If the user calling sendmsg has the appropriate privieleges
in their user namespace allow them to set the uid, gid, and
pid in the SCM_CREDENTIALS control message to any valid value.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Get rid of duplicate code in net_ctl_permissions and fix the comment.
Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
- Allow anyone with CAP_NET_ADMIN rights in the user namespace of the
the netowrk namespace to change sysctls.
- Allow anyone the uid of the user namespace root the same
permissions over the network namespace sysctls as the global root.
- Allow anyone with gid of the user namespace root group the same
permissions over the network namespace sysctl as the global root group.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
- In rtnetlink_rcv_msg convert the capable(CAP_NET_ADMIN) check
to ns_capable(net->user-ns, CAP_NET_ADMIN). Allowing unprivileged
users to make netlink calls to modify their local network
namespace.
- In the rtnetlink doit methods add capable(CAP_NET_ADMIN) so
that calls that are not safe for unprivileged users are still
protected.
Later patches will remove the extra capable calls from methods
that are safe for unprivilged users.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
In preparation for supporting the creation of network namespaces
by unprivileged users, modify all of the per net sysctl exports
and refuse to allow them to unprivileged users.
This makes it safe for unprivileged users in general to access
per net sysctls, and allows sysctls to be exported to unprivileged
users on an individual basis as they are deemed safe.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
- Current is implicitly avaiable so passing current->nsproxy isn't useful.
- The ctl_table_header is needed to find how the sysctl table is connected
to the rest of sysctl.
- ctl_table_root is avaiable in the ctl_table_header so no need to it.
With these changes it becomes possible to write a version of
net_sysctl_permission that takes into account the network namespace of
the sysctl table, an important feature in extending the user namespace.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The user namespace which creates a new network namespace owns that
namespace and all resources created in it. This way we can target
capability checks for privileged operations against network resources to
the user_ns which created the network namespace in which the resource
lives. Privilege to the user namespace which owns the network
namespace, or any parent user namespace thereof, provides the same
privilege to the network resource.
This patch is reworked from a version originally by
Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The copy of copy_net_ns used when the network stack is not
built is broken as it does not return -EINVAL when attempting
to create a new network namespace. We don't even have
a previous network namespace.
Since we need a copy of copy_net_ns in net/net_namespace.h that is
available when the networking stack is not built at all move the
correct version of copy_net_ns from net_namespace.c into net_namespace.h
Leaving us with just 2 versions of copy_net_ns. One version for when
we compile in network namespace suport and another stub for all other
occasions.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch adds nodes for pin controllers available on
EXYNOS4X12 SoCs supported by pinctrl-samsung driver.
Signed-off-by: Tomasz Figa <t.figa@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Acked-by: Thomas Abraham <thomas.abraham@linaro.org>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
This patch adds a callback for the HCI_LE_Set_Advertise_Enable command.
The callback is responsible for updating the HCI_LE_PERIPHERAL flag
updating as well as updating the advertising data flags field to
indicate undirected connectable advertising.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
This patch adds support for setting basing LE advertising data. The
three elements supported for now are the advertising flags, the TX power
and the friendly name.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
The core specification defines 127 as the "not available" value (well,
"reserved" for BR/EDR and "not available" for LE - but essentially the
same). Therefore, instead of testing for 0 (which is in fact a valid
value) we should be using this invalid value to test if the tx_power is
available.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
This patch extends the driver with any necessary SoC-specific
definitions to support EXYNOS4X12 SoCs.
Signed-off-by: Tomasz Figa <t.figa@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Acked-by: Thomas Abraham <thomas.abraham@linaro.org>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
To facilitate upcoming cleanup in twl stack. No functional changes.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
No functional changes. Just a cleanup.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
Acked-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
This is just a small cleanup, makes a logic a little bit more simplier.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
Acked-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
We should not not report nominal available capacity if battery is not
calibrated, as we don't want to represent bogus values in the sysfs and
confuse userland.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
I hate doing these style fixups myself, but I also hate inconsitent code.
Normally I just ask to resubmit the patch with the issues fixed, but N900
is special: I have a selfish interest in it. :)
Signed-off-by: Anton Vorontsov <cbouatmailru@gmail.com>
Based on AT91 PIT DT patch from Jean-Christophe PLAGNIOL-VILLARD.
Signed-off-by: Joachim Eastwood <manabian@gmail.com>
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
We need CONFIG_SOC_AT91SAM9 to get the at91sam926x_timer
symbol used in board-dt.
Signed-off-by: Joachim Eastwood <manabian@gmail.com>
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
The bq2415x charger driver is needed for example on Nokia N900 for
charging battery. Driver is part of open source project to replace
proprietary battery management.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
Leftover of 57d6d456cf ("sis900: stop
using net_device.{base_addr, irq} and convert to __iomem.").
