[src/trunk]: src/sys/net Allow changing of settings via ioctl only for the su...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/net Allow changing of settings via ioctl only for the su...
From: martin <martin%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 08:13:18 +0000

details:   https://anonhg.NetBSD.org/src/rev/cd9612c11d78
branches:  trunk
changeset: 499410:cd9612c11d78
user:      martin <martin%NetBSD.org@localhost>
date:      Sun Nov 19 18:48:44 2000 +0000

description:
Allow changing of settings via ioctl only for the superuser.
Fixes PR security/11524.

diffstat:

 sys/net/if_gif.c |  12 +++++++++++-
 sys/net/if_gre.c |  17 +++++++++++++++--
 2 files changed, 26 insertions(+), 3 deletions(-)

diffs (141 lines):

diff -r 694e1328f2fc -r cd9612c11d78 sys/net/if_gif.c
--- a/sys/net/if_gif.c  Sun Nov 19 16:40:16 2000 +0000
+++ b/sys/net/if_gif.c  Sun Nov 19 18:48:44 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_gif.c,v 1.16 2000/10/07 04:18:04 itojun Exp $       */
+/*     $NetBSD: if_gif.c,v 1.17 2000/11/19 18:48:45 martin Exp $       */
 /*     $KAME: if_gif.c,v 1.34 2000/10/07 03:58:53 itojun Exp $ */
 
 /*
@@ -42,6 +42,7 @@
 #include <sys/ioctl.h>
 #include <sys/time.h>
 #include <sys/syslog.h>
+#include <sys/proc.h>
 #include <sys/protosw.h>
 #include <machine/cpu.h>
 
@@ -439,6 +440,7 @@
        u_long cmd;
        caddr_t data;
 {
+       struct proc *p = curproc;       /* XXX */
        struct gif_softc *sc  = (struct gif_softc*)ifp;
        struct ifreq     *ifr = (struct ifreq*)data;
        int error = 0, size;
@@ -455,6 +457,8 @@
 
        case SIOCADDMULTI:
        case SIOCDELMULTI:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                switch (ifr->ifr_addr.sa_family) {
 #ifdef INET
                case AF_INET:   /* IP supports Multicast */
@@ -477,6 +481,8 @@
        case SIOCSIFMTU:
                {
                        u_long mtu;
+                       if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                               break;
                        mtu = ifr->ifr_mtu;
                        if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX) {
                                return (EINVAL);
@@ -490,6 +496,8 @@
 #ifdef INET6
        case SIOCSIFPHYADDR_IN6:
 #endif /* INET6 */
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                switch (cmd) {
 #ifdef INET
                case SIOCSIFPHYADDR:
@@ -606,6 +614,8 @@
 
 #ifdef SIOCDIFPHYADDR
        case SIOCDIFPHYADDR:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                gif_delete_tunnel(sc);
                break;
 #endif
diff -r 694e1328f2fc -r cd9612c11d78 sys/net/if_gre.c
--- a/sys/net/if_gre.c  Sun Nov 19 16:40:16 2000 +0000
+++ b/sys/net/if_gre.c  Sun Nov 19 18:48:44 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_gre.c,v 1.12 2000/08/25 00:51:20 mjl Exp $ */
+/*     $NetBSD: if_gre.c,v 1.13 2000/11/19 18:48:44 martin Exp $ */
 
 /*
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -55,6 +55,7 @@
 #include <sys/param.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
+#include <sys/proc.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/ioctl.h>
@@ -344,7 +345,7 @@
 int
 gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 {
-
+       struct proc *p = curproc;       /* XXX */
        struct ifaddr *ifa = (struct ifaddr *)data;
        struct ifreq *ifr = (struct ifreq *)data;
        struct in_ifaddr *ia = (struct in_ifaddr *)data;
@@ -360,6 +361,8 @@
        switch(cmd) {
        case SIOCSIFADDR:               
        case SIOCSIFDSTADDR:    
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                /* 
                  * set tunnel endpoints in case that we "only"
                  * have ip over ip encapsulation. This allows to
@@ -379,6 +382,8 @@
                }
                break;
        case SIOCSIFFLAGS:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                if ((sc->g_dst.s_addr == INADDR_ANY) || 
                    (sc->g_src.s_addr == INADDR_ANY))
                        ifp->if_flags &= ~IFF_UP;
@@ -397,6 +402,8 @@
                }
                break;
        case SIOCSIFMTU: 
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                if (ifr->ifr_mtu > GREMTU || ifr->ifr_mtu < 576) {
                        error = EINVAL;
                        break;
@@ -408,6 +415,8 @@
                break;
        case SIOCADDMULTI:
        case SIOCDELMULTI:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                if (ifr == 0) {
                        error = EAFNOSUPPORT;
                        break;
@@ -423,6 +432,8 @@
                }
                break;
        case GRESPROTO:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                sc->g_proto = ifr->ifr_flags;
                switch (sc->g_proto) {
                case IPPROTO_GRE :
@@ -442,6 +453,8 @@
                break;
        case GRESADDRS:
        case GRESADDRD:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                /*
                 * set tunnel endpoints, compute a less specific route
                 * to the remote end and mark if as up

Prev by Date: [src/trunk]: src/sys/arch/alpha/alpha Synch cpu_hatch() with the i386:
Next by Date: [src/trunk]: src/sys/arch/alpha/alpha Fix obvious typo (don't mark current cp...
Previous by Thread: [src/trunk]: src/sys/arch/alpha/alpha Synch cpu_hatch() with the i386:
Next by Thread: [src/trunk]: src/sys/arch/alpha/alpha Fix obvious typo (don't mark current cp...
Indexes:

Home | Main Index | Thread Index | Old Index