net: check kern before calling security subsystem
Eric Paris [Fri, 6 Nov 2009 04:45:52 +0000 (20:45 -0800)]
Before calling capable(CAP_NET_RAW) check if this operations is on behalf
of the kernel or on behalf of userspace.  Do not do the security check if
it is on behalf of the kernel.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/bluetooth/l2cap.c
net/ipv4/af_inet.c
net/ipv6/af_inet6.c

index 365ae16..ff0233d 100644 (file)
@@ -832,7 +832,7 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
                        sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
                return -ESOCKTNOSUPPORT;
 
-       if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
+       if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
                return -EPERM;
 
        sock->ops = &l2cap_sock_ops;
index 5c7e42c..7d12c6a 100644 (file)
@@ -326,7 +326,7 @@ lookup_protocol:
        }
 
        err = -EPERM;
-       if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
+       if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
                goto out_rcu_unlock;
 
        err = -EAFNOSUPPORT;
index 45ed5e0..12e69d3 100644 (file)
@@ -159,7 +159,7 @@ lookup_protocol:
        }
 
        err = -EPERM;
-       if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
+       if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
                goto out_rcu_unlock;
 
        sock->ops = answer->ops;