cxgb3: Use CAP_SYS_RAWIO for firmware

Otherwise theoretically at least

	CAP_NET_ADMIN
	Reload new firmware
	Wait..
	Firmware patches kernel

So it should be CAY_SYS_RAWIO - not that I suspect this is in fact a
credible attack vector!

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

diff --git a/drivers/net/cxgb3/cxgb3_main.c b/drivers/net/cxgb3/cxgb3_main.c
index 05e5f59e87fa56f2e71f359f0a312ba446bdae5b..ce949d5fae3907e628d3315afc51089459b3a843 100644 (file)
--- a/drivers/net/cxgb3/cxgb3_main.c
+++ b/drivers/net/cxgb3/cxgb3_main.c
@@ -1894,11 +1894,11 @@ static int cxgb_extension_ioctl(struct net_device *dev, void __user *useraddr)
                u8 *fw_data;
                struct ch_mem_range t;
 
-               if (!capable(CAP_NET_ADMIN))
+               if (!capable(CAP_SYS_RAWIO))
                        return -EPERM;
                if (copy_from_user(&t, useraddr, sizeof(t)))
                        return -EFAULT;
-
+               /* Check t.len sanity ? */
                fw_data = kmalloc(t.len, GFP_KERNEL);
                if (!fw_data)
                        return -ENOMEM;