unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../net
History
Eric W. Biederman c027aab4a6 net: Enable some sysctls that are safe for the userns root 
- Enable the per device ipv4 sysctls:
   net/ipv4/conf/<if>/forwarding
   net/ipv4/conf/<if>/mc_forwarding
   net/ipv4/conf/<if>/accept_redirects
   net/ipv4/conf/<if>/secure_redirects
   net/ipv4/conf/<if>/shared_media
   net/ipv4/conf/<if>/rp_filter
   net/ipv4/conf/<if>/send_redirects
   net/ipv4/conf/<if>/accept_source_route
   net/ipv4/conf/<if>/accept_local
   net/ipv4/conf/<if>/src_valid_mark
   net/ipv4/conf/<if>/proxy_arp
   net/ipv4/conf/<if>/medium_id
   net/ipv4/conf/<if>/bootp_relay
   net/ipv4/conf/<if>/log_martians
   net/ipv4/conf/<if>/tag
   net/ipv4/conf/<if>/arp_filter
   net/ipv4/conf/<if>/arp_announce
   net/ipv4/conf/<if>/arp_ignore
   net/ipv4/conf/<if>/arp_accept
   net/ipv4/conf/<if>/arp_notify
   net/ipv4/conf/<if>/proxy_arp_pvlan
   net/ipv4/conf/<if>/disable_xfrm
   net/ipv4/conf/<if>/disable_policy
   net/ipv4/conf/<if>/force_igmp_version
   net/ipv4/conf/<if>/promote_secondaries
   net/ipv4/conf/<if>/route_localnet

- Enable the global ipv4 sysctl:
   net/ipv4/ip_forward

- Enable the per device ipv6 sysctls:
   net/ipv6/conf/<if>/forwarding
   net/ipv6/conf/<if>/hop_limit
   net/ipv6/conf/<if>/mtu
   net/ipv6/conf/<if>/accept_ra
   net/ipv6/conf/<if>/accept_redirects
   net/ipv6/conf/<if>/autoconf
   net/ipv6/conf/<if>/dad_transmits
   net/ipv6/conf/<if>/router_solicitations
   net/ipv6/conf/<if>/router_solicitation_interval
   net/ipv6/conf/<if>/router_solicitation_delay
   net/ipv6/conf/<if>/force_mld_version
   net/ipv6/conf/<if>/use_tempaddr
   net/ipv6/conf/<if>/temp_valid_lft
   net/ipv6/conf/<if>/temp_prefered_lft
   net/ipv6/conf/<if>/regen_max_retry
   net/ipv6/conf/<if>/max_desync_factor
   net/ipv6/conf/<if>/max_addresses
   net/ipv6/conf/<if>/accept_ra_defrtr
   net/ipv6/conf/<if>/accept_ra_pinfo
   net/ipv6/conf/<if>/accept_ra_rtr_pref
   net/ipv6/conf/<if>/router_probe_interval
   net/ipv6/conf/<if>/accept_ra_rt_info_max_plen
   net/ipv6/conf/<if>/proxy_ndp
   net/ipv6/conf/<if>/accept_source_route
   net/ipv6/conf/<if>/optimistic_dad
   net/ipv6/conf/<if>/mc_forwarding
   net/ipv6/conf/<if>/disable_ipv6
   net/ipv6/conf/<if>/accept_dad
   net/ipv6/conf/<if>/force_tllao

- Enable the global ipv6 sysctls:
   net/ipv6/bindv6only
   net/ipv6/icmp/ratelimit

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-18 20:33:00 -05:00
..
9p
802
8021q net: Allow the userns root to control vlans. 2012-11-18 20:33:00 -05:00
appletalk
atm
ax25
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
bridge net: Allow userns root to control the network bridge code. 2012-11-18 20:33:00 -05:00
caif
can net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2012-10-29 08:49:25 -07:00
core net: Allow userns root control of the core of the network stack. 2012-11-18 20:32:45 -05:00
dcb net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
dccp tcp: better retrans tracking for defer-accept 2012-11-03 14:45:00 -04:00
decnet net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
dns_resolver
dsa
ethernet
ieee802154
ipv4 net: Enable some sysctls that are safe for the userns root 2012-11-18 20:33:00 -05:00
ipv6 net: Enable some sysctls that are safe for the userns root 2012-11-18 20:33:00 -05:00
ipx
irda
iucv
key net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-10 18:32:51 -05:00
lapb
llc net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
mac802154
netfilter net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
netlabel
netlink net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
netrom
nfc NFC: Extend netlink interface for LTO, RW, and MIUX parameters support 2012-10-29 00:25:11 +01:00
openvswitch
packet net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
phonet net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
rds
rfkill
rose
rxrpc
sched net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
sctp sctp: use bitmap_weight 2012-11-17 22:01:18 -05:00
sunrpc SUNRPC: return proper errno from backchannel_rqst 2012-11-01 11:50:53 -04:00
tipc tipc: do not use tasklet_disable before tasklet_kill 2012-11-03 15:10:14 -04:00
unix net: Don't export sysctls to unprivileged users 2012-11-18 20:30:55 -05:00
wanrouter
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
x25
xfrm net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
compat.c
Kconfig
Makefile ipv6: Preserve ipv6 functionality needed by NET 2012-11-18 02:34:00 -05:00
nonet.c
socket.c cgroup: net_cls: Rework update socket logic 2012-10-26 03:40:51 -04:00
sysctl_net.c user_ns: get rid of duplicate code in net_ctl_permissions 2012-11-18 20:32:45 -05:00