OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/core
History
Eric W. Biederman 7dc5dbc879 sysfs: Restrict mounting sysfs 
Don't allow mounting sysfs unless the caller has CAP_SYS_ADMIN rights
over the net namespace.  The principle here is if you create or have
capabilities over it you can mount it, otherwise you get to live with
what other people have mounted.

Instead of testing this with a straight forward ns_capable call,
perform this check the long and torturous way with kobject helpers,
this keeps direct knowledge of namespaces out of sysfs, and preserves
the existing sysfs abstractions.

Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
 		2013-08-28 21:35:14 -07:00
..
Makefile net: move procfs code to net/core/net-procfs.c 2013-02-19 00:51:10 -05:00
datagram.c net: rename include/net/ll_poll.h to include/net/busy_poll.h 2013-07-10 17:08:27 -07:00
dev.c gso: Update tunnel segmentation to support Tx checksum offload 2013-07-11 12:18:49 -07:00
dev_addr_lists.c net/core: dev_mc_sync_multiple calls wrong helper 2013-05-31 16:56:56 -07:00
dev_ioctl.c net: fix kernel deadlock with interface rename and netdev name retrieval. 2013-06-26 13:42:54 -07:00
drop_monitor.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
dst.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
ethtool.c ethtool: make .get_dump_data() harder to misuse by drivers 2013-07-02 00:15:56 -07:00
fib_rules.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
filter.c sock_diag: fix filter code sent to userspace 2013-06-10 22:23:32 -07:00
flow.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-01 13:36:50 -04:00
flow_dissector.c net: flow_dissector: add __skb_get_poff to get a start offset to payload 2013-03-20 13:15:45 -04:00
gen_estimator.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
gen_stats.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
iovec.c Hoist memcpy_fromiovec/memcpy_toiovec into lib/ 2013-05-20 10:24:22 +09:30
link_watch.c net: make all team port device link events urgent 2013-06-13 02:31:41 -07:00
neighbour.c neighbour: fix a race in neigh_destroy() 2013-07-01 13:35:32 -07:00
net-procfs.c rps: selective flow shedding during softnet overflow 2013-05-20 13:48:04 -07:00
net-sysfs.c sysfs: Restrict mounting sysfs 2013-08-28 21:35:14 -07:00
net-sysfs.h xps: Add CONFIG_XPS 2010-11-28 18:24:14 -08:00
net-traces.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
net_namespace.c proc: Split the namespace stuff out into linux/proc_ns.h 2013-05-01 17:29:39 -04:00
netevent.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
netpoll.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
netprio_cgroup.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
pktgen.c pktgen: ipv6: numa: consolidate skb allocation to pktgen_alloc_skb 2013-06-12 00:47:25 -07:00
request_sock.c tcp: fix a panic on UP machines in reqsk_fastopen_remove 2013-01-14 18:10:05 -05:00
rtnetlink.c rtnetlink: allow using zero MAC address in rtnl_fdb_{add,del} 2013-06-25 09:31:39 -07:00
scm.c netprio_cgroup: remove task_struct parameter from sock_update_netprio() 2013-04-09 13:19:37 -04:00
secure_seq.c net: defer net_secret[] initialization 2013-04-29 15:14:02 -04:00
skbuff.c net: access page->private by using page_private 2013-07-12 16:10:34 -07:00
sock.c net: rename busy poll socket op and globals 2013-07-10 17:08:27 -07:00
sock_diag.c sock_diag: fix filter code sent to userspace 2013-06-10 22:23:32 -07:00
stream.c net: Fix the condition passed to sk_wait_event() 2010-10-03 20:41:32 -07:00
sysctl_net_core.c net: rename busy poll socket op and globals 2013-07-10 17:08:27 -07:00
timestamping.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
user_dma.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
utils.c net: core: move mac_pton() to lib/net_utils.c 2013-06-05 12:00:27 -07:00