netns: bridge: allow unprivileged users add/delete mdb entry

since the mdb table is belong to bridge device,and the bridge device can only be seen in one netns. So it's safe to allow unprivileged user which is the creator of userns and netns to modify the mdb table. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Gao feng <gaofeng@cn.fujitsu.com> 2013-01-31 16:30:59 (GMT)
committer: David S. Miller <davem@davemloft.net> 2013-02-04 18:12:16 (GMT)
commit: e4d343ea92bdce831f071d9706b2daf097e6d009 (patch)
tree: fa654ed1f6524703d6c0c4dc541c39278333fd4e
parent: bb12b8b26e197b21e3f28d5401bfee6f86a8d633 (diff)
download: linux-fsl-qoriq-e4d343ea92bdce831f071d9706b2daf097e6d009.tar.xz
1 files changed, 0 insertions, 3 deletions
diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c
index acc9f4c..38991e0 100644
--- a/net/bridge/br_mdb.c
+++ b/net/bridge/br_mdb.c
@@ -272,9 +272,6 @@ static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct net_device *dev;
 	int err;
 
-	if (!capable(CAP_NET_ADMIN))
-		return -EPERM;
-
 	err = nlmsg_parse(nlh, sizeof(*bpm), tb, MDBA_SET_ENTRY, NULL);
 	if (err < 0)
 		return err;
author	Gao feng <gaofeng@cn.fujitsu.com>	2013-01-31 16:30:59 (GMT)
committer	David S. Miller <davem@davemloft.net>	2013-02-04 18:12:16 (GMT)
commit	e4d343ea92bdce831f071d9706b2daf097e6d009 (patch)
tree	fa654ed1f6524703d6c0c4dc541c39278333fd4e
parent	bb12b8b26e197b21e3f28d5401bfee6f86a8d633 (diff)
download	linux-fsl-qoriq-e4d343ea92bdce831f071d9706b2daf097e6d009.tar.xz