diff options
| author |   Martin Willi <martin@strongswan.org> | 2016-05-09 18:33:58 +0200 |
|---|---|---|
| committer |   Johannes Berg <johannes.berg@intel.com> | 2016-05-31 11:36:34 +0200 |
| commit | 5617c6cd6f844eaa2f4d61f165b7e6664a658865 (patch) | |
| tree | 3cdfff2de392894a71c72c5fd5477bba44ce80ed /drivers/net/wireless/mac80211_hwsim.c | |
| parent | Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus (diff) | |
| download | linux-dev-5617c6cd6f844eaa2f4d61f165b7e6664a658865.tar.xz linux-dev-5617c6cd6f844eaa2f4d61f165b7e6664a658865.zip | |
nl80211: Allow privileged operations from user namespaces
While a wiphy can be transferred to network namespaces, a process having
CAP_NET_ADMIN in a non-initial user namespace can not administrate such
devices due to the genetlink GENL_ADMIN_PERM restrictions.
For openvswitch having the same issue, a new GENL_UNS_ADMIN_PERM flag has
been introduced, commit 4a92602aa1cd ("openvswitch: allow management from
inside user namespaces"). This patch changes all privileged operations
operating on a wiphy, dev or wdev to allow their administration using the
same mechanism. All operations use either NEED_WIPHY, NEED_WDEV or
NEED_NETDEV, which implies a namespace aware lookup of the device. The only
exception is NL80211_CMD_SET_WIPHY, which explicitly uses a namespace aware
phy lookup.
Signed-off-by: Martin Willi <martin@strongswan.org>
[also allow cancel scan, for completeness]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'drivers/net/wireless/mac80211_hwsim.c')
0 files changed, 0 insertions, 0 deletions