Normal users not suppose to need/have access to the transport
connection reset.
Orabug:
25393611
Reviewed-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
char __user *optval, unsigned int optlen)
{
struct rds_sock *rs = rds_sk_to_rs(sock->sk);
+ struct net *net = sock_net(sock->sk);
int ret;
if (level != SOL_RDS) {
ret = rds_cong_monitor(rs, optval, optlen);
break;
case RDS_CONN_RESET:
+ if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) {
+ ret = -EACCES;
+ break;
+ }
ret = rds_user_reset(rs, optval, optlen);
break;
case SO_RDS_TRANSPORT: