Commit d70029d5 authored by Maksim Krasnyanskiy's avatar Maksim Krasnyanskiy

Users must have CAP_NET_ADMIN capability in order to create

or destroy devices. 
parent a1bed4d5
...@@ -266,6 +266,9 @@ static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size ...@@ -266,6 +266,9 @@ static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size
} }
/* ---- Device IOCTLs ---- */ /* ---- Device IOCTLs ---- */
#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
static int rfcomm_create_dev(struct sock *sk, unsigned long arg) static int rfcomm_create_dev(struct sock *sk, unsigned long arg)
{ {
struct rfcomm_dev_req req; struct rfcomm_dev_req req;
...@@ -277,7 +280,14 @@ static int rfcomm_create_dev(struct sock *sk, unsigned long arg) ...@@ -277,7 +280,14 @@ static int rfcomm_create_dev(struct sock *sk, unsigned long arg)
BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags);
if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
return -EPERM;
if (req.flags & (1 << RFCOMM_REUSE_DLC)) { if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
/* Socket must be connected */
if (sk->state != BT_CONNECTED)
return -EBADFD;
dlc = rfcomm_pi(sk)->dlc; dlc = rfcomm_pi(sk)->dlc;
rfcomm_dlc_hold(dlc); rfcomm_dlc_hold(dlc);
} else { } else {
...@@ -311,6 +321,9 @@ static int rfcomm_release_dev(unsigned long arg) ...@@ -311,6 +321,9 @@ static int rfcomm_release_dev(unsigned long arg)
BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags);
if (!capable(CAP_NET_ADMIN))
return -EPERM;
if (!(dev = rfcomm_dev_get(req.dev_id))) if (!(dev = rfcomm_dev_get(req.dev_id)))
return -ENODEV; return -ENODEV;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment