tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

bonding: Display LACP info only to CAP_NET_ADMIN capable user

Actor and Partner details can be accessed via proc-fs, sys-fs
entries or netlink interface. These interfaces are world readable
at this moment. The earlier patch-series made the LACP communication
secure to avoid nuisance attack from within the same L2 domain but
it did not prevent "someone unprivileged" looking at that information
on host and perform the same act.

This patch essentially avoids spitting those entries if the user
in question does not have enough privileges.

Signed-off-by: Mahesh Bandewar <maheshb@google.com>
Signed-off-by: Andy Gospodarek <gospo@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Mahesh Bandewar and committed by
David S. Miller 4cd6b475 1f02c09b

+68 -62
+12 -11
drivers/net/bonding/bond_netlink.c
··· 601 601 if (BOND_MODE(bond) == BOND_MODE_8023AD) { 602 602 struct ad_info info; 603 603 604 - if (nla_put_u16(skb, IFLA_BOND_AD_ACTOR_SYS_PRIO, 605 - bond->params.ad_actor_sys_prio)) 606 - goto nla_put_failure; 604 + if (capable(CAP_NET_ADMIN)) { 605 + if (nla_put_u16(skb, IFLA_BOND_AD_ACTOR_SYS_PRIO, 606 + bond->params.ad_actor_sys_prio)) 607 + goto nla_put_failure; 607 608 608 - if (nla_put_u16(skb, IFLA_BOND_AD_USER_PORT_KEY, 609 - bond->params.ad_user_port_key)) 610 - goto nla_put_failure; 609 + if (nla_put_u16(skb, IFLA_BOND_AD_USER_PORT_KEY, 610 + bond->params.ad_user_port_key)) 611 + goto nla_put_failure; 611 612 612 - if (nla_put(skb, IFLA_BOND_AD_ACTOR_SYSTEM, 613 - sizeof(bond->params.ad_actor_system), 614 - &bond->params.ad_actor_system)) 615 - goto nla_put_failure; 616 - 613 + if (nla_put(skb, IFLA_BOND_AD_ACTOR_SYSTEM, 614 + sizeof(bond->params.ad_actor_system), 615 + &bond->params.ad_actor_system)) 616 + goto nla_put_failure; 617 + } 617 618 if (!bond_3ad_get_active_agg_info(bond, &info)) { 618 619 struct nlattr *nest; 619 620
+50 -45
drivers/net/bonding/bond_procfs.c
··· 135 135 bond->params.ad_select); 136 136 seq_printf(seq, "Aggregator selection policy (ad_select): %s\n", 137 137 optval->string); 138 - seq_printf(seq, "System priority: %d\n", 139 - BOND_AD_INFO(bond).system.sys_priority); 140 - seq_printf(seq, "System MAC address: %pM\n", 141 - &BOND_AD_INFO(bond).system.sys_mac_addr); 138 + if (capable(CAP_NET_ADMIN)) { 139 + seq_printf(seq, "System priority: %d\n", 140 + BOND_AD_INFO(bond).system.sys_priority); 141 + seq_printf(seq, "System MAC address: %pM\n", 142 + &BOND_AD_INFO(bond).system.sys_mac_addr); 142 143 143 - if (__bond_3ad_get_active_agg_info(bond, &ad_info)) { 144 - seq_printf(seq, "bond %s has no active aggregator\n", 145 - bond->dev->name); 146 - } else { 147 - seq_printf(seq, "Active Aggregator Info:\n"); 144 + if (__bond_3ad_get_active_agg_info(bond, &ad_info)) { 145 + seq_printf(seq, 146 + "bond %s has no active aggregator\n", 147 + bond->dev->name); 148 + } else { 149 + seq_printf(seq, "Active Aggregator Info:\n"); 148 150 149 - seq_printf(seq, "\tAggregator ID: %d\n", 150 - ad_info.aggregator_id); 151 - seq_printf(seq, "\tNumber of ports: %d\n", 152 - ad_info.ports); 153 - seq_printf(seq, "\tActor Key: %d\n", 154 - ad_info.actor_key); 155 - seq_printf(seq, "\tPartner Key: %d\n", 156 - ad_info.partner_key); 157 - seq_printf(seq, "\tPartner Mac Address: %pM\n", 158 - ad_info.partner_system); 151 + seq_printf(seq, "\tAggregator ID: %d\n", 152 + ad_info.aggregator_id); 153 + seq_printf(seq, "\tNumber of ports: %d\n", 154 + ad_info.ports); 155 + seq_printf(seq, "\tActor Key: %d\n", 156 + ad_info.actor_key); 157 + seq_printf(seq, "\tPartner Key: %d\n", 158 + ad_info.partner_key); 159 + seq_printf(seq, "\tPartner Mac Address: %pM\n", 160 + ad_info.partner_system); 161 + } 159 162 } 160 163 } 161 164 } ··· 202 199 seq_printf(seq, "Partner Churned Count: %d\n", 203 200 port->churn_partner_count); 204 201 205 - seq_puts(seq, "details actor lacp pdu:\n"); 206 - seq_printf(seq, " system priority: %d\n", 207 - port->actor_system_priority); 208 - seq_printf(seq, " system mac address: %pM\n", 209 - &port->actor_system); 210 - seq_printf(seq, " port key: %d\n", 211 - port->actor_oper_port_key); 212 - seq_printf(seq, " port priority: %d\n", 213 - port->actor_port_priority); 214 - seq_printf(seq, " port number: %d\n", 215 - port->actor_port_number); 216 - seq_printf(seq, " port state: %d\n", 217 - port->actor_oper_port_state); 202 + if (capable(CAP_NET_ADMIN)) { 203 + seq_puts(seq, "details actor lacp pdu:\n"); 204 + seq_printf(seq, " system priority: %d\n", 205 + port->actor_system_priority); 206 + seq_printf(seq, " system mac address: %pM\n", 207 + &port->actor_system); 208 + seq_printf(seq, " port key: %d\n", 209 + port->actor_oper_port_key); 210 + seq_printf(seq, " port priority: %d\n", 211 + port->actor_port_priority); 212 + seq_printf(seq, " port number: %d\n", 213 + port->actor_port_number); 214 + seq_printf(seq, " port state: %d\n", 215 + port->actor_oper_port_state); 218 216 219 - seq_puts(seq, "details partner lacp pdu:\n"); 220 - seq_printf(seq, " system priority: %d\n", 221 - port->partner_oper.system_priority); 222 - seq_printf(seq, " system mac address: %pM\n", 223 - &port->partner_oper.system); 224 - seq_printf(seq, " oper key: %d\n", 225 - port->partner_oper.key); 226 - seq_printf(seq, " port priority: %d\n", 227 - port->partner_oper.port_priority); 228 - seq_printf(seq, " port number: %d\n", 229 - port->partner_oper.port_number); 230 - seq_printf(seq, " port state: %d\n", 231 - port->partner_oper.port_state); 217 + seq_puts(seq, "details partner lacp pdu:\n"); 218 + seq_printf(seq, " system priority: %d\n", 219 + port->partner_oper.system_priority); 220 + seq_printf(seq, " system mac address: %pM\n", 221 + &port->partner_oper.system); 222 + seq_printf(seq, " oper key: %d\n", 223 + port->partner_oper.key); 224 + seq_printf(seq, " port priority: %d\n", 225 + port->partner_oper.port_priority); 226 + seq_printf(seq, " port number: %d\n", 227 + port->partner_oper.port_number); 228 + seq_printf(seq, " port state: %d\n", 229 + port->partner_oper.port_state); 230 + } 232 231 } else { 233 232 seq_puts(seq, "Aggregator ID: N/A\n"); 234 233 }
+6 -6
drivers/net/bonding/bond_sysfs.c
··· 549 549 int count = 0; 550 550 struct bonding *bond = to_bond(d); 551 551 552 - if (BOND_MODE(bond) == BOND_MODE_8023AD) { 552 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) { 553 553 struct ad_info ad_info; 554 554 count = sprintf(buf, "%d\n", 555 555 bond_3ad_get_active_agg_info(bond, &ad_info) ··· 569 569 int count = 0; 570 570 struct bonding *bond = to_bond(d); 571 571 572 - if (BOND_MODE(bond) == BOND_MODE_8023AD) { 572 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) { 573 573 struct ad_info ad_info; 574 574 count = sprintf(buf, "%d\n", 575 575 bond_3ad_get_active_agg_info(bond, &ad_info) ··· 589 589 int count = 0; 590 590 struct bonding *bond = to_bond(d); 591 591 592 - if (BOND_MODE(bond) == BOND_MODE_8023AD) { 592 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) { 593 593 struct ad_info ad_info; 594 594 if (!bond_3ad_get_active_agg_info(bond, &ad_info)) 595 595 count = sprintf(buf, "%pM\n", ad_info.partner_system); ··· 698 698 { 699 699 struct bonding *bond = to_bond(d); 700 700 701 - if (BOND_MODE(bond) == BOND_MODE_8023AD) 701 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) 702 702 return sprintf(buf, "%hu\n", bond->params.ad_actor_sys_prio); 703 703 704 704 return 0; ··· 712 712 { 713 713 struct bonding *bond = to_bond(d); 714 714 715 - if (BOND_MODE(bond) == BOND_MODE_8023AD) 715 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) 716 716 return sprintf(buf, "%pM\n", bond->params.ad_actor_system); 717 717 718 718 return 0; ··· 727 727 { 728 728 struct bonding *bond = to_bond(d); 729 729 730 - if (BOND_MODE(bond) == BOND_MODE_8023AD) 730 + if (BOND_MODE(bond) == BOND_MODE_8023AD && capable(CAP_NET_ADMIN)) 731 731 return sprintf(buf, "%hu\n", bond->params.ad_user_port_key); 732 732 733 733 return 0;