Re: [PATCH net v2] net: require CAP_NET_ADMIN in the device netns for tunnel changelink

Next message: Michal Simek: "Re: [PATCH] Input: xilinx_ps2 - replace in_be32/out_be32 with ioread32be/iowrite32be"
Previous message: Michal Simek: "Re: [PATCH] char: xilinx_hwicap: replace in_be32/out_be32 with ioread32be/iowrite32be"
In reply to: Xiao Liang: "Re: [PATCH net v2] net: require CAP_NET_ADMIN in the device netns for tunnel changelink"
Next in thread: Kuniyuki Iwashima: "Re: [PATCH net v2] net: require CAP_NET_ADMIN in the device netns for tunnel changelink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Maoyi Xie

Date: Tue Jun 02 2026 - 02:23:42 EST

Hi Xiao,

On Tue, Jun 2, 2026 at 10:10 AM Xiao Liang <shaw.leon@xxxxxxxxx> wrote:
> Should modifying params that don't affect tunnel lookup (e.g. GRE_CSUM
> and GRE_SEQ) require CAP_NET_ADMIN in link netns?

ip_tunnel_update() unlinks and relinks the tunnel in the creation
netns hash unconditionally, even for a CSUM or SEQ only change, and
ip6gre_changelink() does the same. So every changelink writes that
hash, not only the ones that change the endpoints. That is why the
check sits at the entry, and it matches the ioctl side in 8b484efd5cb4.

You are right that a CSUM or SEQ only change relinks into the same
bucket and has no lookup effect. I can narrow the check to the params
that move the bucket if you prefer, though that means diffing old and
new params in each changelink. I lean towards the entry check for
consistency, but happy to go either way.

Thanks,
Maoyi