iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,200,631 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Anjali Kulkarni bfdfdc2f3b connector/cn_proc: Allow non-root users access 
There were a couple of reasons for not allowing non-root users access
initially  - one is there was some point no proper receive buffer
management in place for netlink multicast. But that should be long
fixed. See link below for more context.

Second is that some of the messages may contain data that is root only. But
this should be handled with a finer granularity, which is being done at the
protocol layer.  The only problematic protocols are nf_queue and the
firewall netlink. Hence, this restriction for non-root access was relaxed
for NETLINK_ROUTE initially:
https://lore.kernel.org/all/20020612013101.A22399@wotan.suse.de/

This restriction has also been removed for following protocols:
NETLINK_KOBJECT_UEVENT, NETLINK_AUDIT, NETLINK_SOCK_DIAG,
NETLINK_GENERIC, NETLINK_SELINUX.

Since process connector messages are not sensitive (process fork, exit
notifications etc.), and anyone can read /proc data, we can allow non-root
access here. However, since process event notification is not the only
consumer of NETLINK_CONNECTOR, we can make this change even more
fine grained than the protocol level, by checking for multicast group
within the protocol.

Allow non-root access for NETLINK_CONNECTOR via NL_CFG_F_NONROOT_RECV
but add new bind function cn_bind(), which allows non-root access only
for CN_IDX_PROC multicast group.

Signed-off-by: Anjali Kulkarni <anjali.k.kulkarni@oracle.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2023-07-23 11:34:22 +01:00
arch
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-07-20 15:52:55 -07:00
block
SCSI fixes on 20230714
2023-07-14 19:57:29 -07:00
certs
KEYS: Add missing function documentation
2023-04-24 16:15:52 +03:00
crypto
crypto: algif_hash - Fix race between MORE and non-MORE sends
2023-07-08 22:48:42 +10:00
Documentation
net: page_pool: hide page_pool_release_page()
2023-07-21 18:50:18 -07:00
drivers
connector/cn_proc: Allow non-root users access
2023-07-23 11:34:22 +01:00
fs
Bug fixes for 6.5-rc2:
2023-07-20 10:10:02 -07:00
include
connector/cn_proc: Performance improvements
2023-07-23 11:34:22 +01:00
init
Kbuild updates for v6.5
2023-07-01 09:24:31 -07:00
io_uring
io_uring-6.5-2023-07-14
2023-07-14 19:46:54 -07:00
ipc
Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2023-02-24 19:20:07 -08:00
kernel
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-07-20 15:52:55 -07:00
lib
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-07-20 15:52:55 -07:00
LICENSES
LICENSES: Add the copyleft-next-0.3.1 license
2022-11-08 15:44:01 +01:00
mm
mm/mlock: fix vma iterator conversion of apply_vma_lock_flags()
2023-07-17 12:53:21 -07:00
net
netlink: Add new netlink_release function
2023-07-23 11:34:22 +01:00
rust
rust: error: impl Debug for Error with errname() integration
2023-06-13 01:24:42 +02:00
samples
samples/bpf: README: Update build dependencies required
2023-07-18 17:29:43 -07:00
scripts
kallsyms: strip LTO-only suffixes from promoted global functions
2023-07-12 15:39:34 -07:00
security
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-07-20 15:52:55 -07:00
sound
sound fixes for 6.5-rc1
2023-07-07 15:40:17 -07:00
tools
selftests: mlxsw: rtnetlink: Drop obsolete tests
2023-07-21 08:54:04 +01:00
usr
initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP
2023-06-06 17:54:49 +09:00
virt
ARM64:
2023-07-03 15:32:22 -07:00
.clang-format
iommu: Add for_each_group_device()
2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore
get_maintainer: add Alan to .get_maintainer.ignore
2022-08-20 15:17:44 -07:00
.gitattributes
.gitattributes: set diff driver for Rust source code files
2023-05-31 17:48:25 +02:00
.gitignore
Revert ".gitignore: ignore *.cover and *.mbx"
2023-07-04 15:05:12 -07:00
.mailmap
Including fixes from BPF, netfilter, bluetooth and CAN.
2023-07-20 14:46:39 -07:00
.rustfmt.toml
rust: add .rustfmt.toml
2022-09-28 09:02:20 +02:00
COPYING
CREDITS
- Address -Wmissing-prototype warnings
2023-06-26 16:43:54 -07:00
Kbuild
Kbuild updates for v6.1
2022-10-10 12:00:45 -07:00
Kconfig
MAINTAINERS
MAINTAINERS: net: fix sort order
2023-07-21 18:48:54 -07:00
Makefile
Linux 6.5-rc2
2023-07-16 15:10:37 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%