Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-09-21 20:04:01 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/net/tipc
History
Eric W. Biederman 1141a45580 net: Use netlink_ns_capable to verify the permisions of netlink messages 
[ Upstream commit 90f62cf30a78721641e08737bda787552428061e ]

It is possible by passing a netlink socket to a more privileged
executable and then to fool that executable into writing to the socket
data that happens to be valid netlink message to do something that
privileged executable did not intend to do.

To keep this from happening replace bare capable and ns_capable calls
with netlink_capable, netlink_net_calls and netlink_ns_capable calls.
Which act the same as the previous calls except they verify that the
opener of the socket had the desired permissions as well.

Reported-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-26 15:12:37 -04:00
..
addr.c tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
addr.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
bcast.c tipc: pskb_copy() buffers when sending on more than one bearer 2013-05-03 16:08:58 -04:00
bcast.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
bearer.c tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
bearer.h tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
config.c tipc: eliminate configuration for maximum number of name publications 2012-08-20 02:26:31 -07:00
config.h tipc: Optimize re-initialization of configuration service 2012-04-26 17:19:07 -04:00
core.c tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
core.h tipc: eliminate configuration for maximum number of name publications 2012-08-20 02:26:31 -07:00
discover.c tipc: move bcast_addr from struct tipc_media to struct tipc_bearer 2013-04-17 14:18:33 -04:00
discover.h
eth_media.c tipc: set skb->protocol in eth_media packet transmission 2013-04-17 14:18:33 -04:00
handler.c tipc: do not use tasklet_disable before tasklet_kill 2012-11-03 15:10:14 -04:00
ib_media.c tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
Kconfig tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
link.c tipc: potential divide by zero in tipc_link_recv_fragment() 2013-05-06 16:16:52 -04:00
link.h tipc: remove the bearer congestion mechanism 2012-11-21 20:07:25 -05:00
log.c tipc: remove print_buf and deprecated log buffer code 2012-07-13 19:34:43 -04:00
Makefile tipc: add InfiniBand media type 2013-04-17 14:18:33 -04:00
msg.c tipc: remove TIPC packet debugging functions and macros 2012-07-13 19:25:16 -04:00
msg.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
name_distr.c tipc: eliminate an unnecessary cast of node variable 2012-11-22 14:33:28 -05:00
name_distr.h
name_table.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
name_table.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
net.c tipc: change tipc_net_start routine return value type 2012-08-20 02:26:30 -07:00
net.h tipc: change tipc_net_start routine return value type 2012-08-20 02:26:30 -07:00
netlink.c net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:12:37 -04:00
node.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
node.h tipc: rename supported flag to recv_permitted 2012-11-22 07:50:51 -05:00
node_subscr.c tipc: use standard printk shortcut macros (pr_err etc.) 2012-07-13 19:24:44 -04:00
node_subscr.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
port.c tipc: standardize across connect/disconnect function naming 2012-12-07 17:23:19 -05:00
port.h tipc: standardize across connect/disconnect function naming 2012-12-07 17:23:19 -05:00
ref.c tipc: use standard printk shortcut macros (pr_err etc.) 2012-07-13 19:24:44 -04:00
ref.h
socket.c net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:25 -08:00
subscr.c tipc: standardize across connect/disconnect function naming 2012-12-07 17:23:19 -05:00
subscr.h tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00