diff options
| author | Christoph Lameter <cl@linux.com> | 2016-05-13 10:52:26 -0500 |
|---|---|---|
| committer | Doug Ledford <dledford@redhat.com> | 2016-05-18 10:31:58 -0400 |
| commit | e3b6d8cf8de6d07af9a27c86861edfa5b3290cb6 (patch) | |
| tree | afca4bcdc24a7fd084c6ab0ffef7214d680432b7 /ipc | |
| parent | 04ef0f1a0169a14b8e653af1178524ab4390133f (diff) | |
| download | linux-e3b6d8cf8de6d07af9a27c86861edfa5b3290cb6.tar.gz | |
IB/core: Do not require CAP_NET_ADMIN for packet sniffing
In the Ethernet/TCP world, CAP_NET_RAW is sufficient to allow a program to listen to all incoming packets on a specific interface, and the higher CAP_NET_ADMIN is required to set the interface into promiscuous mode. We want to emulate that same basic division of privilege in the RDMA stack, so when dealing with Raw Ethernet QPs, allow apps with CAP_NET_RAW to listen to all incoming flows (and direct them as they see fit in their own listen stream). Do not require CAP_NET_ADMIN just to listen to traffic already incoming. Reserve CAP_NET_ADMIN if we attempt to set promiscuous mode. Signed-off-by: Christoph Lameter <cl@linux.com> Signed-off-by: Doug Ledford <dledford@redhat.com>
Diffstat (limited to 'ipc')
0 files changed, 0 insertions, 0 deletions