Pass the ucred along into in{,6}_pcblookup_local for upcoming

prison checks. Reviewed by: rwatson
svn path=/head/; revision=180427
2008-07-10 13:31:11 +00:00 · 2008-07-10 13:31:11 +00:00 · 078b704233 · 2020-12-20 02:59:44 +00:00
commit 078b704233
parent dd99983988
5 changed files with 19 additions and 18 deletions
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@ -347,9 +347,9 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 			if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
 			    priv_check_cred(so->so_cred,
 			    PRIV_NETINET_REUSEPORT, 0) != 0) {
-				t = in_pcblookup_local(pcbinfo,
-				    sin->sin_addr, lport,
-				    prison ? 0 :  INPLOOKUP_WILDCARD);
+				t = in_pcblookup_local(pcbinfo, sin->sin_addr,
+				    lport, prison ? 0 : INPLOOKUP_WILDCARD,
+				    cred);
 	/*
 	 * XXX
 	 * This entire block sorely needs a rewrite.
@ -369,7 +369,7 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 			if (prison && prison_ip(cred, 0, &sin->sin_addr.s_addr))
 				return (EADDRNOTAVAIL);
 			t = in_pcblookup_local(pcbinfo, sin->sin_addr,
-			    lport, prison ? 0 : wild);
+			    lport, prison ? 0 : wild, cred);
 			if (t && (t->inp_vflag & INP_TIMEWAIT)) {
 				/*
 				 * XXXRW: If an incpb has had its timewait
@ -465,8 +465,8 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 			if (*lastport < first || *lastport > last)
 				*lastport = first;
 			lport = htons(*lastport);
-		} while (in_pcblookup_local(pcbinfo, laddr, lport,
-		    wild));
+		} while (in_pcblookup_local(pcbinfo, laddr,
+		    lport, wild, cred));
 	}
 	if (prison_ip(cred, 0, &laddr.s_addr))
 		return (EINVAL);
@ -881,7 +881,7 @@ in_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp)
 #define INP_LOOKUP_MAPPED_PCB_COST	3
 struct inpcb *
 in_pcblookup_local(struct inpcbinfo *pcbinfo, struct in_addr laddr,
-    u_short lport, int wild_okay)
+    u_short lport, int wild_okay, struct ucred *cred)
 {
 	struct inpcb *inp;
 #ifdef INET6
--- a/sys/netinet/in_pcb.h
+++ b/sys/netinet/in_pcb.h
@ -452,7 +452,7 @@ void	in_pcbfree(struct inpcb *);
 int	in_pcbinshash(struct inpcb *);
 struct inpcb *
 	in_pcblookup_local(struct inpcbinfo *,
-	    struct in_addr, u_short, int);
+	    struct in_addr, u_short, int, struct ucred *);
 struct inpcb *
 	in_pcblookup_hash(struct inpcbinfo *, struct in_addr, u_int,
 	    struct in_addr, u_int, int, struct ifnet *);
--- a/sys/netinet6/in6_pcb.c
+++ b/sys/netinet6/in6_pcb.c
@ -189,7 +189,7 @@ in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,
 			    PRIV_NETINET_REUSEPORT, 0) != 0) {
 				t = in6_pcblookup_local(pcbinfo,
 				    &sin6->sin6_addr, lport,
-				    INPLOOKUP_WILDCARD);
+				    INPLOOKUP_WILDCARD, cred);
 				if (t &&
 				    ((t->inp_vflag & INP_TIMEWAIT) == 0) &&
 				    (so->so_type != SOCK_STREAM ||
@ -206,8 +206,8 @@ in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,

 					in6_sin6_2_sin(&sin, sin6);
 					t = in_pcblookup_local(pcbinfo,
-						sin.sin_addr, lport,
-						INPLOOKUP_WILDCARD);
+					    sin.sin_addr, lport,
+					    INPLOOKUP_WILDCARD, cred);
 					if (t &&
 					    ((t->inp_vflag &
 					      INP_TIMEWAIT) == 0) &&
@ -220,7 +220,7 @@ in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,
 				}
 			}
 			t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr,
-						lport, wild);
+			    lport, wild, cred);
 			if (t && (reuseport & ((t->inp_vflag & INP_TIMEWAIT) ?
 			    intotw(t)->tw_so_options :
 			    t->inp_socket->so_options)) == 0)
@ -231,7 +231,7 @@ in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,

 				in6_sin6_2_sin(&sin, sin6);
 				t = in_pcblookup_local(pcbinfo, sin.sin_addr,
-						       lport, wild);
+				    lport, wild, cred);
 				if (t && t->inp_vflag & INP_TIMEWAIT) {
 					if ((reuseport &
 					    intotw(t)->tw_so_options) == 0 &&
@ -674,7 +674,7 @@ in6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr *dst,
 */
 struct inpcb *
 in6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr,
-    u_short lport, int wild_okay)
+    u_short lport, int wild_okay, struct ucred *cred)
 {
 	register struct inpcb *inp;
 	int matchwild = 3, wildcard;
--- a/sys/netinet6/in6_pcb.h
+++ b/sys/netinet6/in6_pcb.h
@ -80,7 +80,8 @@ int	in6_pcbladdr __P((struct inpcb *, struct sockaddr *,
 			  struct in6_addr **));
 struct	inpcb *
 	in6_pcblookup_local __P((struct inpcbinfo *,
-				 struct in6_addr *, u_short, int));
+				 struct in6_addr *, u_short, int,
+				 struct ucred *));
 struct	inpcb *
 	in6_pcblookup_hash __P((struct inpcbinfo *,
 				struct in6_addr *, u_int, struct in6_addr *,
--- a/sys/netinet6/in6_src.c
+++ b/sys/netinet6/in6_src.c
@ -823,7 +823,7 @@ in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
 				*lastport = first;
 			lport = htons(*lastport);
 		} while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr,
-					     lport, wild));
+		    lport, wild, cred));
 	} else {
 		/*
 			 * counting up
@ -843,8 +843,8 @@ in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
 			if (*lastport < first || *lastport > last)
 				*lastport = first;
 			lport = htons(*lastport);
-		} while (in6_pcblookup_local(pcbinfo,
-					     &inp->in6p_laddr, lport, wild));
+		} while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr,
+		    lport, wild, cred));
 	}

 	inp->inp_lport = lport;