-/* $OpenBSD: kern_tame.c,v 1.60 2015/10/06 14:38:23 deraadt Exp $ */
+/* $OpenBSD: kern_tame.c,v 1.61 2015/10/06 14:55:41 claudio Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
* leaving such sockets lying around...
*/
int
-tame_cmsg_recv(struct proc *p, void *v, int controllen)
+tame_cmsg_recv(struct proc *p, struct mbuf *control)
{
- struct mbuf *control = v;
struct msghdr tmp;
struct cmsghdr *cmsg;
int *fdp, fd;
/* Scan the cmsg */
memset(&tmp, 0, sizeof(tmp));
tmp.msg_control = mtod(control, struct cmsghdr *);
- tmp.msg_controllen = controllen;
+ tmp.msg_controllen = control->m_len;
cmsg = CMSG_FIRSTHDR(&tmp);
while (cmsg != NULL) {
/*
* When tamed, default prevents sending of a cmsg.
+ *
+ * Unlike tame_cmsg_recv tame_cmsg_send is called with individual
+ * cmsgs one per mbuf. So no need to loop or scan.
*/
int
-tame_cmsg_send(struct proc *p, void *v, int controllen)
+tame_cmsg_send(struct proc *p, struct mbuf *control)
{
- struct mbuf *control = v;
- struct msghdr tmp;
struct cmsghdr *cmsg;
int *fdp, fd;
struct file *fp;
return tame_fail(p, EPERM, TAME_CMSG);
/* Scan the cmsg */
- memset(&tmp, 0, sizeof(tmp));
- tmp.msg_control = mtod(control, struct cmsghdr *);
- tmp.msg_controllen = controllen;
- cmsg = CMSG_FIRSTHDR(&tmp);
-
- while (cmsg != NULL) {
- if (cmsg->cmsg_level == SOL_SOCKET &&
- cmsg->cmsg_type == SCM_RIGHTS)
- break;
- cmsg = CMSG_NXTHDR(&tmp, cmsg);
- }
+ cmsg = mtod(control, struct cmsghdr *);
/* Contains no SCM_RIGHTS, so OK */
- if (cmsg == NULL)
+ if (!(cmsg->cmsg_level == SOL_SOCKET &&
+ cmsg->cmsg_type == SCM_RIGHTS))
return (0);
/* In OpenBSD, a CMSG only contains one SCM_RIGHTS. Check it. */
-/* $OpenBSD: uipc_syscalls.c,v 1.110 2015/09/29 16:55:58 deraadt Exp $ */
+/* $OpenBSD: uipc_syscalls.c,v 1.111 2015/10/06 14:55:41 claudio Exp $ */
/* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */
/*
mp->msg_controllen);
#endif
- if (tame_cmsg_send(p, control, mp->msg_controllen)) {
+ if (tame_cmsg_send(p, control)) {
m_free(control);
+ error = EPERM;
goto bad;
}
} else
mp->msg_flags |= MSG_CTRUNC;
i = len;
}
-// if (tame_cmsg_recv(p, control, mp->msg_controllen))
-// goto out;
+ if (tame_cmsg_recv(p, m)) {
+ error = EPERM;
+ goto out;
+ }
error = copyout(mtod(m, caddr_t), cp, i);
if (m->m_next)
i = ALIGN(i);
-/* $OpenBSD: tame.h,v 1.8 2015/09/30 11:36:07 semarie Exp $ */
+/* $OpenBSD: tame.h,v 1.9 2015/10/06 14:55:41 claudio Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
int tame_namei(struct proc *, char *);
void tame_aftersyscall(struct proc *, int, int);
-int tame_cmsg_send(struct proc *p, void *v, int controllen);
-int tame_cmsg_recv(struct proc *p, void *v, int controllen);
+struct mbuf;
+int tame_cmsg_send(struct proc *p, struct mbuf *control);
+int tame_cmsg_recv(struct proc *p, struct mbuf *control);
int tame_sysctl_check(struct proc *p, int namelen, int *name, void *new);
int tame_adjtime_check(struct proc *p, const void *v);
int tame_recvfrom_check(struct proc *p, void *from);
projects / openbsd / commitdiff