All of lore.kernel.org
 help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Hangbin Liu <liuhangbin@gmail.com>,
	Richard Cochran <richardcochran@gmail.com>,
	"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 5.1 27/46] vlan: disable SIOCSHWTSTAMP in container
Date: Wed, 15 May 2019 12:56:51 +0200	[thread overview]
Message-ID: <20190515090625.571849309@linuxfoundation.org> (raw)
In-Reply-To: <20190515090616.670410738@linuxfoundation.org>

From: Hangbin Liu <liuhangbin@gmail.com>

[ Upstream commit 873017af778439f2f8e3d87f28ddb1fcaf244a76 ]

With NET_ADMIN enabled in container, a normal user could be mapped to
root and is able to change the real device's rx filter via ioctl on
vlan, which would affect the other ptp process on host. Fix it by
disabling SIOCSHWTSTAMP in container.

Fixes: a6111d3c93d0 ("vlan: Pass SIOC[SG]HWTSTAMP ioctls to real device")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Acked-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/8021q/vlan_dev.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--- a/net/8021q/vlan_dev.c
+++ b/net/8021q/vlan_dev.c
@@ -367,10 +367,12 @@ static int vlan_dev_ioctl(struct net_dev
 	ifrr.ifr_ifru = ifr->ifr_ifru;
 
 	switch (cmd) {
+	case SIOCSHWTSTAMP:
+		if (!net_eq(dev_net(dev), &init_net))
+			break;
 	case SIOCGMIIPHY:
 	case SIOCGMIIREG:
 	case SIOCSMIIREG:
-	case SIOCSHWTSTAMP:
 	case SIOCGHWTSTAMP:
 		if (netif_device_present(real_dev) && ops->ndo_do_ioctl)
 			err = ops->ndo_do_ioctl(real_dev, &ifrr, cmd);



  parent reply	other threads:[~2019-05-15 11:35 UTC|newest]

Thread overview: 61+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-15 10:56 [PATCH 5.1 00/46] 5.1.3-stable review Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 01/46] platform/x86: sony-laptop: Fix unintentional fall-through Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 02/46] platform/x86: thinkpad_acpi: Disable Bluetooth for some machines Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 03/46] platform/x86: dell-laptop: fix rfkill functionality Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 04/46] hwmon: (pwm-fan) Disable PWM if fetching cooling data fails Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 05/46] hwmon: (occ) Fix extended status bits Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 06/46] selftests/seccomp: Handle namespace failures gracefully Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 07/46] i2c: core: ratelimit transfer when suspended errors Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 08/46] kernfs: fix barrier usage in __kernfs_new_node() Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 09/46] virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 10/46] USB: serial: fix unthrottle races Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 11/46] mwl8k: Fix rate_idx underflow Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 12/46] rtlwifi: rtl8723ae: Fix missing break in switch statement Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 13/46] Dont jump to compute_result state from check_result state Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 14/46] bonding: fix arp_validate toggling in active-backup mode Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 15/46] bridge: Fix error path for kobject_init_and_add() Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 16/46] dpaa_eth: fix SG frame cleanup Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 17/46] fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 18/46] ipv4: Fix raw socket lookup for local traffic Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 19/46] net: dsa: Fix error cleanup path in dsa_init_module Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 20/46] net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 21/46] net: macb: Change interrupt and napi enable order in open Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 22/46] net: seeq: fix crash caused by not set dev.parent Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 23/46] net: ucc_geth - fix Oops when changing number of buffers in the ring Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 24/46] packet: Fix error path in packet_init Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 25/46] selinux: do not report error on connect(AF_UNSPEC) Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 26/46] tipc: fix hanging clients using poll with EPOLLOUT flag Greg Kroah-Hartman
2019-05-15 10:56 ` Greg Kroah-Hartman [this message]
2019-05-15 10:56 ` [PATCH 5.1 28/46] vrf: sit mtu should not be updated when vrf netdev is the link Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 29/46] aqc111: fix endianness issue in aqc111_change_mtu Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 30/46] aqc111: fix writing to the phy on BE Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 31/46] aqc111: fix double endianness swap " Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 32/46] tuntap: fix dividing by zero in ebpf queue selection Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 33/46] tuntap: synchronize through tfiles array instead of tun->numqueues Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 34/46] net: phy: fix phy_validate_pause Greg Kroah-Hartman
2019-05-15 10:56 ` [PATCH 5.1 35/46] flow_dissector: disable preemption around BPF calls Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 36/46] isdn: bas_gigaset: use usb_fill_int_urb() properly Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 37/46] drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 38/46] drivers/virt/fsl_hypervisor.c: prevent integer overflow " Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 39/46] powerpc/book3s/64: check for NULL pointer in pgd_alloc() Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 40/46] powerpc/powernv/idle: Restore IAMR after idle Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 41/46] powerpc/booke64: set RI in default MSR Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 42/46] virtio_ring: Fix potential mem leak in virtqueue_add_indirect_packed Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 43/46] PCI: hv: Fix a memory leak in hv_eject_device_work() Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 44/46] PCI: hv: Add hv_pci_remove_slots() when we unload the driver Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 45/46] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary Greg Kroah-Hartman
2019-05-15 10:57 ` [PATCH 5.1 46/46] f2fs: Fix use of number of devices Greg Kroah-Hartman
2019-05-15 13:56 ` [PATCH 5.1 00/46] 5.1.3-stable review Igor Russkikh
2019-05-15 14:18   ` Greg Kroah-Hartman
2019-05-15 13:58 ` Igor Russkikh
2019-05-15 19:56 ` Naresh Kamboju
2019-05-16  6:21   ` Greg Kroah-Hartman
2019-05-16  3:38 ` Guenter Roeck
2019-05-16  6:20   ` Greg Kroah-Hartman
2019-05-16 11:04 ` Jon Hunter
2019-05-16 11:04   ` Jon Hunter
2019-05-16 16:50   ` Greg Kroah-Hartman
2019-05-16 13:55 ` shuah
2019-05-16 16:49   ` Greg Kroah-Hartman
2019-05-17  6:34 ` Kelsey Skunberg
2019-05-17  7:25   ` Greg Kroah-Hartman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190515090625.571849309@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=davem@davemloft.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=liuhangbin@gmail.com \
    --cc=richardcochran@gmail.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.