summaryrefslogtreecommitdiffstats
path: root/freebsd/sys/kern/uipc_syscalls.c
diff options
context:
space:
mode:
Diffstat (limited to 'freebsd/sys/kern/uipc_syscalls.c')
-rw-r--r--freebsd/sys/kern/uipc_syscalls.c48
1 files changed, 24 insertions, 24 deletions
diff --git a/freebsd/sys/kern/uipc_syscalls.c b/freebsd/sys/kern/uipc_syscalls.c
index 6f3c95c0..0872aa62 100644
--- a/freebsd/sys/kern/uipc_syscalls.c
+++ b/freebsd/sys/kern/uipc_syscalls.c
@@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
#include <rtems/bsd/local/opt_capsicum.h>
#include <rtems/bsd/local/opt_inet.h>
#include <rtems/bsd/local/opt_inet6.h>
-#include <rtems/bsd/local/opt_compat.h>
#include <rtems/bsd/local/opt_ktrace.h>
#include <sys/param.h>
@@ -300,12 +299,16 @@ kern_bindat(struct thread *td, int dirfd, int fd, struct sockaddr *sa)
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
int error;
+#ifdef CAPABILITY_MODE
+ if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD))
+ return (ECAPMODE);
+#endif
+
AUDIT_ARG_FD(fd);
AUDIT_ARG_SOCKADDR(td, dirfd, sa);
- error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_BIND),
+ error = getsock_cap(td, fd, &cap_bind_rights,
&fp, NULL, NULL);
if (error != 0)
return (error);
@@ -364,11 +367,10 @@ kern_listen(struct thread *td, int s, int backlog)
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
int error;
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_LISTEN),
+ error = getsock_cap(td, s, &cap_listen_rights,
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
@@ -493,7 +495,6 @@ kern_accept4(struct thread *td, int s, struct sockaddr **name,
struct sockaddr *sa = NULL;
struct socket *head, *so;
struct filecaps fcaps;
- cap_rights_t rights;
u_int fflag;
pid_t pgid;
int error, fd, tmp;
@@ -502,7 +503,7 @@ kern_accept4(struct thread *td, int s, struct sockaddr **name,
*name = NULL;
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_ACCEPT),
+ error = getsock_cap(td, s, &cap_accept_rights,
&headfp, &fflag, &fcaps);
if (error != 0)
return (error);
@@ -692,12 +693,16 @@ kern_connectat(struct thread *td, int dirfd, int fd, struct sockaddr *sa)
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
int error, interrupted = 0;
+#ifdef CAPABILITY_MODE
+ if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD))
+ return (ECAPMODE);
+#endif
+
AUDIT_ARG_FD(fd);
AUDIT_ARG_SOCKADDR(td, dirfd, sa);
- error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_CONNECT),
+ error = getsock_cap(td, fd, &cap_connect_rights,
&fp, NULL, NULL);
if (error != 0)
return (error);
@@ -986,7 +991,7 @@ kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags,
struct iovec *iov;
struct socket *so;
#ifndef __rtems__
- cap_rights_t rights;
+ cap_rights_t *rights;
#endif /* __rtems__ */
#ifdef KTRACE
struct uio *ktruio = NULL;
@@ -996,13 +1001,14 @@ kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags,
AUDIT_ARG_FD(s);
#ifndef __rtems__
+ rights = &cap_send_rights;
cap_rights_init(&rights, CAP_SEND);
if (mp->msg_name != NULL) {
AUDIT_ARG_SOCKADDR(td, AT_FDCWD, mp->msg_name);
- cap_rights_set(&rights, CAP_CONNECT);
+ rights = &cap_send_connect_rights;
}
#endif /* __rtems__ */
- error = getsock_cap(td, s, &rights, &fp, NULL, NULL);
+ error = getsock_cap(td, s, rights, &fp, NULL, NULL);
if (error != 0) {
m_freem(control);
return (error);
@@ -1259,7 +1265,6 @@ kern_recvit(struct thread *td, int s, struct msghdr *mp, enum uio_seg fromseg,
struct file *fp;
struct socket *so;
struct sockaddr *fromsa = NULL;
- cap_rights_t rights;
#ifdef KTRACE
struct uio *ktruio = NULL;
#endif
@@ -1270,7 +1275,7 @@ kern_recvit(struct thread *td, int s, struct msghdr *mp, enum uio_seg fromseg,
*controlp = NULL;
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_RECV),
+ error = getsock_cap(td, s, &cap_recv_rights,
&fp, NULL, NULL);
if (error != 0)
return (error);
@@ -1613,11 +1618,10 @@ kern_shutdown(struct thread *td, int s, int how)
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
int error;
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SHUTDOWN),
+ error = getsock_cap(td, s, &cap_shutdown_rights,
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1696,7 +1700,6 @@ kern_setsockopt(struct thread *td, int s, int level, int name, void *val,
struct socket *so;
struct file *fp;
struct sockopt sopt;
- cap_rights_t rights;
int error;
if (val == NULL && valsize != 0)
@@ -1721,7 +1724,7 @@ kern_setsockopt(struct thread *td, int s, int level, int name, void *val,
}
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SETSOCKOPT),
+ error = getsock_cap(td, s, &cap_setsockopt_rights,
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1792,7 +1795,6 @@ kern_getsockopt(struct thread *td, int s, int level, int name, void *val,
struct socket *so;
struct file *fp;
struct sockopt sopt;
- cap_rights_t rights;
int error;
if (val == NULL)
@@ -1817,7 +1819,7 @@ kern_getsockopt(struct thread *td, int s, int level, int name, void *val,
}
AUDIT_ARG_FD(s);
- error = getsock_cap(td, s, cap_rights_init(&rights, CAP_GETSOCKOPT),
+ error = getsock_cap(td, s, &cap_getsockopt_rights,
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1892,12 +1894,11 @@ kern_getsockname(struct thread *td, int fd, struct sockaddr **sa,
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
socklen_t len;
int error;
AUDIT_ARG_FD(fd);
- error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_GETSOCKNAME),
+ error = getsock_cap(td, fd, &cap_getsockname_rights,
&fp, NULL, NULL);
if (error != 0)
return (error);
@@ -2008,12 +2009,11 @@ kern_getpeername(struct thread *td, int fd, struct sockaddr **sa,
{
struct socket *so;
struct file *fp;
- cap_rights_t rights;
socklen_t len;
int error;
AUDIT_ARG_FD(fd);
- error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_GETPEERNAME),
+ error = getsock_cap(td, fd, &cap_getpeername_rights,
&fp, NULL, NULL);
if (error != 0)
return (error);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 02:26:45 +0000