Module Name: src
Committed By: dyoung
Date: Fri Oct 28 16:42:52 UTC 2011
Modified Files:
src/sys/net: if_gif.c if_gre.c
Log Message:
Don't kauth-orize SIOCDIFPHYADDR, SIOCSIFFLAGS, SIOCSIFMTU, or
SIOCSLIFPHYADDR, in gif_ioctl() or in gre_ioctl(), because those
operations are ordinarily kauth-orized already in ifioctl().
Kauth-orizing SIOCSIFFLAGS in gre_ioctl() caused a panic ("panic:
bpf_detachd: ifpromisc failed: 1") when tcpdump(8) was interrupted.
Somehow bpf(4) enables promiscuous mode using different credentials than
it uses to disable promiscuous mode, hence the ifpromisc failure. This
may have something to do with privilege-separation in tcpdump(8). I.e.,
an LWP with SIOCSIFFLAGS privilege opens /dev/bpf, but an LWP without
SIOCSIFFLAGS privilege closes it.
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 src/sys/net/if_gif.c
cvs rdiff -u -r1.147 -r1.148 src/sys/net/if_gre.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_gif.c
diff -u src/sys/net/if_gif.c:1.79 src/sys/net/if_gif.c:1.80
--- src/sys/net/if_gif.c:1.79 Thu Oct 27 20:04:57 2011
+++ src/sys/net/if_gif.c Fri Oct 28 16:42:52 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: if_gif.c,v 1.79 2011/10/27 20:04:57 dyoung Exp $ */
+/* $NetBSD: if_gif.c,v 1.80 2011/10/28 16:42:52 dyoung Exp $ */
/* $KAME: if_gif.c,v 1.76 2001/08/20 02:01:02 kjc Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.79 2011/10/27 20:04:57 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.80 2011/10/28 16:42:52 dyoung Exp $");
#include "opt_inet.h"
#include "opt_iso.h"
@@ -48,7 +48,6 @@ __KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1
#include <sys/syslog.h>
#include <sys/proc.h>
#include <sys/protosw.h>
-#include <sys/kauth.h>
#include <sys/cpu.h>
#include <sys/intr.h>
@@ -470,29 +469,12 @@ gif_input(struct mbuf *m, int af, struct
int
gif_ioctl(struct ifnet *ifp, u_long cmd, void *data)
{
- struct lwp *l = curlwp; /* XXX */
struct gif_softc *sc = ifp->if_softc;
struct ifreq *ifr = (struct ifreq*)data;
int error = 0, size;
struct sockaddr *dst, *src;
switch (cmd) {
- case SIOCSIFMTU:
- case SIOCSLIFPHYADDR:
-#ifdef SIOCDIFPHYADDR
- case SIOCDIFPHYADDR:
-#endif
- if ((error = kauth_authorize_network(l->l_cred,
- KAUTH_NETWORK_INTERFACE,
- KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
- NULL)) != 0)
- return (error);
- /* FALLTHROUGH */
- default:
- break;
- }
-
- switch (cmd) {
case SIOCINITIFADDR:
ifp->if_flags |= IFF_UP;
break;
Index: src/sys/net/if_gre.c
diff -u src/sys/net/if_gre.c:1.147 src/sys/net/if_gre.c:1.148
--- src/sys/net/if_gre.c:1.147 Thu Oct 27 20:04:57 2011
+++ src/sys/net/if_gre.c Fri Oct 28 16:42:52 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: if_gre.c,v 1.147 2011/10/27 20:04:57 dyoung Exp $ */
+/* $NetBSD: if_gre.c,v 1.148 2011/10/28 16:42:52 dyoung Exp $ */
/*
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -45,7 +45,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.147 2011/10/27 20:04:57 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.148 2011/10/28 16:42:52 dyoung Exp $");
#include "opt_atalk.h"
#include "opt_gre.h"
@@ -1234,15 +1234,11 @@ gre_ioctl(struct ifnet *ifp, const u_lon
GRE_DPRINTF(sc, "cmd %lu\n", cmd);
switch (cmd) {
- case SIOCSIFFLAGS:
- case SIOCSIFMTU:
case GRESPROTO:
case GRESADDRD:
case GRESADDRS:
case GRESSOCK:
case GREDSOCK:
- case SIOCSLIFPHYADDR:
- case SIOCDIFPHYADDR:
if (kauth_authorize_network(curlwp->l_cred,
KAUTH_NETWORK_INTERFACE,
KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
