another .25 patch

diff --git a/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch b/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch
new file mode 100644 (file)
index 0000000..f1317b1
--- /dev/null
+++ b/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch
@@ -0,0 +1,32 @@
+From 6203554207728f43cfb9fd48585cd6500da73d42 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Tue, 29 Apr 2008 11:45:16 -0700
+Subject: drivers/net/tehuti: use proper capability check for raw IO access
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 6203554207728f43cfb9fd48585cd6500da73d42 in mainline.
+
+Yeah, in practice they both mean "root", but Alan correctly points out
+that anybody who gets to do raw IO space accesses should really be using
+CAP_SYS_RAWIO rather than CAP_NET_ADMIN.
+
+Pointed-out-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/net/tehuti.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/net/tehuti.c
++++ b/drivers/net/tehuti.c
+@@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_dev
+               DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]);
+       }
+ 
+-      if (!capable(CAP_NET_ADMIN))
++      if (!capable(CAP_SYS_RAWIO))
+               return -EPERM;
+ 
+       switch (data[0]) {

diff --git a/review-2.6.25/series b/review-2.6.25/series
index ab1d7c78e1925707aa6d5f8c04bae47daddc952e..9049abb77c49b3d5d5fe8cb5afc3592b9bc12d10 100644 (file)
--- a/review-2.6.25/series
+++ b/review-2.6.25/series
@@ -35,3 +35,4 @@ scsi-qla2xxx-correct-regression-in-relogin-code.patch
 alpha-unbreak-osf-1-binaries.patch
 x86-fix-32-bit-x86-msi-x-allocation-leakage.patch
 hrtimer-raise-softirq-unlocked-to-avoid-circular-lock-dependency.patch
+drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch