linux/net/sched
Eric W. Biederman dfc47ef863 net: Push capable(CAP_NET_ADMIN) into the rtnl methods
- In rtnetlink_rcv_msg convert the capable(CAP_NET_ADMIN) check
  to ns_capable(net->user-ns, CAP_NET_ADMIN).  Allowing unprivileged
  users to make netlink calls to modify their local network
  namespace.

- In the rtnetlink doit methods add capable(CAP_NET_ADMIN) so
  that calls that are not safe for unprivileged users are still
  protected.

Later patches will remove the extra capable calls from methods
that are safe for unprivilged users.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-18 20:32:44 -05:00
..
act_api.c net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
act_csum.c ipv6: correct the ipv6 option name - Pad0 to Pad1 2012-05-17 15:49:51 -04:00
act_gact.c net_sched: gact: Fix potential panic in tcf_gact(). 2012-08-03 16:47:24 -07:00
act_ipt.c net_sched: act: Delete estimator in error path. 2012-08-06 13:30:01 -07:00
act_mirred.c act_mirred: do not drop packets when fails to mirror it 2012-08-16 14:54:44 -07:00
act_nat.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
act_pedit.c net_sched: act: Delete estimator in error path. 2012-08-06 13:30:01 -07:00
act_police.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
act_simple.c net_sched: act: Delete estimator in error path. 2012-08-06 13:30:01 -07:00
act_skbedit.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
cls_api.c net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
cls_basic.c net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
cls_cgroup.c cgroup: net_cls: Rework update socket logic 2012-10-26 03:40:51 -04:00
cls_flow.c userns: Convert cls_flow to work with user namespaces enabled 2012-08-14 21:55:28 -07:00
cls_fw.c net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
cls_route.c net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
cls_rsvp6.c
cls_rsvp.c
cls_rsvp.h net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
cls_tcindex.c net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
cls_u32.c net sched: Pass the skb into change so it can access NETLINK_CB 2012-08-14 21:55:28 -07:00
em_canid.c net: em_canid: Ematch rule to match CAN frames according to their identifiers 2012-07-04 13:07:05 +02:00
em_cmp.c net_sched: cleanups 2011-01-19 23:31:12 -08:00
em_ipset.c net: sched: add ipset ematch 2012-07-12 07:54:46 -07:00
em_meta.c net: use a per task frag allocator 2012-09-24 16:31:37 -04:00
em_nbyte.c net_sched: cleanups 2011-01-19 23:31:12 -08:00
em_text.c net_sched: cleanups 2011-01-19 23:31:12 -08:00
em_u32.c net_sched: cleanups 2011-01-19 23:31:12 -08:00
ematch.c net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
Kconfig net: sched: add ipset ematch 2012-07-12 07:54:46 -07:00
Makefile net: sched: add ipset ematch 2012-07-12 07:54:46 -07:00
sch_api.c net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
sch_atm.c sch_atm.c: get rid of poinless extern 2012-06-01 10:37:18 -04:00
sch_blackhole.c pkt_sched: Add qdisc->ops->peek() implementation. 2008-10-31 00:45:55 -07:00
sch_cbq.c pkt_sched: use ns_to_ktime() helper 2012-10-21 22:21:27 -04:00
sch_choke.c net: sched: factorize code (qdisc_drop()) 2012-05-04 11:50:05 -04:00
sch_codel.c fq_codel: should use qdisc backlog as threshold 2012-05-16 15:30:26 -04:00
sch_drr.c pkt_sched: Fix warning false positives. 2012-09-27 18:35:47 -04:00
sch_dsmark.c net: sched: factorize code (qdisc_drop()) 2012-05-04 11:50:05 -04:00
sch_fifo.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_fq_codel.c fq_codel: dont reinit flow state 2012-09-03 14:36:50 -04:00
sch_generic.c net: qdisc busylock needs lockdep annotations 2012-09-05 17:49:27 -04:00
sch_gred.c net_sched: gred: actually perform idling in WRED mode 2012-09-13 16:10:13 -04:00
sch_hfsc.c net_sched: update bstats in dequeue() 2012-05-10 23:33:01 -04:00
sch_htb.c htb: fix two bugs 2012-11-06 19:06:29 -05:00
sch_ingress.c net_sched: factorize qdisc stats handling 2011-01-10 16:07:54 -08:00
sch_mq.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
sch_mqprio.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_multiq.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_netem.c netem: refine early skb orphaning 2012-07-16 23:08:33 -07:00
sch_plug.c net_sched: sch_plug: plug_qdisc_ops is static 2012-02-13 16:04:40 -05:00
sch_prio.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_qfq.c pkt_sched: enable QFQ to support TSO/GSO 2012-11-07 15:37:04 -05:00
sch_red.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_sfb.c sch_sfb: Fix missing NULL check 2012-07-12 08:33:18 -07:00
sch_sfq.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_tbf.c pkt_sched: Stop using NLA_PUT*(). 2012-04-01 18:11:37 -04:00
sch_teql.c sch_teql: Convert over to dev_neigh_lookup_skb(). 2012-07-05 01:09:06 -07:00