projects
/
firefly-linux-kernel-4.4.55.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
net: Use netlink_ns_capable to verify the permisions of netlink messages
[firefly-linux-kernel-4.4.55.git]
/
net
/
xfrm
/
xfrm_user.c
diff --git
a/net/xfrm/xfrm_user.c
b/net/xfrm/xfrm_user.c
index 3f565e495ac68cea83e1d52cf7db7e820fe777ad..7a70a5a5671aa1c592446e3794ccd5b53e59fc1c 100644
(file)
--- a/
net/xfrm/xfrm_user.c
+++ b/
net/xfrm/xfrm_user.c
@@
-2362,7
+2362,7
@@
static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
link = &xfrm_dispatch[type];
/* All operations require privileges, even GET */
- if (!n
s_capable(net->user_ns
, CAP_NET_ADMIN))
+ if (!n
etlink_net_capable(skb
, CAP_NET_ADMIN))
return -EPERM;
if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) ||