Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/net Don't kauth-orize SIOCDIFPHYADDR, SIOCSIFFLAGS, SIOC...
details: https://anonhg.NetBSD.org/src/rev/ef931eb9ab53
branches: trunk
changeset: 770667:ef931eb9ab53
user: dyoung <dyoung%NetBSD.org@localhost>
date: Fri Oct 28 16:42:52 2011 +0000
description:
Don't kauth-orize SIOCDIFPHYADDR, SIOCSIFFLAGS, SIOCSIFMTU, or
SIOCSLIFPHYADDR, in gif_ioctl() or in gre_ioctl(), because those
operations are ordinarily kauth-orized already in ifioctl().
Kauth-orizing SIOCSIFFLAGS in gre_ioctl() caused a panic ("panic:
bpf_detachd: ifpromisc failed: 1") when tcpdump(8) was interrupted.
Somehow bpf(4) enables promiscuous mode using different credentials than
it uses to disable promiscuous mode, hence the ifpromisc failure. This
may have something to do with privilege-separation in tcpdump(8). I.e.,
an LWP with SIOCSIFFLAGS privilege opens /dev/bpf, but an LWP without
SIOCSIFFLAGS privilege closes it.
diffstat:
sys/net/if_gif.c | 22 ++--------------------
sys/net/if_gre.c | 8 ++------
2 files changed, 4 insertions(+), 26 deletions(-)
diffs (90 lines):
diff -r 526d43b3eabf -r ef931eb9ab53 sys/net/if_gif.c
--- a/sys/net/if_gif.c Fri Oct 28 16:10:12 2011 +0000
+++ b/sys/net/if_gif.c Fri Oct 28 16:42:52 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_gif.c,v 1.79 2011/10/27 20:04:57 dyoung Exp $ */
+/* $NetBSD: if_gif.c,v 1.80 2011/10/28 16:42:52 dyoung Exp $ */
/* $KAME: if_gif.c,v 1.76 2001/08/20 02:01:02 kjc Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.79 2011/10/27 20:04:57 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.80 2011/10/28 16:42:52 dyoung Exp $");
#include "opt_inet.h"
#include "opt_iso.h"
@@ -48,7 +48,6 @@
#include <sys/syslog.h>
#include <sys/proc.h>
#include <sys/protosw.h>
-#include <sys/kauth.h>
#include <sys/cpu.h>
#include <sys/intr.h>
@@ -470,29 +469,12 @@
int
gif_ioctl(struct ifnet *ifp, u_long cmd, void *data)
{
- struct lwp *l = curlwp; /* XXX */
struct gif_softc *sc = ifp->if_softc;
struct ifreq *ifr = (struct ifreq*)data;
int error = 0, size;
struct sockaddr *dst, *src;
switch (cmd) {
- case SIOCSIFMTU:
- case SIOCSLIFPHYADDR:
-#ifdef SIOCDIFPHYADDR
- case SIOCDIFPHYADDR:
-#endif
- if ((error = kauth_authorize_network(l->l_cred,
- KAUTH_NETWORK_INTERFACE,
- KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
- NULL)) != 0)
- return (error);
- /* FALLTHROUGH */
- default:
- break;
- }
-
- switch (cmd) {
case SIOCINITIFADDR:
ifp->if_flags |= IFF_UP;
break;
diff -r 526d43b3eabf -r ef931eb9ab53 sys/net/if_gre.c
--- a/sys/net/if_gre.c Fri Oct 28 16:10:12 2011 +0000
+++ b/sys/net/if_gre.c Fri Oct 28 16:42:52 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_gre.c,v 1.147 2011/10/27 20:04:57 dyoung Exp $ */
+/* $NetBSD: if_gre.c,v 1.148 2011/10/28 16:42:52 dyoung Exp $ */
/*
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -45,7 +45,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.147 2011/10/27 20:04:57 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.148 2011/10/28 16:42:52 dyoung Exp $");
#include "opt_atalk.h"
#include "opt_gre.h"
@@ -1234,15 +1234,11 @@
GRE_DPRINTF(sc, "cmd %lu\n", cmd);
switch (cmd) {
- case SIOCSIFFLAGS:
- case SIOCSIFMTU:
case GRESPROTO:
case GRESADDRD:
case GRESADDRS:
case GRESSOCK:
case GREDSOCK:
- case SIOCSLIFPHYADDR:
- case SIOCDIFPHYADDR:
if (kauth_authorize_network(curlwp->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
Home |
Main Index |
Thread Index |
Old Index