diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-02-21 06:39:57 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-02-21 06:39:57 +0000 |
commit | ab5676fc870d2d819cf41120313443182db079cf (patch) | |
tree | 3ed13007d645ee25bab52d52b6aba08f7f0bcf1e /sys/netinet | |
parent | 17bdecb1829f632354d48f743f10ff707edded9c (diff) | |
download | FreeBSD-src-ab5676fc870d2d819cf41120313443182db079cf.zip FreeBSD-src-ab5676fc870d2d819cf41120313443182db079cf.tar.gz |
o Move per-process jail pointer (p->pr_prison) to inside of the subject
credential structure, ucred (cr->cr_prison).
o Allow jail inheritence to be a function of credential inheritence.
o Abstract prison structure reference counting behind pr_hold() and
pr_free(), invoked by the similarly named credential reference
management functions, removing this code from per-ABI fork/exit code.
o Modify various jail() functions to use struct ucred arguments instead
of struct proc arguments.
o Introduce jailed() function to determine if a credential is jailed,
rather than directly checking pointers all over the place.
o Convert PRISON_CHECK() macro to prison_check() function.
o Move jail() function prototypes to jail.h.
o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the
flag in the process flags field itself.
o Eliminate that "const" qualifier from suser/p_can/etc to reflect
mutex use.
Notes:
o Some further cleanup of the linux/jail code is still required.
o It's now possible to consider resolving some of the process vs
credential based permission checking confusion in the socket code.
o Mutex protection of struct prison is still not present, and is
required to protect the reference count plus some fields in the
structure.
Reviewed by: freebsd-arch
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in.h | 3 | ||||
-rw-r--r-- | sys/netinet/in_pcb.c | 19 | ||||
-rw-r--r-- | sys/netinet/tcp_usrreq.c | 5 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 7 |
4 files changed, 19 insertions, 15 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h index 1ce8dfd..e7ab99f 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -487,9 +487,6 @@ int in_localaddr __P((struct in_addr)); char *inet_ntoa __P((struct in_addr)); /* in libkern */ char *inet_ntoa_r __P((struct in_addr ina, char *buf)); /* in libkern */ -int prison_ip __P((struct proc *p, int flag, u_int32_t *ip)); -void prison_remote_ip __P((struct proc *p, int flag, u_int32_t *ip)); - #endif #endif diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 7195be9..c114eca 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -199,7 +199,7 @@ in_pcbbind(inp, nam, p) return (EAFNOSUPPORT); #endif if (sin->sin_addr.s_addr != INADDR_ANY) - if (prison_ip(p, 0, &sin->sin_addr.s_addr)) + if (prison_ip(p->p_ucred, 0, &sin->sin_addr.s_addr)) return(EINVAL); lport = sin->sin_port; if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { @@ -219,12 +219,11 @@ in_pcbbind(inp, nam, p) } if (lport) { struct inpcb *t; - /* GROSS */ if (ntohs(lport) < IPPORT_RESERVED && p && suser_xxx(0, p, PRISON_ROOT)) return (EACCES); - if (p && p->p_prison) + if (p && jailed(p->p_ucred)) prison = 1; if (so->so_cred->cr_uid != 0 && !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { @@ -274,7 +273,7 @@ in_pcbbind(inp, nam, p) int count; if (inp->inp_laddr.s_addr != INADDR_ANY) - if (prison_ip(p, 0, &inp->inp_laddr.s_addr )) + if (prison_ip(p->p_ucred, 0, &inp->inp_laddr.s_addr )) return (EINVAL); inp->inp_flags |= INP_ANONPORT; @@ -345,7 +344,7 @@ in_pcbbind(inp, nam, p) } } inp->inp_lport = lport; - if (prison_ip(p, 0, &inp->inp_laddr.s_addr)) + if (prison_ip(p->p_ucred, 0, &inp->inp_laddr.s_addr)) return(EINVAL); if (in_pcbinshash(inp) != 0) { inp->inp_laddr.s_addr = INADDR_ANY; @@ -492,11 +491,13 @@ in_pcbconnect(inp, nam, p) struct sockaddr_in *ifaddr; struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct sockaddr_in sa; + struct ucred *cred; int error; - if (inp->inp_laddr.s_addr == INADDR_ANY && p->p_prison != NULL) { + cred = inp->inp_socket->so_cred; + if (inp->inp_laddr.s_addr == INADDR_ANY && jailed(cred)) { bzero(&sa, sizeof (sa)); - sa.sin_addr.s_addr = htonl(p->p_prison->pr_ip); + sa.sin_addr.s_addr = htonl(cred->cr_prison->pr_ip); sa.sin_len=sizeof (sa); sa.sin_family = AF_INET; error = in_pcbbind(inp, (struct sockaddr *)&sa, p); @@ -1068,9 +1069,9 @@ in_pcbremlists(inp) int prison_xinpcb(struct proc *p, struct inpcb *inp) { - if (!p->p_prison) + if (!jailed(p->p_ucred)) return (0); - if (ntohl(inp->inp_laddr.s_addr) == p->p_prison->pr_ip) + if (ntohl(inp->inp_laddr.s_addr) == p->p_ucred->cr_prison->pr_ip) return (0); return (1); } diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index ac1eee9..1d64581 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -49,6 +49,8 @@ #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/protosw.h> +#include <sys/proc.h> +#include <sys/jail.h> #include <net/if.h> #include <net/route.h> @@ -328,7 +330,8 @@ tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct proc *p) goto out; } - prison_remote_ip(p, 0, &sinp->sin_addr.s_addr); + if (p && jailed(p->p_ucred)) + prison_remote_ip(p->p_ucred, 0, &sinp->sin_addr.s_addr); if ((error = tcp_connect(tp, nam, p)) != 0) goto out; diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 7edcfcd..60c80d2 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -49,6 +49,7 @@ #include <sys/socketvar.h> #include <sys/sysctl.h> #include <sys/syslog.h> +#include <sys/jail.h> #include <vm/vm_zone.h> @@ -675,7 +676,8 @@ udp_output(inp, m, addr, control, p) if (addr) { sin = (struct sockaddr_in *)addr; - prison_remote_ip(p, 0, &sin->sin_addr.s_addr); + if (p && jailed(p->p_ucred)) + prison_remote_ip(p->p_ucred, 0, &sin->sin_addr.s_addr); laddr = inp->inp_laddr; if (inp->inp_faddr.s_addr != INADDR_ANY) { error = EISCONN; @@ -848,7 +850,8 @@ udp_connect(struct socket *so, struct sockaddr *nam, struct proc *p) return EISCONN; s = splnet(); sin = (struct sockaddr_in *)nam; - prison_remote_ip(p, 0, &sin->sin_addr.s_addr); + if (p && jailed(p->p_ucred)) + prison_remote_ip(p->p_ucred, 0, &sin->sin_addr.s_addr); error = in_pcbconnect(inp, nam, p); splx(s); if (error == 0) |