Re: [PATCH 1/4] android: Add CAP_NET_RAW capability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Johan,

On 25.11.2013 16:25, Johan Hedberg wrote:
Hi Ravi,

On Mon, Nov 25, 2013, Ravi kumar Veeramally wrote:
On 25.11.2013 16:01, Johan Hedberg wrote:
Hi Ravi,

On Mon, Nov 25, 2013, Ravi kumar Veeramally wrote:
CAP_NET_RAW capability is required to up the bnep interfaces
in android environment.
---
  android/main.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/android/main.c b/android/main.c
index c9733f3..bfd2a87 100644
--- a/android/main.c
+++ b/android/main.c
@@ -506,6 +506,7 @@ static bool set_capabilities(void)
  	header.pid = 0;
  	cap.effective = cap.permitted =
+		CAP_TO_MASK(CAP_NET_RAW) |
  		CAP_TO_MASK(CAP_NET_ADMIN) |
  		CAP_TO_MASK(CAP_NET_BIND_SERVICE);
  	cap.inheritable = 0;
Would you then say that commit 9bda7e8c2130de9a3340ebd0e6cc1dedc2eae338
is incorrect? A quick grep doesn't show any instances of checking this
capability in the BNEP code of the kernel. Exactly which system call is
it that needs it?
    bnep_if_up from profiles/network/common.c
  ---
         ifr.ifr_flags |= IFF_UP;
         ifr.ifr_flags |= IFF_MULTICAST;

         err = ioctl(sk, SIOCSIFFLAGS, (caddr_t) &ifr);
---
  requires this capability in android environment only.
  this code is under android macro.
So you've verified that under "normal" Linux this ioctl does not require
the NET_RAW capability?

If you answered positively to my first question, please send a patch for
that as well.
  I didn't understand this, sorry.
My first question was: "Would you then say that
commit 9bda7e8c2130de9a3340ebd0e6cc1dedc2eae338 is incorrect?". Do you
not understand that question or what I asked you to do in case the
answer is "yes"?

I tried on host with systemd configure options and limiting capabilities to only CAP_NET_ADMIN and CAP_NET_BIND_SERVICE. ioctl call for interface(bnepX) up works well. Android throws an error("Permission denied"). CAP_NET_RAW is required
for android.

Thanks,
Ravi.
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux