diff options
author | truckman <truckman@FreeBSD.org> | 1998-11-11 10:04:13 +0000 |
---|---|---|
committer | truckman <truckman@FreeBSD.org> | 1998-11-11 10:04:13 +0000 |
commit | de184682fa22833c7b18a96a136bc031ae786434 (patch) | |
tree | b9b62a0e361f25bc4ed8f9636cce5f2fd2f12423 /sys/net | |
parent | 225b2f25416b4a11b425250105d4acbfc5bd5638 (diff) | |
download | FreeBSD-src-de184682fa22833c7b18a96a136bc031ae786434.zip FreeBSD-src-de184682fa22833c7b18a96a136bc031ae786434.tar.gz |
Installed the second patch attached to kern/7899 with some changes suggested
by bde, a few other tweaks to get the patch to apply cleanly again and
some improvements to the comments.
This change closes some fairly minor security holes associated with
F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN
had on tty devices. For more details, see the description on the PR.
Because this patch increases the size of the proc and pgrp structures,
it is necessary to re-install the includes and recompile libkvm,
the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w.
PR: kern/7899
Reviewed by: bde, elvind
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/bpf.c | 31 | ||||
-rw-r--r-- | sys/net/bpfdesc.h | 4 | ||||
-rw-r--r-- | sys/net/if_tun.c | 29 | ||||
-rw-r--r-- | sys/net/if_tunvar.h | 4 |
4 files changed, 39 insertions, 29 deletions
diff --git a/sys/net/bpf.c b/sys/net/bpf.c index f9a217b..39d2d26 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -37,7 +37,7 @@ * * @(#)bpf.c 8.2 (Berkeley) 3/28/94 * - * $Id: bpf.c,v 1.43 1998/10/04 23:04:48 alex Exp $ + * $Id: bpf.c,v 1.44 1998/10/08 00:32:08 alex Exp $ */ #include "bpfilter.h" @@ -61,6 +61,7 @@ #include <sys/filio.h> #include <sys/sockio.h> #include <sys/ttycom.h> +#include <sys/filedesc.h> #if defined(sparc) && BSD < 199103 #include <sys/stream.h> @@ -379,6 +380,7 @@ bpfclose(dev, flags, fmt, p) register struct bpf_d *d = &bpf_dtab[minor(dev)]; register int s; + funsetown(d->bd_sigio); s = splimp(); if (d->bd_bif) bpf_detachd(d); @@ -537,11 +539,8 @@ bpf_wakeup(d) struct proc *p; wakeup((caddr_t)d); - if (d->bd_async && d->bd_sig) - if (d->bd_pgid > 0) - gsignal (d->bd_pgid, d->bd_sig); - else if (p = pfind (-d->bd_pgid)) - psignal (p, d->bd_sig); + if (d->bd_async && d->bd_sig && d->bd_sigio) + pgsigio(d->bd_sigio, d->bd_sig, 0); #if BSD >= 199103 selwakeup(&d->bd_sel); @@ -834,18 +833,22 @@ bpfioctl(dev, cmd, addr, flags, p) d->bd_async = *(int *)addr; break; -/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the - equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg - is a process group if it's positive and a process id if it's negative. This - is exactly the opposite of what the other two functions want! Therefore - there is code in ioctl and fcntl to negate the arg before calling here. */ + case FIOSETOWN: + error = fsetown(*(int *)addr, &d->bd_sigio); + break; + + case FIOGETOWN: + *(int *)addr = fgetown(d->bd_sigio); + break; - case TIOCSPGRP: /* Process or group to send signals to */ - d->bd_pgid = *(int *)addr; + /* This is deprecated, FIOSETOWN should be used instead. */ + case