Eric W. Biederman 90f62cf30a net: Use netlink_ns_capable to verify the permisions of netlink messages ... It is possible by passing a netlink socket to a more privileged executable and then to fool that executable into writing to the socket data that happens to be valid netlink message to do something that privileged executable did not intend to do. To keep this from happening replace bare capable and ns_capable calls with netlink_capable, netlink_net_calls and netlink_ns_capable calls. Which act the same as the previous calls except they verify that the opener of the socket had the desired permissions as well. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2014-04-24 13:44:54 -04:00
..
asymmetric_keys	Revert "KEYS: verify a certificate is signed by a 'trusted' key"	2013-11-23 16:38:17 -08:00
async_tx
842.c
ablk_helper.c
ablkcipher.c
aead.c
aes_generic.c
af_alg.c
ahash.c	crypto: hash - Simplify the ahash_finup implementation	2014-03-21 21:54:22 +08:00
algapi.c
algboss.c
algif_hash.c	net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST	2013-11-29 16:32:54 -05:00
algif_skcipher.c	net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST	2013-11-29 16:32:54 -05:00
ansi_cprng.c
anubis.c
api.c
arc4.c
authenc.c	crypto: authenc - Find proper IV address in ablkcipher callback	2013-11-28 22:16:23 +08:00
authencesn.c
blkcipher.c	crypto: allow blkcipher walks over AEAD data	2014-03-10 20:17:11 +08:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c	crypto: ccm - Fix handling of zero plaintext when computing mac	2013-11-28 22:25:17 +08:00
chainiv.c
cipher.c
cmac.c
compress.c
crc32.c
crc32c_generic.c	CRC32C: Add soft module dependency to load other accelerated crc32c modules	2014-02-25 19:45:04 +08:00
crct10dif_common.c
crct10dif_generic.c
cryptd.c
crypto_null.c	crypto: export NULL algorithms defines	2014-03-21 21:54:26 +08:00
crypto_user.c	net: Use netlink_ns_capable to verify the permisions of netlink messages	2014-04-24 13:44:54 -04:00
crypto_wq.c	crypto: crypto_wq - Fix late crypto work queue initialization	2014-03-21 21:54:28 +08:00
ctr.c
cts.c
deflate.c
des_generic.c
ecb.c
eseqiv.c
fcrypt.c
fips.c
gcm.c
gf128mul.c
ghash-generic.c
hash_info.c
hmac.c
internal.h
Kconfig	crypto: sha - SHA1 transform x86_64 AVX2	2014-03-21 21:54:30 +08:00
khazad.c
krng.c
lrw.c
lz4.c
lz4hc.c
lzo.c
Makefile	CRC32C: Add soft module dependency to load other accelerated crc32c modules	2014-02-25 19:45:04 +08:00
md4.c
md5.c
memneq.c	crypto: memneq - fix for archs without efficient unaligned access	2013-12-09 20:09:12 +08:00
michael_mic.c
pcbc.c
pcompress.c
pcrypt.c	crypto: pcrypt - Fix wrong usage of rcu_dereference()	2013-12-05 21:28:42 +08:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c
salsa20_generic.c
scatterwalk.c
seed.c
seqiv.c
serpent_generic.c
sha1_generic.c
sha256_generic.c
sha512_generic.c
shash.c
tcrypt.c	crypto: testmgr - add aead null encryption test vectors	2014-03-21 21:54:27 +08:00
tcrypt.h	crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite	2013-12-20 20:06:25 +08:00
tea.c
testmgr.c	crypto: testmgr - add aead null encryption test vectors	2014-03-21 21:54:27 +08:00
testmgr.h	crypto: testmgr - add aead null encryption test vectors	2014-03-21 21:54:27 +08:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
zlib.c