summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2006-11-06 14:54:06 +0000
committerrwatson <rwatson@FreeBSD.org>2006-11-06 14:54:06 +0000
commit572da55a432cfcabe19b41502ef867e59edea8f6 (patch)
tree24a5a8ca0f6495fc45fd07f1b990052667d646a6
parent9da66947c437f843cbe63621743456ba7b4e4b05 (diff)
downloadFreeBSD-src-572da55a432cfcabe19b41502ef867e59edea8f6.zip
FreeBSD-src-572da55a432cfcabe19b41502ef867e59edea8f6.tar.gz
Convert three new suser(9) calls introduced between when the priv(9)
patch was prepared and committed to priv(9) calls. Add XXX comments as, in each case, the semantics appear to differ from the TCP/UDP versions of the calls with respect to jail, and because cr_canseecred() is not used to validate the query. Obtained from: TrustedBSD Project
-rw-r--r--sys/netinet/sctp_pcb.c6
-rw-r--r--sys/netinet/sctp_usrreq.c9
-rw-r--r--sys/netinet6/sctp6_usrreq.c9
3 files changed, 19 insertions, 5 deletions
diff --git a/sys/netinet/sctp_pcb.c b/sys/netinet/sctp_pcb.c
index d00e860..24c2ba5 100644
--- a/sys/netinet/sctp_pcb.c
+++ b/sys/netinet/sctp_pcb.c
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/kernel.h>
#include <sys/sysctl.h>
@@ -1768,9 +1769,8 @@ sctp_inpcb_bind(struct socket *so, struct sockaddr *addr, struct thread *p)
*/
/* got to be root to get at low ports */
if (ntohs(lport) < IPPORT_RESERVED) {
- if (p && (error =
- suser_cred(p->td_ucred, 0)
- )) {
+ if (p && (error = priv_check(p,
+ PRIV_NETINET_RESERVEDPORT))) {
SCTP_INP_DECR_REF(inp);
SCTP_INP_WUNLOCK(inp);
SCTP_INP_INFO_WUNLOCK();
diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c
index 63097a8..25d639f 100644
--- a/sys/netinet/sctp_usrreq.c
+++ b/sys/netinet/sctp_usrreq.c
@@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/domain.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/protosw.h>
#include <sys/socket.h>
@@ -488,9 +489,15 @@ sctp_getcred(SYSCTL_HANDLER_ARGS)
struct sctp_tcb *stcb;
int error, s;
- error = suser(req->td);
+ /*
+ * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket
+ * visibility is scoped using cr_canseesocket(), which it is not
+ * here.
+ */
+ error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_GETCRED, 0);
if (error)
return (error);
+
error = SYSCTL_IN(req, addrs, sizeof(addrs));
if (error)
return (error);
diff --git a/sys/netinet6/sctp6_usrreq.c b/sys/netinet6/sctp6_usrreq.c
index 39d531b..3483658 100644
--- a/sys/netinet6/sctp6_usrreq.c
+++ b/sys/netinet6/sctp6_usrreq.c
@@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
#include <sys/stat.h>
#include <sys/systm.h>
#include <sys/syslog.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <net/if.h>
#include <net/route.h>
@@ -481,7 +482,13 @@ sctp6_getcred(SYSCTL_HANDLER_ARGS)
struct sctp_tcb *stcb;
int error, s;
- error = suser(req->td);
+ /*
+ * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket
+ * visibility is scoped using cr_canseesocket(), which it is not
+ * here.
+ */
+ error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_RESERVEDPORT,
+ 0);
if (error)
return (error);
OpenPOWER on IntegriCloud