Split out routing sysctl's from tame "inet", and put them into the

new tame "route" request.  Now routing daemons and tools (such as arp),
can narrowly ask for either feature.  One thing remains available in
both cases -- support for getifaddr()'s, since libc and programs often
use that in close association with socket creation.
ok benno sthen beck, some discussion with renato

diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c
index eda216a..ccd26b1 100644 (file)
--- a/sys/kern/kern_tame.c
+++ b/sys/kern/kern_tame.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_tame.c,v 1.66 2015/10/07 03:47:43 deraadt Exp $  */
+/*     $OpenBSD: kern_tame.c,v 1.67 2015/10/07 19:52:54 deraadt Exp $  */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -238,6 +238,7 @@ static const struct {
        { "sendfd",             TAME_RW | TAME_SENDFD },
        { "recvfd",             TAME_RW | TAME_RECVFD },
        { "ioctl",              TAME_IOCTL },
+       { "route",              TAME_ROUTE },
        { "tty",                TAME_TTY },
        { "proc",               TAME_PROC },
        { "exec",               TAME_EXEC },
@@ -810,7 +811,7 @@ tame_cmsg_send(struct proc *p, struct mbuf *control)
 }
 
 int
-tame_sysctl_check(struct proc *p, int namelen, int *name, void *new)
+tame_sysctl_check(struct proc *p, int miblen, int *mib, void *new)
 {
        if ((p->p_p->ps_flags & PS_TAMED) == 0)
                return (0);
@@ -818,64 +819,74 @@ tame_sysctl_check(struct proc *p, int namelen, int *name, void *new)
        if (new)
                return (EFAULT);
 
-       /* setproctitle() */
-       if (namelen == 2 &&
-           name[0] == CTL_VM &&
-           name[1] == VM_PSSTRINGS)
-               return (0);
+       /* routing table observation */
+       if ((p->p_p->ps_tame & TAME_ROUTE)) {
+               if (miblen == 7 &&
+                   mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
+                   mib[2] == 0 &&
+                   (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) &&
+                   mib[4] == NET_RT_DUMP)
+                       return (0);
 
-       /* getifaddrs() */
-       if ((p->p_p->ps_tame & TAME_INET) &&
-           namelen == 6 &&
-           name[0] == CTL_NET && name[1] == PF_ROUTE &&
-           name[2] == 0 && name[3] == 0 &&
-           name[4] == NET_RT_IFLIST && name[5] == 0)
-               return (0);
+               if (miblen == 6 &&
+                   mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
+                   mib[2] == 0 &&
+                   (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) &&
+                   mib[4] == NET_RT_TABLE)
+                       return (0);
 
-       /* used by arp(8).  Exposes MAC addresses known on local nets */
-       /* XXX Put into a special catagory. */
-       if ((p->p_p->ps_tame & TAME_INET) &&
-           namelen == 7 &&
-           name[0] == CTL_NET && name[1] == PF_ROUTE &&
-           name[2] == 0 && name[3] == AF_INET &&
-           name[4] == NET_RT_FLAGS && name[5] == RTF_LLINFO)
-               return (0);
+               if (miblen == 7 &&                      /* exposes MACs */
+                   mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
+                   mib[2] == 0 && mib[3] == AF_INET &&
+                   mib[4] == NET_RT_FLAGS && mib[5] == RTF_LLINFO)
+                       return (0);
+       }
+
+       if ((p->p_p->ps_tame & (TAME_ROUTE | TAME_INET))) {
+               if (miblen == 6 &&              /* getifaddrs() */
+                   mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
+                   mib[2] == 0 &&
+                   (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) &&
+                   mib[4] == NET_RT_IFLIST)
+                       return (0);
+       }
 
        /* used by ntpd(8) to read sensors. */
-       /* XXX Put into a special catagory. */
-       if (namelen >= 3 &&
-           name[0] == CTL_HW && name[1] == HW_SENSORS)
+       if (miblen >= 3 &&
+           mib[0] == CTL_HW && mib[1] == HW_SENSORS)
                return (0);
 
-       /* getdomainname(), gethostname(), getpagesize(), uname() */
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_DOMAINNAME)
+       if (miblen == 2 &&                      /* getdomainname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_DOMAINNAME)
+               return (0);
+       if (miblen == 2 &&                      /* gethostname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_HOSTNAME)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_HOSTNAME)
+       if (miblen == 2 &&                      /* uname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_OSTYPE)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_OSTYPE)
+       if (miblen == 2 &&                      /* uname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_OSRELEASE)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_OSRELEASE)
+       if (miblen == 2 &&                      /* uname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_OSVERSION)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_OSVERSION)
+       if (miblen == 2 &&                      /* uname() */
+           mib[0] == CTL_KERN && mib[1] == KERN_VERSION)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_KERN && name[1] == KERN_VERSION)
+       if (miblen == 2 &&                      /* uname() */
+           mib[0] == CTL_HW && mib[1] == HW_MACHINE)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_HW && name[1] == HW_MACHINE)
+       if (miblen == 2 &&                      /* getpagesize() */
+           mib[0] == CTL_HW && mib[1] == HW_PAGESIZE)
                return (0);
-       if (namelen == 2 &&
-           name[0] == CTL_HW && name[1] == HW_PAGESIZE)
+       if (miblen == 2 &&                      /* setproctitle() */
+           mib[0] == CTL_VM && mib[1] == VM_PSSTRINGS)
                return (0);
 
        printf("%s(%d): sysctl %d: %d %d %d %d %d %d\n",
-           p->p_comm, p->p_pid, namelen, name[0], name[1],
-           name[2], name[3], name[4], name[5]);
+           p->p_comm, p->p_pid, miblen, mib[0], mib[1],
+           mib[2], mib[3], mib[4], mib[5]);
        return (EFAULT);
 }
 

diff --git a/sys/sys/tame.h b/sys/sys/tame.h
index 738ebac..e759113 100644 (file)
--- a/sys/sys/tame.h
+++ b/sys/sys/tame.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tame.h,v 1.11 2015/10/07 03:47:43 deraadt Exp $       */
+/*     $OpenBSD: tame.h,v 1.12 2015/10/07 19:52:54 deraadt Exp $       */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -44,6 +44,7 @@
 #define TAME_SENDFD    0x00020000      /* AF_UNIX CMSG fd sending */
 #define TAME_RECVFD    0x00040000      /* AF_UNIX CMSG fd receiving */
 #define TAME_EXEC      0x00080000      /* execve, child is free of tame */
+#define TAME_ROUTE     0x00100000      /* routing lookups */
 
 #define TAME_ABORT     0x08000000      /* SIGABRT instead of SIGKILL */