rtnetlink: add restricted rtnl groups for ipv4 and ipv6 mroute

Add RTNLGRP_{IPV4,IPV6}_MROUTE_R as two new restricted groups for the NETLINK_ROUTE family. Binding to these groups specifically requires CAP_NET_ADMIN to allow multicast of sensitive messages (e.g. mroute cache reports). Suggested-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: Julien Gomes <julien@arista.com> Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Julien Gomes <julien@arista.com> 2017-06-20 23:54:16 +0300
committer: David S. Miller <davem@davemloft.net> 2017-06-21 18:22:52 +0300
commit: 5f729eaabef9308cfaa4b27c9b3f120253eff79b (patch)
tree: d50fbf36c771f509c2aa915a20f09e0c143f2598 /include/uapi/linux/rtnetlink.h
parent: 94df30a6521becea7fda16f2c12ff9a01cac1da7 (diff)
download: linux-5f729eaabef9308cfaa4b27c9b3f120253eff79b.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h
index cd1afb900929..d148505010a7 100644
--- a/include/uapi/linux/rtnetlink.h
+++ b/include/uapi/linux/rtnetlink.h
@@ -669,6 +669,10 @@ enum rtnetlink_groups {
 #define RTNLGRP_NSID		RTNLGRP_NSID
 	RTNLGRP_MPLS_NETCONF,
 #define RTNLGRP_MPLS_NETCONF	RTNLGRP_MPLS_NETCONF
+	RTNLGRP_IPV4_MROUTE_R,
+#define RTNLGRP_IPV4_MROUTE_R	RTNLGRP_IPV4_MROUTE_R
+	RTNLGRP_IPV6_MROUTE_R,
+#define RTNLGRP_IPV6_MROUTE_R	RTNLGRP_IPV6_MROUTE_R
 	__RTNLGRP_MAX
 };
 #define RTNLGRP_MAX	(__RTNLGRP_MAX - 1)
author	Julien Gomes <julien@arista.com>	2017-06-20 23:54:16 +0300
committer	David S. Miller <davem@davemloft.net>	2017-06-21 18:22:52 +0300
commit	5f729eaabef9308cfaa4b27c9b3f120253eff79b (patch)
tree	d50fbf36c771f509c2aa915a20f09e0c143f2598 /include/uapi/linux/rtnetlink.h
parent	94df30a6521becea7fda16f2c12ff9a01cac1da7 (diff)
download	linux-5f729eaabef9308cfaa4b27c9b3f120253eff79b.tar.xz