aboutsummaryrefslogtreecommitdiffstats
path: root/net/sctp/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/sctp/socket.c')
-rw-r--r--net/sctp/socket.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index bee4dd3feabb..d699d2cbf275 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -360,7 +360,7 @@ static int sctp_do_bind(struct sock *sk, union sctp_addr *addr, int len)
360 } 360 }
361 } 361 }
362 362
363 if (snum && snum < PROT_SOCK && 363 if (snum && snum < inet_prot_sock(net) &&
364 !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE)) 364 !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE))
365 return -EACCES; 365 return -EACCES;
366 366
@@ -1152,8 +1152,10 @@ static int __sctp_connect(struct sock *sk,
1152 * accept new associations, but it SHOULD NOT 1152 * accept new associations, but it SHOULD NOT
1153 * be permitted to open new associations. 1153 * be permitted to open new associations.
1154 */ 1154 */
1155 if (ep->base.bind_addr.port < PROT_SOCK && 1155 if (ep->base.bind_addr.port <
1156 !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE)) { 1156 inet_prot_sock(net) &&
1157 !ns_capable(net->user_ns,
1158 CAP_NET_BIND_SERVICE)) {
1157 err = -EACCES; 1159 err = -EACCES;
1158 goto out_free; 1160 goto out_free;
1159 } 1161 }
@@ -1818,7 +1820,7 @@ static int sctp_sendmsg(struct sock *sk, struct msghdr *msg, size_t msg_len)
1818 * but it SHOULD NOT be permitted to open new 1820 * but it SHOULD NOT be permitted to open new
1819 * associations. 1821 * associations.
1820 */ 1822 */
1821 if (ep->base.bind_addr.port < PROT_SOCK && 1823 if (ep->base.bind_addr.port < inet_prot_sock(net) &&
1822 !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE)) { 1824 !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE)) {
1823 err = -EACCES; 1825 err = -EACCES;
1824 goto out_unlock; 1826 goto out_unlock;
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-08 09:34:12 -0400