projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6cc03e8)
ax25: enforce CAP_NET_RAW for raw sockets
authorOri Nimron <orinimron123@gmail.com>
Fri, 20 Sep 2019 07:35:47 +0000 (09:35 +0200)
committerDavid S. Miller <davem@davemloft.net>
Tue, 24 Sep 2019 14:37:18 +0000 (16:37 +0200)
When creating a raw AF_AX25 socket, CAP_NET_RAW needs to be checked
first.

Signed-off-by: Ori Nimron <orinimron123@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ax25/af_ax25.c patch | blob | history

diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c
index ca52077..bb222b8 100644 (file)
--- a/net/ax25/af_ax25.c
+++ b/net/ax25/af_ax25.c
@@ -855,6 +855,8 @@ static int ax25_create(struct net *net, struct socket *sock, int protocol,
                break;
 
        case SOCK_RAW:
+               if (!capable(CAP_NET_RAW))
+                       return -EPERM;
                break;
        default:
                return -ESOCKTNOSUPPORT;
Domain: System / Kernel;