Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys Protect network ioctls from non-authorized users. (Ilja ...
details: https://anonhg.NetBSD.org/src/rev/347a73c1d7c1
branches: trunk
changeset: 847297:347a73c1d7c1
user: christos <christos%NetBSD.org@localhost>
date: Tue Dec 17 04:54:36 2019 +0000
description:
Protect network ioctls from non-authorized users. (Ilja Van Sprundel)
diffstat:
sys/dev/ic/ath.c | 11 ++++-
sys/dev/usb/if_umb.c | 10 +++-
sys/net/if.c | 107 ++++++++++++++++++++++++++------------------------
3 files changed, 72 insertions(+), 56 deletions(-)
diffs (231 lines):
diff -r 21c26f1076b0 -r 347a73c1d7c1 sys/dev/ic/ath.c
--- a/sys/dev/ic/ath.c Tue Dec 17 02:32:26 2019 +0000
+++ b/sys/dev/ic/ath.c Tue Dec 17 04:54:36 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ath.c,v 1.128 2019/11/10 21:16:35 chs Exp $ */
+/* $NetBSD: ath.c,v 1.129 2019/12/17 04:54:36 christos Exp $ */
/*-
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
@@ -41,7 +41,7 @@
__FBSDID("$FreeBSD: src/sys/dev/ath/if_ath.c,v 1.104 2005/09/16 10:09:23 ru Exp $");
#endif
#ifdef __NetBSD__
-__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.128 2019/11/10 21:16:35 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.129 2019/12/17 04:54:36 christos Exp $");
#endif
/*
@@ -69,6 +69,7 @@
#include <sys/callout.h>
#include <sys/bus.h>
#include <sys/endian.h>
+#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_dl.h>
@@ -5422,6 +5423,12 @@
return copyout(&sc->sc_stats,
ifr->ifr_data, sizeof (sc->sc_stats));
case SIOCGATHDIAG:
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ break;
error = ath_ioctl_diag(sc, (struct ath_diag *) ifr);
break;
default:
diff -r 21c26f1076b0 -r 347a73c1d7c1 sys/dev/usb/if_umb.c
--- a/sys/dev/usb/if_umb.c Tue Dec 17 02:32:26 2019 +0000
+++ b/sys/dev/usb/if_umb.c Tue Dec 17 04:54:36 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_umb.c,v 1.9 2019/06/26 22:58:58 khorben Exp $ */
+/* $NetBSD: if_umb.c,v 1.10 2019/12/17 04:54:36 christos Exp $ */
/* $OpenBSD: if_umb.c,v 1.20 2018/09/10 17:00:45 gerhard Exp $ */
/*
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_umb.c,v 1.9 2019/06/26 22:58:58 khorben Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_umb.c,v 1.10 2019/12/17 04:54:36 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -779,6 +779,12 @@
usb_add_task(sc->sc_udev, &sc->sc_umb_task, USB_TASKQ_DRIVER);
break;
case SIOCGUMBINFO:
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ break;
error = copyout(&sc->sc_info, ifr->ifr_data,
sizeof(sc->sc_info));
break;
diff -r 21c26f1076b0 -r 347a73c1d7c1 sys/net/if.c
--- a/sys/net/if.c Tue Dec 17 02:32:26 2019 +0000
+++ b/sys/net/if.c Tue Dec 17 04:54:36 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if.c,v 1.465 2019/11/14 16:23:53 maxv Exp $ */
+/* $NetBSD: if.c,v 1.466 2019/12/17 04:54:36 christos Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.465 2019/11/14 16:23:53 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.466 2019/12/17 04:54:36 christos Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -2971,6 +2971,8 @@
struct ifcapreq *ifcr;
struct ifdatareq *ifdr;
unsigned short flags;
+ char *descr;
+ int error;
switch (cmd) {
case SIOCSIFCAP:
@@ -3125,55 +3127,53 @@
#endif
return ENETRESET;
case SIOCSIFDESCR:
- {
- char *descrbuf;
-
- ifr = data;
-
- if (ifr->ifr_buflen > IFDESCRSIZE)
- return ENAMETOOLONG;
-
- if (ifr->ifr_buf == NULL || ifr->ifr_buflen == 0) {
- /* unset description */
- descrbuf = NULL;
- } else {
- int error;
-
- descrbuf = kmem_zalloc(IFDESCRSIZE, KM_SLEEP);
- /* copy (IFDESCRSIZE - 1) bytes to ensure terminating nul */
- error = copyin(ifr->ifr_buf, descrbuf, IFDESCRSIZE - 1);
- if (error) {
- kmem_free(descrbuf, IFDESCRSIZE);
- return error;
- }
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ return error;
+
+ ifr = data;
+
+ if (ifr->ifr_buflen > IFDESCRSIZE)
+ return ENAMETOOLONG;
+
+ if (ifr->ifr_buf == NULL || ifr->ifr_buflen == 0) {
+ /* unset description */
+ descr = NULL;
+ } else {
+ descr = kmem_zalloc(IFDESCRSIZE, KM_SLEEP);
+ /*
+ * copy (IFDESCRSIZE - 1) bytes to ensure
+ * terminating nul
+ */
+ error = copyin(ifr->ifr_buf, descr, IFDESCRSIZE - 1);
+ if (error) {
+ kmem_free(descr, IFDESCRSIZE);
+ return error;
}
-
- if (ifp->if_description != NULL)
- kmem_free(ifp->if_description, IFDESCRSIZE);
-
- ifp->if_description = descrbuf;
}
+
+ if (ifp->if_description != NULL)
+ kmem_free(ifp->if_description, IFDESCRSIZE);
+
+ ifp->if_description = descr;
break;
case SIOCGIFDESCR:
- {
- char *descr;
-
- ifr = data;
- descr = ifp->if_description;
-
- if (descr == NULL)
- return ENOMSG;
-
- if (ifr->ifr_buflen < IFDESCRSIZE)
- return EINVAL;
- else {
- int error;
- error = copyout(descr, ifr->ifr_buf, IFDESCRSIZE);
- if (error)
- return error;
- }
- }
+ ifr = data;
+ descr = ifp->if_description;
+
+ if (descr == NULL)
+ return ENOMSG;
+
+ if (ifr->ifr_buflen < IFDESCRSIZE)
+ return EINVAL;
+
+ error = copyout(descr, ifr->ifr_buf, IFDESCRSIZE);
+ if (error)
+ return error;
break;
default:
@@ -3196,10 +3196,13 @@
switch (cmd) {
case SIOCSIFADDRPREF:
- if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_INTERFACE,
- KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
- NULL) != 0)
- return EPERM;
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ return error;
+ break;
case SIOCGIFADDRPREF:
break;
default:
@@ -3310,7 +3313,7 @@
error = kauth_authorize_network(l->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp,
- (void *)cmd, NULL);
+ KAUTH_ARG(cmd), NULL);
if (ifp != NULL)
if_put(ifp, &psref);
if (error != 0) {
@@ -3375,7 +3378,7 @@
error = kauth_authorize_network(l->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp,
- (void *)cmd, NULL);
+ KAUTH_ARG(cmd), NULL);
if (error != 0)
goto out;
}
Home |
Main Index |
Thread Index |
Old Index