From: Ido Schimmel <idosch@idosch.org>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, nhorman@tuxdriver.com, jiri@mellanox.com,
toke@redhat.com, dsahern@gmail.com, roopa@cumulusnetworks.com,
nikolay@cumulusnetworks.com, jakub.kicinski@netronome.com,
andy@greyhouse.net, f.fainelli@gmail.com, andrew@lunn.ch,
vivien.didelot@gmail.com, mlxsw@mellanox.com,
Ido Schimmel <idosch@mellanox.com>
Subject: [PATCH net-next v2 04/10] drop_monitor: Require CAP_NET_ADMIN for drop monitor configuration
Date: Sun, 11 Aug 2019 10:35:49 +0300 [thread overview]
Message-ID: <20190811073555.27068-5-idosch@idosch.org> (raw)
In-Reply-To: <20190811073555.27068-1-idosch@idosch.org>
From: Ido Schimmel <idosch@mellanox.com>
Currently, the configure command does not do anything but return an
error. Subsequent patches will enable the command to change various
configuration options such as alert mode and packet truncation.
Similar to other netlink-based configuration channels, make sure only
users with the CAP_NET_ADMIN capability set can execute this command.
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
---
net/core/drop_monitor.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c
index 1cf4988de591..cd2f3069f34e 100644
--- a/net/core/drop_monitor.c
+++ b/net/core/drop_monitor.c
@@ -409,6 +409,7 @@ static const struct genl_ops dropmon_ops[] = {
.cmd = NET_DM_CMD_CONFIG,
.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
.doit = net_dm_cmd_config,
+ .flags = GENL_ADMIN_PERM,
},
{
.cmd = NET_DM_CMD_START,
--
2.21.0
next prev parent reply other threads:[~2019-08-11 7:36 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-11 7:35 [PATCH net-next v2 00/10] drop_monitor: Capture dropped packets and metadata Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 01/10] drop_monitor: Split tracing enable / disable to different functions Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 02/10] drop_monitor: Initialize timer and work item upon tracing enable Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 03/10] drop_monitor: Reset per-CPU data before starting to trace Ido Schimmel
2019-08-11 7:35 ` Ido Schimmel [this message]
2019-08-11 7:35 ` [PATCH net-next v2 05/10] drop_monitor: Add alert mode operations Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 06/10] drop_monitor: Add packet alert mode Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 07/10] drop_monitor: Allow truncation of dropped packets Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 08/10] drop_monitor: Add a command to query current configuration Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 09/10] drop_monitor: Make drop queue length configurable Ido Schimmel
2019-08-11 7:35 ` [PATCH net-next v2 10/10] drop_monitor: Expose tail drop counter Ido Schimmel
2019-08-11 18:57 ` [PATCH net-next v2 00/10] drop_monitor: Capture dropped packets and metadata David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190811073555.27068-5-idosch@idosch.org \
--to=idosch@idosch.org \
--cc=andrew@lunn.ch \
--cc=andy@greyhouse.net \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=f.fainelli@gmail.com \
--cc=idosch@mellanox.com \
--cc=jakub.kicinski@netronome.com \
--cc=jiri@mellanox.com \
--cc=mlxsw@mellanox.com \
--cc=netdev@vger.kernel.org \
--cc=nhorman@tuxdriver.com \
--cc=nikolay@cumulusnetworks.com \
--cc=roopa@cumulusnetworks.com \
--cc=toke@redhat.com \
--cc=vivien.didelot@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox