diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-11-06 13:42:10 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-11-06 13:42:10 +0000 |
commit | 10d0d9cf473dc5f0ce1bf263ead445ffe7819154 (patch) | |
tree | b9dd284620eeaddbff089cef10e4b1afb7918279 /sys/net/if_gre.c | |
parent | 7288104e2094825a9c98b9923f039817a76e2983 (diff) | |
download | FreeBSD-src-10d0d9cf473dc5f0ce1bf263ead445ffe7819154.zip FreeBSD-src-10d0d9cf473dc5f0ce1bf263ead445ffe7819154.tar.gz |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges. These may
require some future tweaking.
Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>
Diffstat (limited to 'sys/net/if_gre.c')
-rw-r--r-- | sys/net/if_gre.c | 72 |
1 files changed, 63 insertions, 9 deletions
diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c index 2aa7b52..ebd0226 100644 --- a/sys/net/if_gre.c +++ b/sys/net/if_gre.c @@ -57,6 +57,7 @@ #include <sys/malloc.h> #include <sys/module.h> #include <sys/mbuf.h> +#include <sys/priv.h> #include <sys/protosw.h> #include <sys/socket.h> #include <sys/sockio.h> @@ -452,7 +453,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) case SIOCSIFDSTADDR: break; case SIOCSIFFLAGS: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_SETIFFLAGS)) != 0) break; if ((ifr->ifr_flags & IFF_LINK0) != 0) sc->g_proto = IPPROTO_GRE; @@ -464,7 +469,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) sc->wccp_ver = WCCP_V1; goto recompute; case SIOCSIFMTU: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_SETIFMTU)) != 0) break; if (ifr->ifr_mtu < 576) { error = EINVAL; @@ -476,8 +485,36 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) ifr->ifr_mtu = GRE2IFP(sc)->if_mtu; break; case SIOCADDMULTI: + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_ADDMULTI)) != 0) + break; + if (ifr == 0) { + error = EAFNOSUPPORT; + break; + } + switch (ifr->ifr_addr.sa_family) { +#ifdef INET + case AF_INET: + break; +#endif +#ifdef INET6 + case AF_INET6: + break; +#endif + default: + error = EAFNOSUPPORT; + break; + } + break; case SIOCDELMULTI: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_DELIFGROUP)) != 0) break; if (ifr == 0) { error = EAFNOSUPPORT; @@ -498,7 +535,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) } break; case GRESPROTO: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) break; sc->g_proto = ifr->ifr_flags; switch (sc->g_proto) { @@ -518,8 +559,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) break; case GRESADDRS: case GRESADDRD: - if ((error = suser(curthread)) != 0) - break; + error = priv_check(curthread, PRIV_NET_GRE); + if (error) + return (error); /* * set tunnel endpoints, compute a less specific route * to the remote end and mark if as up @@ -584,7 +626,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) ifr->ifr_addr = *sa; break; case SIOCSIFPHYADDR: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) break; if (aifr->ifra_addr.sin_family != AF_INET || aifr->ifra_dstaddr.sin_family != AF_INET) { @@ -600,7 +646,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) sc->g_dst = aifr->ifra_dstaddr.sin_addr; goto recompute; case SIOCSLIFPHYADDR: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) break; if (lifr->addr.ss_family != AF_INET || lifr->dstaddr.ss_family != AF_INET) { @@ -617,7 +667,11 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) (satosin(&lifr->dstaddr))->sin_addr; goto recompute; case SIOCDIFPHYADDR: - if ((error = suser(curthread)) != 0) + /* + * XXXRW: Isn't this suser() redundant to the ifnet layer + * check? + */ + if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) break; sc->g_src.s_addr = INADDR_ANY; sc->g_dst.s_addr = INADDR_ANY; |