git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Jakub Kicinski <kuba@kernel.org>
	Mon, 27 Apr 2026 19:58:56 +0000 (12:58 -0700)
committer	Jakub Kicinski <kuba@kernel.org>
	Wed, 29 Apr 2026 00:44:20 +0000 (17:44 -0700)
commit	b718342a7fbaa2dff5fefc31988c07af8c6cbc21
tree	5a9912a82d45107ae363a3f9f603db8b3882865b	tree \| snapshot
parent	b89769f936a8fa9e66de72ddc1b71a9745a488e6	commit \| diff

net: psp: require admin permission for dev-set and key-rotate

The dev-set and key-rotate netlink operations modify shared device
state (PSP version configuration and cryptographic key material,
respectively) but do not require CAP_NET_ADMIN. The only access
control is psp_dev_check_access() which merely verifies netns
membership.

Fixes: 00c94ca2b99e ("psp: base PSP device support")
Reviewed-by: Daniel Zahka <daniel.zahka@gmail.com>
Reviewed-by: Willem de Bruijn <willemb@google.com>
Link: https://patch.msgid.link/20260427195856.401223-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Documentation/netlink/specs/psp.yaml		diff \| blob \| blame \| history
net/psp/psp-nl-gen.c		diff \| blob \| blame \| history