diff options
author | bz <bz@FreeBSD.org> | 2009-01-09 21:57:49 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2009-01-09 21:57:49 +0000 |
commit | ffd24214075016efd0b3aac50a2a5127600c3a77 (patch) | |
tree | 81cfbe8d787e92899aba974fc233f3ae9a1d16a6 /sys/net | |
parent | cfaeba182119e176d612c86eb266960a42314107 (diff) | |
download | FreeBSD-src-ffd24214075016efd0b3aac50a2a5127600c3a77.zip FreeBSD-src-ffd24214075016efd0b3aac50a2a5127600c3a77.tar.gz |
Restrict arp, ndp and theoretically the FIB listing (if not
read with libkvm) to the addresses of a prison, when inside a
jail. [1]
As the patch from the PR was pre-'new-arp', add checks to the
llt_dump handlers as well.
While touching RTM_GET in route_output(), consistently use
curthread credentials rather than the creds from the socket
there. [2]
PR: kern/68189
Submitted by: Mark Delany <sxcg2-fuwxj@qmda.emu.st> [1]
Discussed with: rwatson [2]
Reviewed by: rwatson
MFC after: 4 weeks
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/rtsock.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 3575c94..76953f4 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -611,6 +611,12 @@ route_output(struct mbuf *m, struct socket *so) case RTM_GET: report: RT_LOCK_ASSERT(rt); + if (jailed(curthread->td_ucred) && + ((rt->rt_flags & RTF_HOST) == 0 || + !prison_if(curthread->td_ucred, rt_key(rt)))) { + RT_UNLOCK(rt); + senderr(ESRCH); + } info.rti_info[RTAX_DST] = rt_key(rt); info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; info.rti_info[RTAX_NETMASK] = rt_mask(rt); @@ -620,10 +626,10 @@ route_output(struct mbuf *m, struct socket *so) if (ifp) { info.rti_info[RTAX_IFP] = ifp->if_addr->ifa_addr; - if (jailed(so->so_cred)) { + if (jailed(curthread->td_ucred)) { error = rtm_get_jailed( &info, ifp, rt, &saun, - so->so_cred); + curthread->td_ucred); if (error != 0) { RT_UNLOCK(rt); senderr(ESRCH); @@ -1256,6 +1262,10 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) if (w->w_op == NET_RT_FLAGS && !(rt->rt_flags & w->w_arg)) return 0; + if (jailed(w->w_req->td->td_ucred) && + ((rt->rt_flags & RTF_HOST) == 0 || + !prison_if(w->w_req->td->td_ucred, rt_key(rt)))) + return (0); bzero((caddr_t)&info, sizeof(info)); info.rti_info[RTAX_DST] = rt_key(rt); info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; |