From 92ebc6d188e4c25943254cb54056610684728988 Mon Sep 17 00:00:00 2001 From: deraadt Date: Wed, 7 Oct 2015 19:52:54 +0000 Subject: [PATCH] Split out routing sysctl's from tame "inet", and put them into the new tame "route" request. Now routing daemons and tools (such as arp), can narrowly ask for either feature. One thing remains available in both cases -- support for getifaddr()'s, since libc and programs often use that in close association with socket creation. ok benno sthen beck, some discussion with renato --- sys/kern/kern_tame.c | 99 ++++++++++++++++++++++++-------------------- sys/sys/tame.h | 3 +- 2 files changed, 57 insertions(+), 45 deletions(-) diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c index eda216a81e7..ccd26b1b58e 100644 --- a/sys/kern/kern_tame.c +++ b/sys/kern/kern_tame.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_tame.c,v 1.66 2015/10/07 03:47:43 deraadt Exp $ */ +/* $OpenBSD: kern_tame.c,v 1.67 2015/10/07 19:52:54 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -238,6 +238,7 @@ static const struct { { "sendfd", TAME_RW | TAME_SENDFD }, { "recvfd", TAME_RW | TAME_RECVFD }, { "ioctl", TAME_IOCTL }, + { "route", TAME_ROUTE }, { "tty", TAME_TTY }, { "proc", TAME_PROC }, { "exec", TAME_EXEC }, @@ -810,7 +811,7 @@ tame_cmsg_send(struct proc *p, struct mbuf *control) } int -tame_sysctl_check(struct proc *p, int namelen, int *name, void *new) +tame_sysctl_check(struct proc *p, int miblen, int *mib, void *new) { if ((p->p_p->ps_flags & PS_TAMED) == 0) return (0); @@ -818,64 +819,74 @@ tame_sysctl_check(struct proc *p, int namelen, int *name, void *new) if (new) return (EFAULT); - /* setproctitle() */ - if (namelen == 2 && - name[0] == CTL_VM && - name[1] == VM_PSSTRINGS) - return (0); + /* routing table observation */ + if ((p->p_p->ps_tame & TAME_ROUTE)) { + if (miblen == 7 && + mib[0] == CTL_NET && mib[1] == PF_ROUTE && + mib[2] == 0 && + (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) && + mib[4] == NET_RT_DUMP) + return (0); - /* getifaddrs() */ - if ((p->p_p->ps_tame & TAME_INET) && - namelen == 6 && - name[0] == CTL_NET && name[1] == PF_ROUTE && - name[2] == 0 && name[3] == 0 && - name[4] == NET_RT_IFLIST && name[5] == 0) - return (0); + if (miblen == 6 && + mib[0] == CTL_NET && mib[1] == PF_ROUTE && + mib[2] == 0 && + (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) && + mib[4] == NET_RT_TABLE) + return (0); - /* used by arp(8). Exposes MAC addresses known on local nets */ - /* XXX Put into a special catagory. */ - if ((p->p_p->ps_tame & TAME_INET) && - namelen == 7 && - name[0] == CTL_NET && name[1] == PF_ROUTE && - name[2] == 0 && name[3] == AF_INET && - name[4] == NET_RT_FLAGS && name[5] == RTF_LLINFO) - return (0); + if (miblen == 7 && /* exposes MACs */ + mib[0] == CTL_NET && mib[1] == PF_ROUTE && + mib[2] == 0 && mib[3] == AF_INET && + mib[4] == NET_RT_FLAGS && mib[5] == RTF_LLINFO) + return (0); + } + + if ((p->p_p->ps_tame & (TAME_ROUTE | TAME_INET))) { + if (miblen == 6 && /* getifaddrs() */ + mib[0] == CTL_NET && mib[1] == PF_ROUTE && + mib[2] == 0 && + (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) && + mib[4] == NET_RT_IFLIST) + return (0); + } /* used by ntpd(8) to read sensors. */ - /* XXX Put into a special catagory. */ - if (namelen >= 3 && - name[0] == CTL_HW && name[1] == HW_SENSORS) + if (miblen >= 3 && + mib[0] == CTL_HW && mib[1] == HW_SENSORS) return (0); - /* getdomainname(), gethostname(), getpagesize(), uname() */ - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_DOMAINNAME) + if (miblen == 2 && /* getdomainname() */ + mib[0] == CTL_KERN && mib[1] == KERN_DOMAINNAME) + return (0); + if (miblen == 2 && /* gethostname() */ + mib[0] == CTL_KERN && mib[1] == KERN_HOSTNAME) return (0); - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_HOSTNAME) + if (miblen == 2 && /* uname() */ + mib[0] == CTL_KERN && mib[1] == KERN_OSTYPE) return (0); - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_OSTYPE) + if (miblen == 2 && /* uname() */ + mib[0] == CTL_KERN && mib[1] == KERN_OSRELEASE) return (0); - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_OSRELEASE) + if (miblen == 2 && /* uname() */ + mib[0] == CTL_KERN && mib[1] == KERN_OSVERSION) return (0); - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_OSVERSION) + if (miblen == 2 && /* uname() */ + mib[0] == CTL_KERN && mib[1] == KERN_VERSION) return (0); - if (namelen == 2 && - name[0] == CTL_KERN && name[1] == KERN_VERSION) + if (miblen == 2 && /* uname() */ + mib[0] == CTL_HW && mib[1] == HW_MACHINE) return (0); - if (namelen == 2 && - name[0] == CTL_HW && name[1] == HW_MACHINE) + if (miblen == 2 && /* getpagesize() */ + mib[0] == CTL_HW && mib[1] == HW_PAGESIZE) return (0); - if (namelen == 2 && - name[0] == CTL_HW && name[1] == HW_PAGESIZE) + if (miblen == 2 && /* setproctitle() */ + mib[0] == CTL_VM && mib[1] == VM_PSSTRINGS) return (0); printf("%s(%d): sysctl %d: %d %d %d %d %d %d\n", - p->p_comm, p->p_pid, namelen, name[0], name[1], - name[2], name[3], name[4], name[5]); + p->p_comm, p->p_pid, miblen, mib[0], mib[1], + mib[2], mib[3], mib[4], mib[5]); return (EFAULT); } diff --git a/sys/sys/tame.h b/sys/sys/tame.h index 738ebacf319..e7591130fd6 100644 --- a/sys/sys/tame.h +++ b/sys/sys/tame.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tame.h,v 1.11 2015/10/07 03:47:43 deraadt Exp $ */ +/* $OpenBSD: tame.h,v 1.12 2015/10/07 19:52:54 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -44,6 +44,7 @@ #define TAME_SENDFD 0x00020000 /* AF_UNIX CMSG fd sending */ #define TAME_RECVFD 0x00040000 /* AF_UNIX CMSG fd receiving */ #define TAME_EXEC 0x00080000 /* execve, child is free of tame */ +#define TAME_ROUTE 0x00100000 /* routing lookups */ #define TAME_ABORT 0x08000000 /* SIGABRT instead of SIGKILL */ -- 2.20.1