Hi Herbert,
Today's linux-next merge of the crypto tree got a conflict in
crypto/crypto_user.c between commit 90f62cf30a78 ("net: Use
netlink_ns_capable to verify the permisions of netlink messages") from
Linus' tree and commit c568398aa05f ("crypto: user - Allow
CRYPTO_MSG_GETALG without CAP_NET_ADMIN") from the crypto tree.
I fixed it up (I hope - see below) and can carry the fix as necessary
(no action is required).
--
Cheers,
Stephen Rothwell s...@canb.auug.org.au
diff --cc crypto/crypto_user.c
index 43665d0d0905,aa906b8fdd17..000000000000
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@@ -265,6 -265,9 +265,9 @@@ static int crypto_update_alg(struct sk_
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
LIST_HEAD(list);
- if (!capable(CAP_NET_ADMIN))
++ if (!netlink_capable(skb, CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) ||
!null_terminated(p->cru_driver_name))
return -EINVAL;
@@@ -295,6 -298,9 +298,9 @@@ static int crypto_del_alg(struct sk_buf
struct crypto_alg *alg;
struct crypto_user_alg *p = nlmsg_data(nlh);
- if (!capable(CAP_NET_ADMIN))
++ if (!netlink_capable(skb, CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) ||
!null_terminated(p->cru_driver_name))
return -EINVAL;
@@@ -379,6 -385,9 +385,9 @@@ static int crypto_add_alg(struct sk_buf
struct crypto_user_alg *p = nlmsg_data(nlh);
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
- if (!capable(CAP_NET_ADMIN))
++ if (!netlink_capable(skb, CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) ||
!null_terminated(p->cru_driver_name))
return -EINVAL;
signature.asc
Description: PGP signature
