Commit b718342a authored Apr 27, 2026 by Jakub Kicinski

net: psp: require admin permission for dev-set and key-rotate



The dev-set and key-rotate netlink operations modify shared device
state (PSP version configuration and cryptographic key material,
respectively) but do not require CAP_NET_ADMIN. The only access
control is psp_dev_check_access() which merely verifies netns
membership.

Fixes: 00c94ca2 ("psp: base PSP device support")
Reviewed-by: Daniel Zahka <daniel.zahka@gmail.com>
Reviewed-by: Willem de Bruijn <willemb@google.com>
Link: https://patch.msgid.link/20260427195856.401223-1-kuba@kernel.org


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent b89769f9

Documentation/netlink/specs/psp.yaml

+2 −0

Original line number	Diff line number	Diff line
		@@ -188,6 +188,7 @@ operations:
		name: dev-set
		doc: Set the configuration of a PSP device.
		attribute-set: dev
		flags: [admin-perm]
		do:
		request:
		attributes:
		@@ -207,6 +208,7 @@ operations:
		name: key-rotate
		doc: Rotate the device key.
		attribute-set: dev
		flags: [admin-perm]
		do:
		request:
		attributes:

net/psp/psp-nl-gen.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -76,7 +76,7 @@ static const struct genl_split_ops psp_nl_ops[] = {
		.post_doit = psp_device_unlock,
		.policy = psp_dev_set_nl_policy,
		.maxattr = PSP_A_DEV_PSP_VERSIONS_ENA,
		.flags = GENL_CMD_CAP_DO,
		.flags = GENL_ADMIN_PERM \| GENL_CMD_CAP_DO,
		},
		{
		.cmd = PSP_CMD_KEY_ROTATE,
		@@ -85,7 +85,7 @@ static const struct genl_split_ops psp_nl_ops[] = {
		.post_doit = psp_device_unlock,
		.policy = psp_key_rotate_nl_policy,
		.maxattr = PSP_A_DEV_ID,
		.flags = GENL_CMD_CAP_DO,
		.flags = GENL_ADMIN_PERM \| GENL_CMD_CAP_DO,
		},
		{
		.cmd = PSP_CMD_RX_ASSOC,