Convert three new suser(9) calls introduced between when the priv(9)

patch was prepared and committed to priv(9) calls. Add XXX comments as, in each case, the semantics appear to differ from the TCP/UDP versions of the calls with respect to jail, and because cr_canseecred() is not used to validate the query. Obtained from: TrustedBSD Project
svn path=/head/; revision=164039
2006-11-06 14:54:06 +00:00 · 2006-11-06 14:54:06 +00:00 · b96fbb37da · 2020-12-20 02:59:44 +00:00
commit b96fbb37da
parent f4ad963c9f
3 changed files with 19 additions and 5 deletions
--- a/sys/netinet/sctp_pcb.c
+++ b/sys/netinet/sctp_pcb.c
@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
+#include <sys/priv.h>
 #include <sys/proc.h>
 #include <sys/kernel.h>
 #include <sys/sysctl.h>
@ -1768,9 +1769,8 @@ sctp_inpcb_bind(struct socket *so, struct sockaddr *addr, struct thread *p)
 		 */
 		/* got to be root to get at low ports */
 		if (ntohs(lport) < IPPORT_RESERVED) {
-			if (p && (error =
-			    suser_cred(p->td_ucred, 0)
-			    )) {
+			if (p && (error = priv_check(p,
+			    PRIV_NETINET_RESERVEDPORT))) {
 				SCTP_INP_DECR_REF(inp);
 				SCTP_INP_WUNLOCK(inp);
 				SCTP_INP_INFO_WUNLOCK();
--- a/sys/netinet/sctp_usrreq.c
+++ b/sys/netinet/sctp_usrreq.c
@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/domain.h>
+#include <sys/priv.h>
 #include <sys/proc.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
@ -488,9 +489,15 @@ sctp_getcred(SYSCTL_HANDLER_ARGS)
 	struct sctp_tcb *stcb;
 	int error, s;

-	error = suser(req->td);
+	/*
+	 * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket
+	 * visibility is scoped using cr_canseesocket(), which it is not
+	 * here.
+	 */
+	error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_GETCRED, 0);
 	if (error)
 		return (error);
+
 	error = SYSCTL_IN(req, addrs, sizeof(addrs));
 	if (error)
 		return (error);
--- a/sys/netinet6/sctp6_usrreq.c
+++ b/sys/netinet6/sctp6_usrreq.c
@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/stat.h>
 #include <sys/systm.h>
 #include <sys/syslog.h>
+#include <sys/priv.h>
 #include <sys/proc.h>
 #include <net/if.h>
 #include <net/route.h>
@ -481,7 +482,13 @@ sctp6_getcred(SYSCTL_HANDLER_ARGS)
 	struct sctp_tcb *stcb;
 	int error, s;

-	error = suser(req->td);
+	/*
+	 * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket
+	 * visibility is scoped using cr_canseesocket(), which it is not
+	 * here.
+	 */
+	error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_RESERVEDPORT,
+	    0);
 	if (error)
 		return (error);