From 0dca1bb7dd2daf9f26f30730cbfaafe9b77bbeb0 Mon Sep 17 00:00:00 2001 From: rwatson Date: Sun, 16 Nov 2003 03:53:36 +0000 Subject: When implementing getsockopt() for SO_LABEL and SO_PEERLABEL, make sure to sooptcopyin() the (struct mac) so that the MAC Framework knows which label types are being requested. This fixes process queries of socket labels. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories --- sys/kern/uipc_socket.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'sys/kern/uipc_socket.c') diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 8e5dec2..84db1a9 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1599,6 +1599,10 @@ integer: break; case SO_LABEL: #ifdef MAC + error = sooptcopyin(sopt, &extmac, sizeof(extmac), + sizeof(extmac)); + if (error) + return (error); error = mac_getsockopt_label_get( sopt->sopt_td->td_ucred, so, &extmac); if (error) @@ -1610,6 +1614,10 @@ integer: break; case SO_PEERLABEL: #ifdef MAC + error = sooptcopyin(sopt, &extmac, sizeof(extmac), + sizeof(extmac)); + if (error) + return (error); error = mac_getsockopt_peerlabel_get( sopt->sopt_td->td_ucred, so, &extmac); if (error) -- cgit v1.1