cvs commit: src/sys/netinet raw_ip.c
Aggelos Economopoulos
aoiko at cc.ece.ntua.gr
Sun Jul 6 09:07:29 PDT 2008
On Saturday 05 July 2008, Matthew Dillon wrote:
>
> :> sys/netinet raw_ip.c
> :> Log:
> :> Fix [gs]etsockopt(IP_HDRINCL) which allows mere mortals like me to obtain
> :> IP addresses via DHCP again.
> :
> :Great. Only, it turns out the whole approach is flawed. Setting sopt_td to
> :NULL may help with fooling sooptcopy{in,out} but some code uses the field
> :to do permission checks. The obvious fix is to add ->sopt_flags and SOPTF_KVA
> :and make sure no code in the tree leaves the new field uninitialized (lecture
> :on why open-coding stuff is BAD ommitted). This means that soopt_{from,to}_*
> :can go. This patch should do the trick; unless testing reveals some issue
> :I'm going to revert my changes from HEAD and put it in ASAP so it can get
> :wider testing before the release.
> :
> :Sorry for the inconvenience,
> :Aggelos
>
> It kinda sounds to me that the front-end system call should do all the
> copyin/copyout into and out of kernel space and the backend protocol
> code should just operate in the kernel space. The system call can
> pass a ucred to the backend for permissions checks.
Well, the problem was caused by overloading sopt_td to also signify that
->sopt_val is a user address. I've got SOPTF_VAL working just fine now.
Passing a ucred instead of the thread would be a nice idea, but it is
not necessary.
> That would be more along the lines of what we do with our kern_*()
> calls.
That would be another option, yes, and probably simpler too. I'll probably
do it in a new git branch later today, test a bit and commit.
Thanks for the input,
Aggelos
More information about the Commits
mailing list