X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=datapath%2Fbrcompat.c;h=2113eae0f7a39fed65128a8bb6fcf56fa1ab749d;hb=5cc6f314d9eab7975ddaf3dd89366aaf54c234e1;hp=b7fb6f8726514b42c2091e930aa3f1c45f2eac24;hpb=a0bc29a541fc7dc6e20137d5558e2094d614e6ab;p=sliver-openvswitch.git

diff --git a/datapath/brcompat.c b/datapath/brcompat.c
index b7fb6f872..2113eae0f 100644
--- a/datapath/brcompat.c
+++ b/datapath/brcompat.c
@@ -6,6 +6,8 @@
  * kernel, by Linus Torvalds and others.
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/kernel.h>
 #include <asm/uaccess.h>
 #include <linux/completion.h>
@@ -42,8 +44,8 @@ static u32 brc_seq;		     /* Sequence number for current op. */
 static struct sk_buff *brc_send_command(struct sk_buff *, struct nlattr **attrs);
 static int brc_send_simple_command(struct sk_buff *);
 
-static struct sk_buff *
-brc_make_request(int op, const char *bridge, const char *port)
+static struct sk_buff *brc_make_request(int op, const char *bridge,
+					const char *port)
 {
 	struct sk_buff *skb = genlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
 	if (!skb)
@@ -82,6 +84,9 @@ static int brc_add_del_bridge(char __user *uname, int add)
 	struct sk_buff *request;
 	char name[IFNAMSIZ];
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	if (copy_from_user(name, uname, IFNAMSIZ))
 		return -EFAULT;
 
@@ -146,8 +151,7 @@ static int brc_get_bridges(int __user *uindices, int n)
 }
 
 /* Legacy deviceless bridge ioctl's.  Called with br_ioctl_mutex. */
-static int
-old_deviceless(void __user *uarg)
+static int old_deviceless(void __user *uarg)
 {
 	unsigned long args[3];
 
@@ -189,13 +193,15 @@ brc_ioctl_deviceless_stub(struct net *net, unsigned int cmd, void __user *uarg)
 	return -EOPNOTSUPP;
 }
 
-static int
-brc_add_del_port(struct net_device *dev, int port_ifindex, int add)
+static int brc_add_del_port(struct net_device *dev, int port_ifindex, int add)
 {
 	struct sk_buff *request;
 	struct net_device *port;
 	int err;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	port = __dev_get_by_index(&init_net, port_ifindex);
 	if (!port)
 		return -EINVAL;
@@ -214,8 +220,8 @@ brc_add_del_port(struct net_device *dev, int port_ifindex, int add)
 	return err;
 }
 
-static int
-brc_get_bridge_info(struct net_device *dev, struct __bridge_info __user *ub)
+static int brc_get_bridge_info(struct net_device *dev,
+			       struct __bridge_info __user *ub)
 {
 	struct __bridge_info b;
 	u64 id = 0;
@@ -234,8 +240,8 @@ brc_get_bridge_info(struct net_device *dev, struct __bridge_info __user *ub)
 	return 0;
 }
 
-static int
-brc_get_port_list(struct net_device *dev, int __user *uindices, int num)
+static int brc_get_port_list(struct net_device *dev, int __user *uindices,
+			     int num)
 {
 	int retval;
 
@@ -254,7 +260,7 @@ brc_get_port_list(struct net_device *dev, int __user *uindices, int num)
  *            (limited to a page for sanity)
  * offset  -- number of records to skip
  */
-static int brc_get_fdb_entries(struct net_device *dev, void __user *userbuf, 
+static int brc_get_fdb_entries(struct net_device *dev, void __user *userbuf,
 			       unsigned long maxnum, unsigned long offset)
 {
 	struct nlattr *attrs[BRC_GENL_A_MAX + 1];
@@ -306,8 +312,7 @@ nla_put_failure:
 }
 
 /* Legacy ioctl's through SIOCDEVPRIVATE.  Called with rtnl_lock. */
-static int
-old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
+static int old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
 {
 	unsigned long args[4];
 
@@ -335,8 +340,7 @@ old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
 }
 
 /* Called with the rtnl_lock. */
-static int
-brc_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
+static int brc_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
 {
 	int err;
 
@@ -374,7 +378,7 @@ static int brc_genl_query(struct sk_buff *skb, struct genl_info *info)
 	void *data;
 
 	ans_skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
-	if (!ans_skb) 
+	if (!ans_skb)
 		return -ENOMEM;
 
 	data = genlmsg_put_reply(ans_skb, info, &brc_genl_family,
@@ -413,8 +417,7 @@ static struct nla_policy brc_genl_policy[BRC_GENL_A_MAX + 1] = {
 	[BRC_GENL_A_FDB_DATA] = { .type = NLA_UNSPEC },
 };
 
-static int
-brc_genl_dp_result(struct sk_buff *skb, struct genl_info *info)
+static int brc_genl_dp_result(struct sk_buff *skb, struct genl_info *info)
 {
 	unsigned long int flags;
 	int err;
@@ -430,8 +433,7 @@ brc_genl_dp_result(struct sk_buff *skb, struct genl_info *info)
 	if (brc_seq == info->snd_seq) {
 		brc_seq++;
 
-		if (brc_reply)
-			kfree_skb(brc_reply);
+		kfree_skb(brc_reply);
 		brc_reply = skb;
 
 		complete(&brc_done);
@@ -461,7 +463,8 @@ static struct genl_ops brc_genl_ops_set_proc = {
 	.dumpit = NULL
 };
 
-static struct sk_buff *brc_send_command(struct sk_buff *request, struct nlattr **attrs)
+static struct sk_buff *brc_send_command(struct sk_buff *request,
+					struct nlattr **attrs)
 {
 	unsigned long int flags;
 	struct sk_buff *reply;
@@ -486,7 +489,7 @@ static struct sk_buff *brc_send_command(struct sk_buff *request, struct nlattr *
 	/* Wait for reply. */
 	error = -ETIMEDOUT;
 	if (!wait_for_completion_timeout(&brc_done, BRC_TIMEOUT)) {
-		printk(KERN_WARNING "brcompat: timed out waiting for userspace\n");
+		pr_warn("timed out waiting for userspace\n");
 		goto error;
     }
 
@@ -511,8 +514,7 @@ error:
 	return ERR_PTR(error);
 }
 
-static int 
-__init brc_init(void)
+static int __init brc_init(void)
 {
 	int err;
 
@@ -536,15 +538,15 @@ __init brc_init(void)
 		goto error;
 
 	err = genl_register_ops(&brc_genl_family, &brc_genl_ops_query_dp);
-	if (err != 0) 
+	if (err != 0)
 		goto err_unregister;
 
 	err = genl_register_ops(&brc_genl_family, &brc_genl_ops_dp_result);
-	if (err != 0) 
+	if (err != 0)
 		goto err_unregister;
 
 	err = genl_register_ops(&brc_genl_family, &brc_genl_ops_set_proc);
-	if (err != 0) 
+	if (err != 0)
 		goto err_unregister;
 
 	strcpy(brc_mc_group.name, "brcompat");
@@ -557,12 +559,11 @@ __init brc_init(void)
 err_unregister:
 	genl_unregister_family(&brc_genl_family);
 error:
-	printk(KERN_EMERG "brcompat: failed to install!");
+	pr_emerg("failed to install!\n");
 	return err;
 }
 
-static void 
-brc_cleanup(void)
+static void brc_cleanup(void)
 {
 	/* Unregister ioctl hooks */
 	dp_ioctl_hook = NULL;