APPLIED/CMT[F]: [SRU Focal:oem-5.6 1/1] net/nfc/rawsock.c: add CAP_NET_RAW check.

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Tue Oct 6 08:03:42 UTC 2020 

On Tue, Oct 06, 2020 at 09:50:56AM +0200, Kleber Souza wrote:
> Hi Ian,
> 
> Please note that this patch was requested for focal/linux-oem-5.6 and
> not for focal/linux. Cascardo likely noticed that this was already
> queued for a focal/linux upstream stable update and hasn't explicitly
> requested its inclusion.
> 
> 
> Kleber
> 

Yes, that was the case. The triager told me that it was pending on focal/linux,
but needed on focal/linux-oem-5.6.

The stable updates are really useful, they usually bring up lots of CVE fixes.
Sometimes, they are wrong, as have recently happened, and sometimes we have
bugs to track, hence my suggestion recently that we discuss how to deal with
cases like when the stable updates trump our own backports.

Cascardo.

> On 03.10.20 00:50, Ian May wrote:
> > This patch was applied in the following patchset:
> > 
> >         UBUNTU: upstream stable to v5.4.59
> >         BugLink: https://bugs.launchpad.net/bugs/1892417
> > 
> > Thanks!
> > Ian
> > 
> > On 2020-09-29 08:31:39 , Thadeu Lima de Souza Cascardo wrote:
> >> From: Qingyu Li <ieatmuttonchuan at gmail.com>
> >>
> >> When creating a raw AF_NFC socket, CAP_NET_RAW needs to be checked first.
> >>
> >> Signed-off-by: Qingyu Li <ieatmuttonchuan at gmail.com>
> >> Signed-off-by: David S. Miller <davem at davemloft.net>
> >> (cherry picked from commit 26896f01467a28651f7a536143fe5ac8449d4041)
> >> CVE-2020-26088
> >> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
> >> ---
> >>  net/nfc/rawsock.c | 7 +++++--
> >>  1 file changed, 5 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c
> >> index ba5ffd3badd3..b5c867fe3232 100644
> >> --- a/net/nfc/rawsock.c
> >> +++ b/net/nfc/rawsock.c
> >> @@ -332,10 +332,13 @@ static int rawsock_create(struct net *net, struct socket *sock,
> >>  	if ((sock->type != SOCK_SEQPACKET) && (sock->type != SOCK_RAW))
> >>  		return -ESOCKTNOSUPPORT;
> >>  
> >> -	if (sock->type == SOCK_RAW)
> >> +	if (sock->type == SOCK_RAW) {
> >> +		if (!capable(CAP_NET_RAW))
> >> +			return -EPERM;
> >>  		sock->ops = &rawsock_raw_ops;
> >> -	else
> >> +	} else {
> >>  		sock->ops = &rawsock_ops;
> >> +	}
> >>  
> >>  	sk = sk_alloc(net, PF_NFC, GFP_ATOMIC, nfc_proto->proto, kern);
> >>  	if (!sk)
> >> -- 
> >> 2.25.1
> >>
> >>
> >> -- 
> >> kernel-team mailing list
> >> kernel-team at lists.ubuntu.com
> >> https://lists.ubuntu.com/mailman/listinfo/kernel-team
> > 
>

More information about the kernel-team mailing list