projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8039371) | patch
net: openvswitch: allow conntrack in non-initial user namespace
authorMichael Weiß <michael.weiss@aisec.fraunhofer.de>
Fri, 23 Sep 2022 13:38:20 +0000 (15:38 +0200)
committerPaolo Abeni <pabeni@redhat.com>
Tue, 27 Sep 2022 09:31:36 +0000 (11:31 +0200)
commit59cd7377660a76780bfdd9fd26da058bcca5320d
tree30e1132a7877b5b0ba315cdfb4c16f5edc54ecf0tree
parent8039371847174ff37dc3d02e83cd789dbb6140b0commit | diff
net: openvswitch: allow conntrack in non-initial user namespace

Similar to the previous commit, the Netlink interface of the OVS
conntrack module was restricted to global CAP_NET_ADMIN by using
GENL_ADMIN_PERM. This is changed to GENL_UNS_ADMIN_PERM to support
unprivileged containers in non-initial user namespace.

Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
net/openvswitch/conntrack.c diff | blob | history
MicroBlaze GIT Repository