net: Push capable(CAP_NET_ADMIN) into the rtnl methods

- In rtnetlink_rcv_msg convert the capable(CAP_NET_ADMIN) check
  to ns_capable(net->user-ns, CAP_NET_ADMIN).  Allowing unprivileged
  users to make netlink calls to modify their local network
  namespace.

- In the rtnetlink doit methods add capable(CAP_NET_ADMIN) so
  that calls that are not safe for unprivileged users are still
  protected.

Later patches will remove the extra capable calls from methods
that are safe for unprivilged users.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 9 insertions, 0 deletions

diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
index 13cc744a2498..4799c4840c1a 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -980,6 +980,9 @@ static int tc_get_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
         struct Qdisc *p = NULL;
         int err;
 
+        if ((n->nlmsg_type != RTM_GETQDISC) && !capable(CAP_NET_ADMIN))
+                return -EPERM;
+
         dev = __dev_get_by_index(net, tcm->tcm_ifindex);
         if (!dev)
                 return -ENODEV;
@@ -1043,6 +1046,9 @@ static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
         struct Qdisc *q, *p;
         int err;
 
+        if (!capable(CAP_NET_ADMIN))
+                return -EPERM;
+
 replay:
         /* Reinit, just in case something touches this. */
         tcm = nlmsg_data(n);
@@ -1379,6 +1385,9 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
         u32 qid = TC_H_MAJ(clid);
         int err;
 
+        if ((n->nlmsg_type != RTM_GETTCLASS) && !capable(CAP_NET_ADMIN))
+                return -EPERM;
+
         dev = __dev_get_by_index(net, tcm->tcm_ifindex);
         if (!dev)
                 return -ENODEV;