From 190320e23789c2e4d8765553d2c76997b34cd186 Mon Sep 17 00:00:00 2001
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Date: Mon, 12 Nov 2007 23:47:48 +0000
Subject: [PATCH] Add a missing priv check in key_attach to prevent non-su
 users from messing with the spdb and sadb.

Problem sneaked in with the fast_ipsec+v6->ipsec merger by no
longer going via raw_usrreqs.pr_attach.

Reported by:	Pawel Worach
Identified by:	rwatson
Reviewed by:	rwatson
MFC after:	3 days
---
 sys/netipsec/keysock.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c
index 21539f120376..17ef9eb0157c 100644
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@@ -43,6 +43,7 @@
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/mutex.h>
+#include <sys/priv.h>
 #include <sys/protosw.h>
 #include <sys/signalvar.h>
 #include <sys/socket.h>
@@ -392,6 +393,12 @@ key_attach(struct socket *so, int proto, struct thread *td)
 		return ENOBUFS;
 
 	so->so_pcb = (caddr_t)kp;
+
+	if (td != NULL) {
+		error = priv_check(td, PRIV_NET_RAW);
+		if (error)
+			return error;
+	}
 	error = raw_attach(so, proto);
 	kp = (struct keycb *)sotorawcb(so);
 	if (error) {