Re: Removing inpcbpolicy::priv

To: tech-net%netbsd.org@localhost
Subject: Re: Removing inpcbpolicy::priv
From: christos%astron.com@localhost (Christos Zoulas)
Date: Fri, 8 May 2009 12:00:56 +0000 (UTC)

In article <4A035F69.8030808%NetBSD.org@localhost>, Elad Efrat  
<elad%NetBSD.org@localhost> wrote:
>-=-=-=-=-=-
>
>Hi,
>
>It looks like inpcbpolicy::priv is redundant.
>
>The PCB is always attached to a socket, and therefore we can use the uid
>stored in uidinfo for permissions check. In fact, the priv member is set
>by checking the uid from uidinfo.
>
>The other case the priv member is used is in ipsec_copy_pcbpolicy(),
>when copying a policy, called from syn_cache_get(). There, too, it seems
>it's redundant, as sonewconn() is called to create a new socket, which
>keeps the uidinfo.
>
>Therefore, I suggest the trivial diff attached -- please review.
>

But checking uid == 0 is not the kauth way...

christos

Follow-Ups:
- Re: Removing inpcbpolicy::priv
  - From: Elad Efrat

References:
- Removing inpcbpolicy::priv
  - From: Elad Efrat

Prev by Date: Removing inpcbpolicy::priv
Next by Date: splnet() surrounding in6_control1()
Previous by Thread: Removing inpcbpolicy::priv
Next by Thread: Re: Removing inpcbpolicy::priv
Indexes:

Home | Main Index | Thread Index | Old Index