www.infradead.org Git - users/dwmw2/linux.git/commit

author	Willem de Bruijn <willemb@google.com>
	Tue, 4 Feb 2025 16:10:06 +0000 (11:10 -0500)
committer	Jakub Kicinski <kuba@kernel.org>
	Thu, 6 Feb 2025 02:22:11 +0000 (18:22 -0800)
commit	a70c7b3cbc0688016810bb2e0b9b8a0d6a530045
tree	66661df4c4d0df631c14a80c98d344fd81f7f71e	tree
parent	02b71dc1159095f54458a68a7bd4bc065d877135	commit \| diff

tun: revert fix group permission check

This reverts commit 3ca459eaba1bf96a8c7878de84fa8872259a01e3.

The blamed commit caused a regression when neither tun->owner nor
tun->group is set. This is intended to be allowed, but now requires
CAP_NET_ADMIN.

Discussion in the referenced thread pointed out that the original
issue that prompted this patch can be resolved in userspace.

The relaxed access control may also make a device accessible when it
previously wasn't, while existing users may depend on it to not be.

This is a clean pure git revert, except for fixing the indentation on
the gid_valid line that checkpatch correctly flagged.

Fixes: 3ca459eaba1b ("tun: fix group permission check")
Link: https://lore.kernel.org/netdev/CAFqZXNtkCBT4f+PwyVRmQGoT3p1eVa01fCG_aNtpt6dakXncUg@mail.gmail.com/
Signed-off-by: Willem de Bruijn <willemb@google.com>
Cc: Ondrej Mosnacek <omosnace@redhat.com>
Cc: Stas Sergeev <stsp2@yandex.ru>
Link: https://patch.msgid.link/20250204161015.739430-1-willemdebruijn.kernel@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>