Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-9]: src/sys/net Pull up following revision(s) (requested by chris...
details: https://anonhg.NetBSD.org/src/rev/6fe6fa7b0764
branches: netbsd-9
changeset: 963446:6fe6fa7b0764
user: martin <martin%NetBSD.org@localhost>
date: Tue Dec 17 16:12:53 2019 +0000
description:
Pull up following revision(s) (requested by christos in ticket #569):
sys/dev/usb/if_umb.c: revision 1.10
sys/net/if.c: revision 1.466
sys/dev/ic/ath.c: revision 1.129
Protect network ioctls from non-authorized users. (Ilja Van Sprundel)
diffstat:
sys/dev/ic/ath.c | 11 ++++-
sys/dev/usb/if_umb.c | 10 +++-
sys/net/if.c | 109 ++++++++++++++++++++++++++------------------------
3 files changed, 73 insertions(+), 57 deletions(-)
diffs (233 lines):
diff -r 2ce98ccb46eb -r 6fe6fa7b0764 sys/dev/ic/ath.c
--- a/sys/dev/ic/ath.c Tue Dec 17 13:03:05 2019 +0000
+++ b/sys/dev/ic/ath.c Tue Dec 17 16:12:53 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ath.c,v 1.127 2019/05/28 07:41:48 msaitoh Exp $ */
+/* $NetBSD: ath.c,v 1.127.2.1 2019/12/17 16:12:54 martin Exp $ */
/*-
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
@@ -41,7 +41,7 @@
__FBSDID("$FreeBSD: src/sys/dev/ath/if_ath.c,v 1.104 2005/09/16 10:09:23 ru Exp $");
#endif
#ifdef __NetBSD__
-__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.127 2019/05/28 07:41:48 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.127.2.1 2019/12/17 16:12:54 martin Exp $");
#endif
/*
@@ -69,6 +69,7 @@
#include <sys/callout.h>
#include <sys/bus.h>
#include <sys/endian.h>
+#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_dl.h>
@@ -5441,6 +5442,12 @@
return copyout(&sc->sc_stats,
ifr->ifr_data, sizeof (sc->sc_stats));
case SIOCGATHDIAG:
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ break;
error = ath_ioctl_diag(sc, (struct ath_diag *) ifr);
break;
default:
diff -r 2ce98ccb46eb -r 6fe6fa7b0764 sys/dev/usb/if_umb.c
--- a/sys/dev/usb/if_umb.c Tue Dec 17 13:03:05 2019 +0000
+++ b/sys/dev/usb/if_umb.c Tue Dec 17 16:12:53 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_umb.c,v 1.9 2019/06/26 22:58:58 khorben Exp $ */
+/* $NetBSD: if_umb.c,v 1.9.2.1 2019/12/17 16:12:53 martin Exp $ */
/* $OpenBSD: if_umb.c,v 1.20 2018/09/10 17:00:45 gerhard Exp $ */
/*
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_umb.c,v 1.9 2019/06/26 22:58:58 khorben Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_umb.c,v 1.9.2.1 2019/12/17 16:12:53 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -779,6 +779,12 @@
usb_add_task(sc->sc_udev, &sc->sc_umb_task, USB_TASKQ_DRIVER);
break;
case SIOCGUMBINFO:
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ break;
error = copyout(&sc->sc_info, ifr->ifr_data,
sizeof(sc->sc_info));
break;
diff -r 2ce98ccb46eb -r 6fe6fa7b0764 sys/net/if.c
--- a/sys/net/if.c Tue Dec 17 13:03:05 2019 +0000
+++ b/sys/net/if.c Tue Dec 17 16:12:53 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if.c,v 1.457.2.2 2019/09/24 03:10:35 martin Exp $ */
+/* $NetBSD: if.c,v 1.457.2.3 2019/12/17 16:12:54 martin Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.457.2.2 2019/09/24 03:10:35 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.457.2.3 2019/12/17 16:12:54 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -2971,7 +2971,9 @@
struct ifreq *ifr;
struct ifcapreq *ifcr;
struct ifdatareq *ifdr;
-
+ char *descr;
+ int error;
+
switch (cmd) {
case SIOCSIFCAP:
ifcr = data;
@@ -3120,55 +3122,53 @@
#endif
return ENETRESET;
case SIOCSIFDESCR:
- {
- char *descrbuf;
-
- ifr = data;
-
- if (ifr->ifr_buflen > IFDESCRSIZE)
- return ENAMETOOLONG;
-
- if (ifr->ifr_buf == NULL || ifr->ifr_buflen == 0) {
- /* unset description */
- descrbuf = NULL;
- } else {
- int error;
-
- descrbuf = kmem_zalloc(IFDESCRSIZE, KM_SLEEP);
- /* copy (IFDESCRSIZE - 1) bytes to ensure terminating nul */
- error = copyin(ifr->ifr_buf, descrbuf, IFDESCRSIZE - 1);
- if (error) {
- kmem_free(descrbuf, IFDESCRSIZE);
- return error;
- }
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ return error;
+
+ ifr = data;
+
+ if (ifr->ifr_buflen > IFDESCRSIZE)
+ return ENAMETOOLONG;
+
+ if (ifr->ifr_buf == NULL || ifr->ifr_buflen == 0) {
+ /* unset description */
+ descr = NULL;
+ } else {
+ descr = kmem_zalloc(IFDESCRSIZE, KM_SLEEP);
+ /*
+ * copy (IFDESCRSIZE - 1) bytes to ensure
+ * terminating nul
+ */
+ error = copyin(ifr->ifr_buf, descr, IFDESCRSIZE - 1);
+ if (error) {
+ kmem_free(descr, IFDESCRSIZE);
+ return error;
}
-
- if (ifp->if_description != NULL)
- kmem_free(ifp->if_description, IFDESCRSIZE);
-
- ifp->if_description = descrbuf;
}
+
+ if (ifp->if_description != NULL)
+ kmem_free(ifp->if_description, IFDESCRSIZE);
+
+ ifp->if_description = descr;
break;
case SIOCGIFDESCR:
- {
- char *descr;
-
- ifr = data;
- descr = ifp->if_description;
-
- if (descr == NULL)
- return ENOMSG;
-
- if (ifr->ifr_buflen < IFDESCRSIZE)
- return EINVAL;
- else {
- int error;
- error = copyout(descr, ifr->ifr_buf, IFDESCRSIZE);
- if (error)
- return error;
- }
- }
+ ifr = data;
+ descr = ifp->if_description;
+
+ if (descr == NULL)
+ return ENOMSG;
+
+ if (ifr->ifr_buflen < IFDESCRSIZE)
+ return EINVAL;
+
+ error = copyout(descr, ifr->ifr_buf, IFDESCRSIZE);
+ if (error)
+ return error;
break;
default:
@@ -3191,10 +3191,13 @@
switch (cmd) {
case SIOCSIFADDRPREF:
- if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_INTERFACE,
- KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
- NULL) != 0)
- return EPERM;
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ return error;
+ break;
case SIOCGIFADDRPREF:
break;
default:
@@ -3305,7 +3308,7 @@
error = kauth_authorize_network(l->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp,
- (void *)cmd, NULL);
+ KAUTH_ARG(cmd), NULL);
if (ifp != NULL)
if_put(ifp, &psref);
if (error != 0) {
@@ -3370,7 +3373,7 @@
error = kauth_authorize_network(l->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp,
- (void *)cmd, NULL);
+ KAUTH_ARG(cmd), NULL);
if (error != 0)
goto out;
}
Home |
Main Index |
Thread Index |
Old Index