From: Greg Kroah-Hartman Date: Wed, 30 Apr 2008 17:18:08 +0000 (-0700) Subject: another .25 patch X-Git-Tag: v2.6.25.1~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8925debd68febe3f0dab0263e94d4540b5a565af;p=thirdparty%2Fkernel%2Fstable-queue.git another .25 patch --- diff --git a/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch b/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch new file mode 100644 index 00000000000..f1317b124ff --- /dev/null +++ b/review-2.6.25/drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch @@ -0,0 +1,32 @@ +From 6203554207728f43cfb9fd48585cd6500da73d42 Mon Sep 17 00:00:00 2001 +From: Linus Torvalds +Date: Tue, 29 Apr 2008 11:45:16 -0700 +Subject: drivers/net/tehuti: use proper capability check for raw IO access + +From: Linus Torvalds + +commit 6203554207728f43cfb9fd48585cd6500da73d42 in mainline. + +Yeah, in practice they both mean "root", but Alan correctly points out +that anybody who gets to do raw IO space accesses should really be using +CAP_SYS_RAWIO rather than CAP_NET_ADMIN. + +Pointed-out-by: Alan Cox +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/tehuti.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/net/tehuti.c ++++ b/drivers/net/tehuti.c +@@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_dev + DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]); + } + +- if (!capable(CAP_NET_ADMIN)) ++ if (!capable(CAP_SYS_RAWIO)) + return -EPERM; + + switch (data[0]) { diff --git a/review-2.6.25/series b/review-2.6.25/series index ab1d7c78e19..9049abb77c4 100644 --- a/review-2.6.25/series +++ b/review-2.6.25/series @@ -35,3 +35,4 @@ scsi-qla2xxx-correct-regression-in-relogin-code.patch alpha-unbreak-osf-1-binaries.patch x86-fix-32-bit-x86-msi-x-allocation-leakage.patch hrtimer-raise-softirq-unlocked-to-avoid-circular-lock-dependency.patch +drivers-net-tehuti-use-proper-capability-check-for-raw-io-access.patch