]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/commitdiff
net/nfc/rawsock.c: fix a permission check bug
authorJeimon <jjjinmeng.zhou@gmail.com>
Sat, 8 May 2021 03:52:30 +0000 (11:52 +0800)
committerKleber Sacilotto de Souza <kleber.souza@canonical.com>
Thu, 15 Jul 2021 17:27:13 +0000 (19:27 +0200)
BugLink: https://bugs.launchpad.net/bugs/1933369
[ Upstream commit 8ab78863e9eff11910e1ac8bcf478060c29b379e ]

The function rawsock_create() calls a privileged function sk_alloc(), which requires a ns-aware check to check net->user_ns, i.e., ns_capable(). However, the original code checks the init_user_ns using capable(). So we replace the capable() with ns_capable().

Signed-off-by: Jeimon <jjjinmeng.zhou@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Kelsey Skunberg <kelsey.skunberg@canonical.com>
net/nfc/rawsock.c

index 23d5e56306a4ce0fb3c6d7049dc7d0d7d6587ca3..8d649f4aee79cf162e0a50123331545c1a6ddede 100644 (file)
@@ -333,7 +333,7 @@ static int rawsock_create(struct net *net, struct socket *sock,
                return -ESOCKTNOSUPPORT;
 
        if (sock->type == SOCK_RAW) {
-               if (!capable(CAP_NET_RAW))
+               if (!ns_capable(net->user_ns, CAP_NET_RAW))
                        return -EPERM;
                sock->ops = &rawsock_raw_ops;
        } else {