Re: [PATCH v2] net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules

From: Jake Edge
Date: Wed Mar 02 2011 - 14:48:58 EST

Next message: Linus Torvalds: "Re: [PATCH v3 0/4] exec: unify native/compat code"
Previous message: Nathan Lynch: "Re: [PATCH] bloat-o-meter: Include read-only data section in report"
In reply to: Kees Cook: "Re: [PATCH v2] net: don't allow CAP_NET_ADMIN to load non-netdevkernel modules"
Next in thread: Vasiliy Kulikov: "Re: [PATCH v2] net: don't allow CAP_NET_ADMIN to load non-netdevkernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I am probably missing something, but shouldn't the existing
MODULE_ALIASes stay?

Vasiliy Kulikov <segoon@xxxxxxxxxxxx> writes:

> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
> index 6613edf..d1d0e2c 100644
> --- a/net/ipv4/ip_gre.c
> +++ b/net/ipv4/ip_gre.c
> @@ -1765,4 +1765,4 @@ module_exit(ipgre_fini);
> MODULE_LICENSE("GPL");
> MODULE_ALIAS_RTNL_LINK("gre");
> MODULE_ALIAS_RTNL_LINK("gretap");
> -MODULE_ALIAS("gre0");
> +MODULE_ALIAS_NETDEV("gre0");

that is, instead of replacing MODULE_ALIAS("gre0") with the NETDEV
version, don't you want both for backward compatibility?

(if so, same goes for the other two)

jake

--
Jake Edge - jake@xxxxxxx - http://lwn.net
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [PATCH v3 0/4] exec: unify native/compat code"
Previous message: Nathan Lynch: "Re: [PATCH] bloat-o-meter: Include read-only data section in report"
In reply to: Kees Cook: "Re: [PATCH v2] net: don't allow CAP_NET_ADMIN to load non-netdevkernel modules"
Next in thread: Vasiliy Kulikov: "Re: [PATCH v2] net: don't allow CAP_NET_ADMIN to load non-netdevkernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]