@@ -2177,7 +2177,7 @@ static void drbd_connector_callback(struct cn_msg *req, struct netlink_skb_parms
return;
}
- if (!cap_raised(current_cap(), CAP_SYS_ADMIN)) {
+ if (security_netlink_recv(CAP_SYS_ADMIN)) {
retcode = ERR_PERM;
goto fail;
}
@@ -134,7 +134,7 @@ static void cn_ulog_callback(struct cn_msg *msg, struct netlink_skb_parms *nsp)
{
struct dm_ulog_request *tfr = (struct dm_ulog_request *)(msg + 1);
- if (!cap_raised(current_cap(), CAP_SYS_ADMIN))
+ if (security_netlink_recv(CAP_SYS_ADMIN))
return;
spin_lock(&receiving_list_lock);
@@ -525,7 +525,7 @@ static void pohmelfs_cn_callback(struct cn_msg *msg, struct netlink_skb_parms *n
{
int err;
- if (!cap_raised(current_cap(), CAP_SYS_ADMIN))
+ if (security_netlink_recv(CAP_SYS_ADMIN))
return;
switch (msg->flags) {
@@ -73,7 +73,7 @@ static void uvesafb_cn_callback(struct cn_msg *msg, struct netlink_skb_parms *ns
struct uvesafb_task *utask;
struct uvesafb_ktask *task;
- if (!cap_raised(current_cap(), CAP_SYS_ADMIN))
+ if (security_netlink_recv(CAP_SYS_ADMIN))
return;
if (msg->seq >= UVESAFB_TASKS_MAX)
This moves callbacks from a raw capabiliity hook to the generic lsm hook when receiving request from userspace. Signed-off-by: Chris Wright <chrisw@sous-sol.org> --- drivers/block/drbd/drbd_nl.c | 2 +- drivers/md/dm-log-userspace-transfer.c | 2 +- drivers/staging/pohmelfs/config.c | 2 +- drivers/video/uvesafb.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-)