Add a missing priv check in key_attach to prevent non-su users

from messing with the spdb and sadb. Problem sneaked in with the fast_ipsec+v6->ipsec merger by no longer going via raw_usrreqs.pr_attach. Reported by: Pawel Worach Identified by: rwatson Reviewed by: rwatson MFC after: 3 days
svn path=/head/; revision=173574
2007-11-12 23:47:48 +00:00 · 2007-11-12 23:47:48 +00:00 · 190320e237 · 2020-12-20 02:59:44 +00:00
commit 190320e237
parent dbac8ff400
1 changed files with 7 additions and 0 deletions
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@ -43,6 +43,7 @@
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/mutex.h>
+#include <sys/priv.h>
 #include <sys/protosw.h>
 #include <sys/signalvar.h>
 #include <sys/socket.h>
@ -392,6 +393,12 @@ key_attach(struct socket *so, int proto, struct thread *td)
 		return ENOBUFS;

 	so->so_pcb = (caddr_t)kp;
+
+	if (td != NULL) {
+		error = priv_check(td, PRIV_NET_RAW);
+		if (error)
+			return error;
+	}
 	error = raw_attach(so, proto);
 	kp = (struct keycb *)sotorawcb(so);
 	if (error) {