Merge tag 'v4.4.177' into toradex_vf_4.4-nextColibri-VF_LXDE-Image_2.8b6.183-20190331

This is the 4.4.177 stable release
author: Marcel Ziswiler <marcel.ziswiler@toradex.com> 2019-03-28 11:16:26 +0100
committer: Marcel Ziswiler <marcel.ziswiler@toradex.com> 2019-03-28 11:16:26 +0100
commit: 6f01eb5bf8e8110ab5f3a8e7b0f3abf19a205e4b (patch)
tree: 4b3147335ed97e4b487fd84bcb7a959a38d9656e /drivers/net/ipvlan/ipvlan_main.c
parent: 8f234193b8cc35c44614e4a4b05f2d920ff562e4 (diff)
parent: 6b50202a4d53bf527c640467bcff68b50a5e38a2 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/drivers/net/ipvlan/ipvlan_main.c b/drivers/net/ipvlan/ipvlan_main.c
index a9268db4e349..ae02ce17c505 100644
--- a/drivers/net/ipvlan/ipvlan_main.c
+++ b/drivers/net/ipvlan/ipvlan_main.c
@@ -389,7 +389,12 @@ static int ipvlan_nl_changelink(struct net_device *dev,
 	struct ipvl_dev *ipvlan = netdev_priv(dev);
 	struct ipvl_port *port = ipvlan_port_get_rtnl(ipvlan->phy_dev);
 
-	if (data && data[IFLA_IPVLAN_MODE]) {
+	if (!data)
+		return 0;
+	if (!ns_capable(dev_net(ipvlan->phy_dev)->user_ns, CAP_NET_ADMIN))
+		return -EPERM;
+
+	if (data[IFLA_IPVLAN_MODE]) {
 		u16 nmode = nla_get_u16(data[IFLA_IPVLAN_MODE]);
 
 		ipvlan_set_port_mode(port, nmode);
@@ -454,6 +459,8 @@ static int ipvlan_link_new(struct net *src_net, struct net_device *dev,
 		struct ipvl_dev *tmp = netdev_priv(phy_dev);
 
 		phy_dev = tmp->phy_dev;
+		if (!ns_capable(dev_net(phy_dev)->user_ns, CAP_NET_ADMIN))
+			return -EPERM;
 	} else if (!netif_is_ipvlan_port(phy_dev)) {
 		err = ipvlan_port_create(phy_dev);
 		if (err < 0)
author	Marcel Ziswiler <marcel.ziswiler@toradex.com>	2019-03-28 11:16:26 +0100
committer	Marcel Ziswiler <marcel.ziswiler@toradex.com>	2019-03-28 11:16:26 +0100
commit	6f01eb5bf8e8110ab5f3a8e7b0f3abf19a205e4b (patch)
tree	4b3147335ed97e4b487fd84bcb7a959a38d9656e /drivers/net/ipvlan/ipvlan_main.c
parent	8f234193b8cc35c44614e4a4b05f2d920ff562e4 (diff)
parent	6b50202a4d53bf527c640467bcff68b50a5e38a2 (diff)