d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

oce: Disallow the passthrough ioctl for unprivileged users.

Browse Source 
A missing check meant that unprivileged users could send passthrough
commands to the device firmware.

Reported by:	Ilja Van Sprundel <ivansprundel@ioactive.com>
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
This commit is contained in:
Mark Johnston 2019-12-23 23:43:50 +00:00
parent 19352ba5ad
commit c76ddeeb1c
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sys/dev/oce/oce_if.c
View File

@ -620,6 +620,9 @@ oce_ioctl(struct ifnet *ifp, u_long command, caddr_t data)
break;
case SIOCGPRIVATE_0:
rc = priv_check(curthread, PRIV_DRIVER);
if (rc != 0)
break;
rc = oce_handle_passthrough(ifp, data);
break;
default:

1
sys/dev/oce/oce_if.h
View File

@ -48,6 +48,7 @@
#include <sys/kernel.h>
#include <sys/bus.h>
#include <sys/mbuf.h>
#include <sys/priv.h>
#include <sys/rman.h>
#include <sys/socket.h>
#include <sys/sockio.h>