Hi Johan,
On 25.11.2013 16:25, Johan Hedberg wrote:
Hi Ravi,
On Mon, Nov 25, 2013, Ravi kumar Veeramally wrote:
On 25.11.2013 16:01, Johan Hedberg wrote:
Hi Ravi,
On Mon, Nov 25, 2013, Ravi kumar Veeramally wrote:
CAP_NET_RAW capability is required to up the bnep interfaces
in android environment.
---
android/main.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/android/main.c b/android/main.c
index c9733f3..bfd2a87 100644
--- a/android/main.c
+++ b/android/main.c
@@ -506,6 +506,7 @@ static bool set_capabilities(void)
header.pid = 0;
cap.effective = cap.permitted =
+ CAP_TO_MASK(CAP_NET_RAW) |
CAP_TO_MASK(CAP_NET_ADMIN) |
CAP_TO_MASK(CAP_NET_BIND_SERVICE);
cap.inheritable = 0;
Would you then say that commit 9bda7e8c2130de9a3340ebd0e6cc1dedc2eae338
is incorrect? A quick grep doesn't show any instances of checking this
capability in the BNEP code of the kernel. Exactly which system call is
it that needs it?
bnep_if_up from profiles/network/common.c
---
ifr.ifr_flags |= IFF_UP;
ifr.ifr_flags |= IFF_MULTICAST;
err = ioctl(sk, SIOCSIFFLAGS, (caddr_t) &ifr);
---
requires this capability in android environment only.
this code is under android macro.
So you've verified that under "normal" Linux this ioctl does not require
the NET_RAW capability?
If you answered positively to my first question, please send a patch for
that as well.
I didn't understand this, sorry.
My first question was: "Would you then say that
commit 9bda7e8c2130de9a3340ebd0e6cc1dedc2eae338 is incorrect?". Do you
not understand that question or what I asked you to do in case the
answer is "yes"?
I tried on host with systemd configure options and limiting
capabilities to
only CAP_NET_ADMIN and CAP_NET_BIND_SERVICE. ioctl call for
interface(bnepX)
up works well. Android throws an error("Permission denied").
CAP_NET_RAW is required
for android.
Thanks,
Ravi.
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
