diff options
author | mdodd <mdodd@FreeBSD.org> | 2005-04-13 00:30:19 +0000 |
---|---|---|
committer | mdodd <mdodd@FreeBSD.org> | 2005-04-13 00:30:19 +0000 |
commit | 6f55c85dec1eb335caa95ef07d9644fb0d921e7f (patch) | |
tree | 7ac18311de6a6c0737fba69f89947b682bfb6aa8 /sys/net/if_tap.c | |
parent | bdcac6ad82d9d15d367abad3a4d81e966455070b (diff) | |
download | FreeBSD-src-6f55c85dec1eb335caa95ef07d9644fb0d921e7f.zip FreeBSD-src-6f55c85dec1eb335caa95ef07d9644fb0d921e7f.tar.gz |
Provide a sysctl (net.link.tap.user_open) to allow unpriviliged
acces to tap(4) device nodes based on file system permission.
Duplicate the 'debug.if_tap_debug' sysctl under the
'net.link.tap' hierarchy.
Diffstat (limited to 'sys/net/if_tap.c')
-rw-r--r-- | sys/net/if_tap.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/sys/net/if_tap.c b/sys/net/if_tap.c index 601b95d..cc07baf 100644 --- a/sys/net/if_tap.c +++ b/sys/net/if_tap.c @@ -116,12 +116,21 @@ static struct cdevsw tap_cdevsw = { */ static struct mtx tapmtx; static int tapdebug = 0; /* debug flag */ +static int tapuopen = 0; /* allow user open() */ static SLIST_HEAD(, tap_softc) taphead; /* first device */ static struct clonedevs *tapclones; MALLOC_DECLARE(M_TAP); MALLOC_DEFINE(M_TAP, CDEV_NAME, "Ethernet tunnel interface"); SYSCTL_INT(_debug, OID_AUTO, if_tap_debug, CTLFLAG_RW, &tapdebug, 0, ""); + +SYSCTL_DECL(_net_link); +SYSCTL_NODE(_net_link, OID_AUTO, tap, CTLFLAG_RW, 0, + "Ethernet tunnel software network interface"); +SYSCTL_INT(_net_link_tap, OID_AUTO, user_open, CTLFLAG_RW, &tapuopen, 0, + "Allow user to open /dev/tap (based on node permissions)"); +SYSCTL_INT(_net_link_tap, OID_AUTO, debug, CTLFLAG_RW, &tapdebug, 0, ""); + DEV_MODULE(if_tap, tapmodevent, NULL); /* @@ -345,10 +354,10 @@ tapopen(dev, flag, mode, td) { struct tap_softc *tp = NULL; struct ifnet *ifp = NULL; - int error, s; + int s; - if ((error = suser(td)) != 0) - return (error); + if (tapuopen == 0 && suser(td) != 0) + return (EPERM); if ((dev2unit(dev) & CLONE_UNITMASK) > TAPMAXUNIT) return (ENXIO); |