TIOCSPGRP: + error = fsetown(-(*(int *)addr), &d->bd_sigio); break; + /* This is deprecated, FIOGETOWN should be used instead. */ case TIOCGPGRP: - *(int *)addr = d->bd_pgid; + *(int *)addr = -fgetown(d->bd_sigio); break; case BIOCSRSIG: /* Set receive signal */ diff --git a/sys/net/bpfdesc.h b/sys/net/bpfdesc.h index aa7f462..03d0def 100644 --- a/sys/net/bpfdesc.h +++ b/sys/net/bpfdesc.h @@ -37,7 +37,7 @@ * * @(#)bpfdesc.h 8.1 (Berkeley) 6/10/93 * - * $Id$ + * $Id: bpfdesc.h,v 1.10 1997/02/22 09:40:57 peter Exp $ */ #ifndef _NET_BPFDESC_H_ @@ -78,7 +78,7 @@ struct bpf_d { u_char bd_immediate; /* true to return on packet arrival */ int bd_async; /* non-zero if packet reception should generate signal */ int bd_sig; /* signal to send upon packet reception */ - pid_t bd_pgid; /* process or group id for signal */ + struct sigio * bd_sigio; /* information for SIGIO */ #if BSD < 199103 u_char bd_selcoll; /* true if selects collide */ int bd_timedout; diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index e00ce0c..d62488f 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -30,6 +30,7 @@ #include <sys/ttycom.h> #include <sys/poll.h> #include <sys/signalvar.h> +#include <sys/filedesc.h> #include <sys/kernel.h> #include <sys/sysctl.h> #ifdef DEVFS @@ -215,7 +216,7 @@ tunclose(dev, foo, bar, p) } splx(s); } - tp->tun_pgrp = 0; + funsetown(tp->tun_sigio); selwakeup(&tp->tun_rsel); TUNDEBUG ("%s%d: closed\n", ifp->if_name, ifp->if_unit); @@ -372,12 +373,8 @@ tunoutput(ifp, m0, dst, rt) tp->tun_flags &= ~TUN_RWAIT; wakeup((caddr_t)tp); } - if (tp->tun_flags & TUN_ASYNC && tp->tun_pgrp) { - if (tp->tun_pgrp > 0) - gsignal(tp->tun_pgrp, SIGIO); - else if ((p = pfind(-tp->tun_pgrp)) != 0) - psignal(p, SIGIO); - } + if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) + pgsigio(tp->tun_sigio, SIGIO, 0); selwakeup(&tp->tun_rsel); return 0; } @@ -434,12 +431,22 @@ tunioctl(dev, cmd, data, flag, p) *(int *)data = 0; splx(s); break; + case FIOSETOWN: + return (fsetown(*(int *)data, &tp->tun_sigio)); + + case FIOGETOWN: + *(int *)data = fgetown(tp->tun_sigio); + return (0); + + /* This is deprecated, FIOSETOWN should be used instead. */ case TIOCSPGRP: - tp->tun_pgrp = *(int *)data; - break; + return (fsetown(-(*(int *)data), &tp->tun_sigio)); + + /* This is deprecated, FIOGETOWN should be used instead. */ case TIOCGPGRP: - *(int *)data = tp->tun_pgrp; - break; + *(int *)data = -fgetown(tp->tun_sigio); + return (0); + default: return (ENOTTY); } diff --git a/sys/net/if_tunvar.h b/sys/net/if_tunvar.h index c44911b..d0ef510 100644 --- a/sys/net/if_tunvar.h +++ b/sys/net/if_tunvar.h @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id:$ + * $Id: if_tunvar.h,v 1.1 1998/01/11 17:52:33 brian Exp $ */ #ifndef _NET_IF_TUNVAR_H_ @@ -42,7 +42,7 @@ struct tun_softc { #define TUN_READY (TUN_OPEN | TUN_INITED) struct ifnet tun_if; /* the interface */ - int tun_pgrp; /* the process group - if any */ + struct sigio *tun_sigio; /* information for SIGIO */ struct selinfo tun_rsel; /* read select */ struct selinfo tun_wsel; /* write select (not used) */ }; |