Hi all, Today's linux-next merge of the net-next tree got conflicts in net/sched/sch_api.c and net/sched/cls_api.c between commit 90f62cf30a78 ("net: Use netlink_ns_capable to verify the permisions of netlink messages") from the net tree and commit 4e8bbb819d15 ("net: Allow tc changes in user namespaces") from the net-next tree. I fixed it up (hopefully, see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> diff --cc net/sched/cls_api.c index bdbdb1a7920a,1a4a20267787..000000000000 --- a/net/sched/cls_api.c +++ b/net/sched/cls_api.c @@@ -134,7 -134,8 +134,8 @@@ static int tc_ctl_tfilter(struct sk_buf int err; int tp_created = 0; - if ((n->nlmsg_type != RTM_GETTFILTER) && !netlink_capable(skb, CAP_NET_ADMIN)) + if ((n->nlmsg_type != RTM_GETTFILTER) && - !ns_capable(net->user_ns, CAP_NET_ADMIN)) ++ !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) return -EPERM; replay: diff --cc net/sched/sch_api.c index 400769014bbd,86f8edfd6b8a..000000000000 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@@ -1084,7 -1084,8 +1084,8 @@@ static int tc_get_qdisc(struct sk_buff struct Qdisc *p = NULL; int err; - if ((n->nlmsg_type != RTM_GETQDISC) && !netlink_capable(skb, CAP_NET_ADMIN)) + if ((n->nlmsg_type != RTM_GETQDISC) && - !ns_capable(net->user_ns, CAP_NET_ADMIN)) ++ !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) return -EPERM; err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL); @@@ -1151,7 -1152,7 +1152,7 @@@ static int tc_modify_qdisc(struct sk_bu struct Qdisc *q, *p; int err; - if (!netlink_capable(skb, CAP_NET_ADMIN)) - if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) ++ if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) return -EPERM; replay: @@@ -1490,7 -1491,8 +1491,8 @@@ static int tc_ctl_tclass(struct sk_buf u32 qid; int err; - if ((n->nlmsg_type != RTM_GETTCLASS) && !netlink_capable(skb, CAP_NET_ADMIN)) + if ((n->nlmsg_type != RTM_GETTCLASS) && - !ns_capable(net->user_ns, CAP_NET_ADMIN)) ++ !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) return -EPERM; err = nlmsg_parse(n, sizeof(*tcm), tca, TCA_MAX, NULL);
Attachment:
pgp0fh39UhN9a.pgp
Description: PGP signature