Removed CAN_RAW_USER and CAN_BCM_USER Kconfig options due to a

discussion of Usr and Patrick:

http://marc.info/?l=linux-netdev&m=119045947822801&w=2

The capability checks are still part of the source to allow developers
to change the capabilities according to their needs.

git-svn-id: svn://svn.berlios.de//socketcan/trunk@489 030b6a49-0b11-0410-94ab-b0dab22257f2

diff --git a/kernel/2.6/include/linux/can/core.h b/kernel/2.6/include/linux/can/core.h
index 8f28dfad5ed140ae4115a7923c9a548efed453bc..30b45cc395d810726b18847e88728c6cb69e4db3 100644 (file)
--- a/kernel/2.6/include/linux/can/core.h
+++ b/kernel/2.6/include/linux/can/core.h
@@ -28,6 +28,9 @@
 
 #define CAN_VERSION_STRING "rev " CAN_VERSION " abi " CAN_ABI_VERSION
 
+/* CAN default capability needs (-1 == none) */
+#define CAN_CAP (-1)
+
 #define DNAME(dev) ((dev) ? (dev)->name : "any")
 
 /**

diff --git a/kernel/2.6/net/can/Kconfig b/kernel/2.6/net/can/Kconfig
index ce54af16b603c74635408f922e7c4a94b9493fff..82138bdb23dfc09b272f54671117de4bfc72219a 100644 (file)
--- a/kernel/2.6/net/can/Kconfig
+++ b/kernel/2.6/net/can/Kconfig
@@ -27,21 +27,6 @@ config CAN_RAW
          socket has several filter options e.g. ID-Masking / Errorframes.
          To receive/send raw CAN messages, use AF_CAN with protocol CAN_RAW.
 
-config CAN_RAW_USER
-       bool "Allow non-root users to access Raw CAN Protocol sockets"
-       depends on CAN_RAW
-       default N
-       ---help---
-         The Controller Area Network is a local field bus transmitting only
-         broadcast messages without any routing and security concepts.
-         In the majority of cases the user application has to deal with
-         raw CAN frames. Therefore it might be reasonable NOT to restrict
-         the CAN access only to the user root, as known from other networks.
-         Since CAN_RAW sockets can only send and receive frames to/from CAN
-         interfaces this does not affect security of others networks.
-         Say Y here if you want non-root users to be able to access CAN_RAW
-         sockets.
-
 config CAN_BCM
        tristate "Broadcast Manager CAN Protocol (with content filtering)"
        depends on CAN
@@ -55,21 +40,6 @@ config CAN_BCM
          CAN messages are used on the bus (e.g. in automotive environments).
          To use the Broadcast Manager, use AF_CAN with protocol CAN_BCM.
 
-config CAN_BCM_USER
-       bool "Allow non-root users to access CAN broadcast manager sockets"
-       depends on CAN_BCM
-       default N
-       ---help---
-         The Controller Area Network is a local field bus transmitting only
-         broadcast messages without any routing and security concepts.
-         In the majority of cases the user application has to deal with
-         raw CAN frames. Therefore it might be reasonable NOT to restrict
-         the CAN access only to the user root, as known from other networks.
-         Since CAN_BCM sockets can only send and receive frames to/from CAN
-         interfaces this does not affect security of others networks.
-         Say Y here if you want non-root users to be able to access CAN_BCM
-         sockets.
-
 config CAN_DEBUG_CORE
        bool "CAN Core debugging messages"
        depends on CAN

diff --git a/kernel/2.6/net/can/bcm.c b/kernel/2.6/net/can/bcm.c
index 474603420a108dc71d7be2a222c0d2a03cd0ec90..3cbd100c20f540bb819c0886501e10a377314e8a 100644 (file)
--- a/kernel/2.6/net/can/bcm.c
+++ b/kernel/2.6/net/can/bcm.c
@@ -123,11 +123,8 @@ struct bcm_op {
 
 static struct proc_dir_entry *proc_dir;
 
-#ifdef CONFIG_CAN_BCM_USER
-#define BCM_CAP (-1)
-#else
-#define BCM_CAP CAP_NET_RAW
-#endif
+/* CAN BCM sockets capability needs */
+#define CAN_BCM_CAP CAN_CAP
 
 struct bcm_sock {
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
@@ -1844,7 +1841,7 @@ static struct proto bcm_proto __read_mostly = {
 static struct can_proto bcm_can_proto __read_mostly = {
        .type       = SOCK_DGRAM,
        .protocol   = CAN_BCM,
-       .capability = BCM_CAP,
+       .capability = CAN_BCM_CAP,
        .ops        = &bcm_ops,
        .prot       = &bcm_proto,
 };
@@ -1852,7 +1849,7 @@ static struct can_proto bcm_can_proto __read_mostly = {
 static struct can_proto bcm_can_proto __read_mostly = {
        .type       = SOCK_DGRAM,
        .protocol   = CAN_BCM,
-       .capability = BCM_CAP,
+       .capability = CAN_BCM_CAP,
        .ops        = &bcm_ops,
        .owner      = THIS_MODULE,
        .obj_size   = sizeof(struct bcm_sock),

diff --git a/kernel/2.6/net/can/raw.c b/kernel/2.6/net/can/raw.c
index f67423110ff145cf500e6c28891bbef69850874c..0f8a6a3339ae9fe9760868f707eee6eee599fdc1 100644 (file)
--- a/kernel/2.6/net/can/raw.c
+++ b/kernel/2.6/net/can/raw.c
@@ -78,11 +78,8 @@ module_param(debug, int, S_IRUGO);
 MODULE_PARM_DESC(debug, "debug print mask: 1:debug, 2:frames, 4:skbs");
 #endif
 
-#ifdef CONFIG_CAN_RAW_USER
-#define RAW_CAP (-1)
-#else
-#define RAW_CAP CAP_NET_RAW
-#endif
+/* CAN RAW sockets capability needs */
+#define CAN_RAW_CAP CAN_CAP
 
 #define MASK_ALL 0
 
@@ -849,7 +846,7 @@ static struct proto raw_proto __read_mostly = {
 static struct can_proto raw_can_proto __read_mostly = {
        .type       = SOCK_RAW,
        .protocol   = CAN_RAW,
-       .capability = RAW_CAP,
+       .capability = CAN_RAW_CAP,
        .ops        = &raw_ops,
        .prot       = &raw_proto,
 };
@@ -857,7 +854,7 @@ static struct can_proto raw_can_proto __read_mostly = {
 static struct can_proto raw_can_proto __read_mostly = {
        .type       = SOCK_RAW,
        .protocol   = CAN_RAW,
-       .capability = RAW_CAP,
+       .capability = CAN_RAW_CAP,
        .ops        = &raw_ops,
        .owner      = THIS_MODULE,
        .obj_size   = sizeof(struct raw_sock),