/drop_monitor.c
+++ b/net/core/drop_monitor.c
@@ -183,7 +183,7 @@ out:
 }
 
 static const struct genl_multicast_group dropmon_mcgrps[] = {
-       { .name = "events", },
+       { .name = "events", .cap_sys_admin = 1 },
 };
 
 static void send_dm_alert(struct work_struct *work)
@@ -1619,11 +1619,13 @@ static const struct genl_small_ops dropmon_ops[] = {
                .cmd = NET_DM_CMD_START,
                .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
                .doit = net_dm_cmd_trace,
+               .flags = GENL_ADMIN_PERM,
        },
        {
                .cmd = NET_DM_CMD_STOP,
                .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
                .doit = net_dm_cmd_trace,
+               .flags = GENL_ADMIN_PERM,
        },
        {
                .cmd = NET_DM_CMD_CONFIG_GET,