superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Linux kernel source tree
1,337,858 Commits
1 Branch
911 Tags
8.2 GiB
C 97.1%
Assembly 1%
Shell 0.6%
Rust 0.4%
Python 0.4%
Other 0.3%
 
 
 
 
 
 
Go to file
Matthieu Baerts (NGI0) 0d7336f8f0 tcp: ulp: diag: more info without CAP_NET_ADMIN 
When introduced in commit 61723b3932 ("tcp: ulp: add functions to dump
ulp-specific information"), the whole ULP diag info has been exported
only if the requester had CAP_NET_ADMIN.

It looks like not everything is sensitive, and some info can be exported
to all users in order to ease the debugging from the userspace side
without requiring additional capabilities. Each layer should then decide
what can be exposed to everybody. The 'net_admin' boolean is then passed
to the different layers.

On kTLS side, it looks like there is nothing sensitive there: version,
cipher type, tx/rx user config type, plus some flags. So, only some
metadata about the configuration, no cryptographic info like keys, etc.
Then, everything can be exported to all users.

On MPTCP side, that's different. The MPTCP-related sequence numbers per
subflow should certainly not be exposed to everybody. For example, the
DSS mapping and ssn_offset would give all users on the system access to
narrow ranges of values for the subflow TCP sequence numbers and
MPTCP-level DSNs, and then ease packet injection. The TCP diag interface
doesn't expose the TCP sequence numbers for TCP sockets, so best to do
the same here. The rest -- token, IDs, flags -- can be exported to
everybody.

Acked-by: Mat Martineau <martineau@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Link: https://patch.msgid.link/20250306-net-next-tcp-ulp-diag-net-admin-v1-2-06afdd860fc9@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2025-03-07 19:39:53 -08:00
Documentation dt-bindings: net: Add support for Sophgo SG2044 dwmac 2025-03-07 19:06:36 -08:00
LICENSES LICENSES: add 0BSD license text 2024-09-01 20:43:24 -07:00
arch Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-06 13:03:35 -08:00
block block-6.14-20250228 2025-02-28 09:43:46 -08:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
drivers eth: fbnic: support ring size configuration 2025-03-07 19:37:37 -08:00
fs Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-06 13:03:35 -08:00
include tcp: ulp: diag: more info without CAP_NET_ADMIN 2025-03-07 19:39:53 -08:00
init Kbuild updates for v6.14 2025-01-31 12:07:07 -08:00
io_uring Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-06 13:03:35 -08:00
ipc treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
kernel bpf: fix a possible NULL deref in bpf_map_offload_map_alloc() 2025-03-07 19:09:39 -08:00
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-06 13:03:35 -08:00
mm arm64 fixes for -rc5 2025-03-01 13:44:51 -08:00
net tcp: ulp: diag: more info without CAP_NET_ADMIN 2025-03-07 19:39:53 -08:00
rust Driver core api addition for 6.14-rc3 2025-02-16 12:54:42 -08:00
samples Driver core api addition for 6.14-rc3 2025-02-16 12:54:42 -08:00
scripts coccinelle: Add missing (GE)NL_SET_ERR_MSG_* to strings ending with newline test 2025-02-27 18:11:37 -08:00
security Landlock fix for v6.14-rc5 2025-02-26 11:55:44 -08:00
sound ASoC: Fixes for v6.14 2025-02-26 15:00:25 +01:00
tools bpf-next-for-netdev 2025-03-07 19:08:49 -08:00
usr kbuild: Drop support for include/asm-<arch> in headers_check.pl 2024-12-21 11:43:17 +09:00
virt KVM: remove kvm_arch_post_init_vm 2025-02-04 11:27:45 -05:00
.clang-format clang-format: Update with v6.11-rc1's `for_each` macro list 2024-08-02 13:20:31 +02:00
.clippy.toml rust: give Clippy the minimum supported Rust version 2025-01-10 00:17:25 +01:00
.cocciconfig
.editorconfig .editorconfig: remove trim_trailing_whitespace option 2024-06-13 16:47:52 +02:00
.get_maintainer.ignore MAINTAINERS: Retire Ralf Baechle 2024-11-12 15:48:59 +01:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore rust: use host dylib naming convention to support macOS 2025-01-10 01:01:24 +01:00
.mailmap We have been notified of a TLS regression that will be addressed 2025-03-06 09:34:54 -10:00
.rustfmt.toml
COPYING
CREDITS MAINTAINERS: Move Pavel to kernel.org address 2025-02-07 09:12:33 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig
MAINTAINERS Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-06 13:03:35 -08:00
Makefile Linux 6.14-rc5 2025-03-02 11:48:20 -08:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.