Re: Removing inpcbpolicy::priv

To: Christos Zoulas <christos%astron.com@localhost>
Subject: Re: Removing inpcbpolicy::priv
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Fri, 08 May 2009 16:45:30 +0300

Christos Zoulas wrote:

In article <4A035F69.8030808%NetBSD.org@localhost>, Elad Efrat  
<elad%NetBSD.org@localhost> wrote:

-=-=-=-=-=-

Hi,

It looks like inpcbpolicy::priv is redundant.

The PCB is always attached to a socket, and therefore we can use the uid
stored in uidinfo for permissions check. In fact, the priv member is set
by checking the uid from uidinfo.

The other case the priv member is used is in ipsec_copy_pcbpolicy(),
when copying a policy, called from syn_cache_get(). There, too, it seems
it's redundant, as sonewconn() is called to create a new socket, which
keeps the uidinfo.

Therefore, I suggest the trivial diff attached -- please review.


But checking uid == 0 is not the kauth way...


Ideally we should use the socket credentials, but until we figure out
how to implement them properly (see thread in tech-kern@) we need to use
something else... falling back to uidinfo makes sure it won't go
unnoticed in future greps once we have socket credentials in place. :)

-e.

References:
- Removing inpcbpolicy::priv
  - From: Elad Efrat
- Re: Removing inpcbpolicy::priv
  - From: Christos Zoulas

Prev by Date: splnet() surrounding in6_control1()
Next by Date: Re: need help
Previous by Thread: Re: Removing inpcbpolicy::priv
Next by Thread: Re: Removing inpcbpolicy::priv
Indexes:

Home | Main Index | Thread Index | Old Index