It is needed for suspend / resume to work.
Signed-off-by: Francois Romieu <romieu@fr.zoreil.com>
Tested-by: Jan Janssen <medhefgo@web.de>
Cc: Daniele Venzano <venza@brownhat.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This driver exporting battery design capacity, temperature and voltage for
battery in Nokia RX-51. This driver is needed for open source battery
management on Nokia RX-51 (N900).
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
The second error check is unreachable because the lock function isn't
assigned to ret.
Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
memcmp->nv_strncmp conversion, in addition to name change, should have
inverted the return value.
But nv_strncmp does not act like strncmp - it does not check for string
terminator, returns true/false instead of -1/0/1 and has different
parameters order.
Let's rename it to nv_memcmp and let it act like memcmp.
Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Fixes a null pointer dereference when reclocking on my fermi.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Some archs defconfigs have CONFIG_FRAME_WARN set to 1024, which lead to this
warning:
drivers/gpu/drm/nouveau/core/engine/graph/ctxnv40.c: warning: the frame size
of 1184 bytes is larger than 1024 bytes
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
We need to check for negative values before doing the swab16() for the
error handling to work.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org>
More thorough testing revealed a typo in last koneplus cleanups.
Signed-off-by: Stefan Achatz <erazor_de@users.sourceforge.net>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
If the FAN_Q_OVERFLOW bit set in event->mask, the fanotify event
metadata will not contain a valid file descriptor, but
copy_event_to_user() didn't check for that, and unconditionally does a
fd_install() on the file descriptor.
Which in turn will cause a BUG_ON() in __fd_install().
Introduced by commit 352e3b2492 ("fanotify: sanitize failure exits in
copy_event_to_user()")
Mea culpa - missed that path ;-/
Reported-by: Alex Shi <lkml.alex@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull misc VFS fixes from Al Viro:
"Remove a bogus BUG_ON() that can trigger spuriously + alpha bits of
do_mount() constification I'd missed during the merge window."
This pull request came in a week ago, I missed it for some reason.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
kill bogus BUG_ON() in do_close_on_exec()
missing const in alpha callers of do_mount()
Pull m68k fix from Geert Uytterhoeven:
"This is a bug fix for asm constraints that affect sending RT signals,
also destined for -stable."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
m68k: fix sigset_t accessor functions
- Disable blinking on the Orion GPIO driver
- Two Kconfig-style fixes to avoid broken builds
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJQqAG0AAoJEEEQszewGV1zOioP/iDD6lmV9SLbRXuFtIwzuXiZ
c+2OHvfrprHxEc4DiLajxA9vFhqyh3HjNj1f9U0c17P9G4c6TCkFRxWtUEdfI0Ls
z/0oFWQBG3E0wK9xAKup9ochz4h8I99HDCbjw8rrgaVlYDsrnd5mERzlzgV9OzB8
4GGw9JD8USwo2qZ0ThISxzsI9PDz+FFgKYumRBOhwAfSVbHkVIxLqkMYge8vI7kf
ck/MVrpS6sBRPX9uyzbDaoPxodQb4cYVqmUY9v2GmmK+FY3OQUisK0d0k5h2pWQP
j7TWRwMgaeYXgsv1wG53/Ay6B48k1Wv1N4vwwJ/4skBZEWi7TwcuGQydWeUo96hb
nDQWc0AuEXZ1HIewRxqHeTaxJHi/OBB6W5hxzc+TuOTw3Xi491DWmiuf4h6WvpRS
s0wwMJ8xN8sekRgmhE321FmyGoviSoqIaT2VAXXOGWf+NSaKuBcq22adydgLYoFM
j9h66aEoPESvtNlOifHs6cfwsq9jBEaQu7fG1JQITU3MjpjWgCFQB2JvdVIwqDuR
yJNprr6/RNRIEFXZEtZQgYXb1G515RUCzjjAcUQtfY7IRInCDK8BBvv9wcdZw6+G
3oLjF7TQpCWK/Ed+2nkeN1A5lZqVASdNx9gjnMLeS3u9IpxfjgBDQwyPELSNst3I
CyYQdyLwOpNd26Nk/HJq
=UBlv
-----END PGP SIGNATURE-----
Merge tag 'gpio-fixes-for-v3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio
Pull last minute GPIO fixes from Linus Walleij:
- Disable blinking on the Orion GPIO driver
- Two Kconfig-style fixes to avoid broken builds
* tag 'gpio-fixes-for-v3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
gpio-mcp23s08: Build I2C support even when CONFIG_I2C=m
gpio: adnp: Depend on OF_GPIO instead of OF
mvebu-gpio: Disable blinking when enabling a GPIO for output
