mirror of
https://github.com/torvalds/linux.git
synced 2024-11-22 20:22:09 +00:00
4a92602aa1
Operations with the GENL_ADMIN_PERM flag fail permissions checks because
this flag means we call netlink_capable, which uses the init user ns.
Instead, let's introduce a new flag, GENL_UNS_ADMIN_PERM for operations
which should be allowed inside a user namespace.
The motivation for this is to be able to run openvswitch in unprivileged
containers. I've tested this and it seems to work, but I really have no
idea about the security consequences of this patch, so thoughts would be
much appreciated.
v2: use the GENL_UNS_ADMIN_PERM flag instead of a check in each function
v3: use separate ifs for UNS_ADMIN_PERM and ADMIN_PERM, instead of one
massive one
Reported-by: James Page <james.page@canonical.com>
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Eric Biederman <ebiederm@xmission.com>
CC: Pravin Shelar <pshelar@ovn.org>
CC: Justin Pettit <jpettit@nicira.com>
CC: "David S. Miller" <davem@davemloft.net>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||
|---|---|---|
| .. | ||
| actions.c | ||
| conntrack.c | ||
| conntrack.h | ||
| datapath.c | ||
| datapath.h | ||
| dp_notify.c | ||
| flow_netlink.c | ||
| flow_netlink.h | ||
| flow_table.c | ||
| flow_table.h | ||
| flow.c | ||
| flow.h | ||
| Kconfig | ||
| Makefile | ||
| vport-geneve.c | ||
| vport-gre.c | ||
| vport-internal_dev.c | ||
| vport-internal_dev.h | ||
| vport-netdev.c | ||
| vport-netdev.h | ||
| vport-vxlan.c | ||
| vport.c | ||
| vport.h | ||