CVSROOT: /cvs
Module name: src
Changes by: clau...@cvs.openbsd.org 2022/08/11 03:13:21
Modified files:
sys/kern : kern_pledge.c
sys/netinet : tcp.h tcp_input.c tcp_output.c tcp_usrreq.c
tcp_var.h
Log message:
Add TCP_INFO support to getsockopt for tcp sessions.
TCP_INFO provides a lot of information about the TCP session of this socket.
Many processes like to peek at the rtt of a connection but this also provides
a lot of more special info for use by e.g. tcpbench(1).
While the basic minimal info is available all the time the more specific
data is only populated for privileged processes. This is done to not share
data back to userland that may allow to attack a session.
TCP_INFO is available to pledge "inet" since pledged processes like chrome
tend to use TCP_INFO when available.
OK bluhm@
