提交 cabcac0b 编写于 作者: T Thomas Graf 提交者: David S. Miller

[BONDING]: Remove CAP_NET_ADMIN requirement for INFOQUERY ioctl

This information is already available via /proc/net/bonding/*
therefore it doesn't make sense to require CAP_NET_ADMIN
privileges.

Original patch by Laurent Deniel <laurent.deniel@free.fr>
Signed-off-by: NThomas Graf <tgraf@suug.ch>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 8798b3fb
...@@ -2543,13 +2543,14 @@ int dev_ioctl(unsigned int cmd, void __user *arg) ...@@ -2543,13 +2543,14 @@ int dev_ioctl(unsigned int cmd, void __user *arg)
case SIOCBONDENSLAVE: case SIOCBONDENSLAVE:
case SIOCBONDRELEASE: case SIOCBONDRELEASE:
case SIOCBONDSETHWADDR: case SIOCBONDSETHWADDR:
case SIOCBONDSLAVEINFOQUERY:
case SIOCBONDINFOQUERY:
case SIOCBONDCHANGEACTIVE: case SIOCBONDCHANGEACTIVE:
case SIOCBRADDIF: case SIOCBRADDIF:
case SIOCBRDELIF: case SIOCBRDELIF:
if (!capable(CAP_NET_ADMIN)) if (!capable(CAP_NET_ADMIN))
return -EPERM; return -EPERM;
/* fall through */
case SIOCBONDSLAVEINFOQUERY:
case SIOCBONDINFOQUERY:
dev_load(ifr.ifr_name); dev_load(ifr.ifr_name);
rtnl_lock(); rtnl_lock();
ret = dev_ifsioc(&ifr, cmd); ret = dev_ifsioc(&ifr, cmd);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册