| Message ID | 20210922115656.97723-1-cascardo@canonical.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Marcel Holtmann |
| Headers | show |
| Series | Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc | expand |
| Context | Check | Description |
|---|---|---|
| tedd_an/checkpatch | success | Checkpatch PASS |
| tedd_an/gitlint | fail | Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc 2: B4 Second line is not empty: "virtual controller by using PTYs." |
| tedd_an/buildkernel | success | Build Kernel PASS |
| tedd_an/testrunnersetup | success | Test Runner Setup PASS |
| tedd_an/testrunnerl2cap-tester | success | Total: 40, Passed: 40 (100.0%), Failed: 0, Not Run: 0 |
| tedd_an/testrunnerbnep-tester | success | Total: 1, Passed: 1 (100.0%), Failed: 0, Not Run: 0 |
| tedd_an/testrunnermgmt-tester | success | Total: 452, Passed: 452 (100.0%), Failed: 0, Not Run: 0 |
| tedd_an/testrunnerrfcomm-tester | success | Total: 9, Passed: 9 (100.0%), Failed: 0, Not Run: 0 |
| tedd_an/testrunnersmp-tester | success | Total: 8, Passed: 8 (100.0%), Failed: 0, Not Run: 0 |
| tedd_an/testrunneruserchan-tester | success | Total: 4, Passed: 4 (100.0%), Failed: 0, Not Run: 0 |
This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=550945 ---Test result--- Test Summary: CheckPatch PASS 1.57 seconds GitLint FAIL 0.94 seconds BuildKernel PASS 666.33 seconds TestRunner: Setup PASS 433.65 seconds TestRunner: l2cap-tester PASS 3.49 seconds TestRunner: bnep-tester PASS 2.61 seconds TestRunner: mgmt-tester PASS 34.14 seconds TestRunner: rfcomm-tester PASS 2.83 seconds TestRunner: smp-tester PASS 2.92 seconds TestRunner: userchan-tester PASS 2.66 seconds Details ############################## Test: GitLint - FAIL - 0.94 seconds Run gitlint with rule in .gitlint Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc 2: B4 Second line is not empty: "virtual controller by using PTYs." --- Regards, Linux Bluetooth
Hi Thadeu, > Any unprivileged user can attach N_HCI ldisc and send packets coming from a > virtual controller by using PTYs. > > Require initial namespace CAP_NET_ADMIN to do that. > > Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> > --- > drivers/bluetooth/hci_ldisc.c | 3 +++ > 1 file changed, 3 insertions(+) patch has been applied to bluetooth-next tree. Regards Marcel
diff --git a/drivers/bluetooth/hci_ldisc.c b/drivers/bluetooth/hci_ldisc.c index 5ed2cfa7da1d..5e32e4d5367a 100644 --- a/drivers/bluetooth/hci_ldisc.c +++ b/drivers/bluetooth/hci_ldisc.c @@ -479,6 +479,9 @@ static int hci_uart_tty_open(struct tty_struct *tty) BT_DBG("tty %p", tty); + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + /* Error if the tty has no write op instead of leaving an exploitable * hole */
Any unprivileged user can attach N_HCI ldisc and send packets coming from a virtual controller by using PTYs. Require initial namespace CAP_NET_ADMIN to do that. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> --- drivers/bluetooth/hci_ldisc.c | 3 +++ 1 file changed, 3 insertions(+)