From owner-dev-commits-src-all@freebsd.org Fri Apr 23 13:29:41 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BEEDA5F365C; Fri, 23 Apr 2021 13:29:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FRZs1510yz4gYD; Fri, 23 Apr 2021 13:29:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9A4945EFA; Fri, 23 Apr 2021 13:29:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 13NDTfBI088079; Fri, 23 Apr 2021 13:29:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 13NDTfbB088078; Fri, 23 Apr 2021 13:29:41 GMT (envelope-from git) Date: Fri, 23 Apr 2021 13:29:41 GMT Message-Id: <202104231329.13NDTfbB088078@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 8e8f1cc9bb94 - main - Re-enable network ioctls in capability mode MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8e8f1cc9bb945ffaa4b49231e1ebcead1baa62ce Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Apr 2021 13:29:41 -0000 The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8e8f1cc9bb945ffaa4b49231e1ebcead1baa62ce commit 8e8f1cc9bb945ffaa4b49231e1ebcead1baa62ce Author: Mark Johnston AuthorDate: 2021-04-23 13:14:42 +0000 Commit: Mark Johnston CommitDate: 2021-04-23 13:22:49 +0000 Re-enable network ioctls in capability mode This reverts a portion of 274579831b61 ("capsicum: Limit socket operations in capability mode") as at least rtsol and dhcpcd rely on being able to configure network interfaces while in capability mode. Reported by: bapt, Greg V Sponsored by: The FreeBSD Foundation --- contrib/capsicum-test/capmode.cc | 5 +++++ sys/kern/sys_socket.c | 2 +- sys/net/if.c | 9 --------- sys/net/route.c | 5 +---- sys/net/route.h | 4 +--- sys/netinet/in.c | 4 ---- sys/netinet6/in6.c | 4 ---- 7 files changed, 8 insertions(+), 25 deletions(-) diff --git a/contrib/capsicum-test/capmode.cc b/contrib/capsicum-test/capmode.cc index ba2de19879a0..f32d9e038744 100644 --- a/contrib/capsicum-test/capmode.cc +++ b/contrib/capsicum-test/capmode.cc @@ -227,6 +227,10 @@ FORK_TEST_F(WithFiles, AllowedSocketSyscallsIfRoot) { // Interface configuration ioctls are not permitted in capability // mode. + // + // This test is disabled for now as the corresponding kernel change was + // disabled. +#if 0 #ifdef __FreeBSD__ struct if_clonereq req; @@ -238,6 +242,7 @@ FORK_TEST_F(WithFiles, AllowedSocketSyscallsIfRoot) { free(req.ifcr_buffer); #endif +#endif } #ifdef HAVE_SEND_RECV_MMSG diff --git a/sys/kern/sys_socket.c b/sys/kern/sys_socket.c index 52f4b6cdf7f9..e53b0367960b 100644 --- a/sys/kern/sys_socket.c +++ b/sys/kern/sys_socket.c @@ -271,7 +271,7 @@ soo_ioctl(struct file *fp, u_long cmd, void *data, struct ucred *active_cred, error = ifioctl(so, cmd, data, td); else if (IOCGROUP(cmd) == 'r') { CURVNET_SET(so->so_vnet); - error = rtioctl_fib(cmd, data, so->so_fibnum, td); + error = rtioctl_fib(cmd, data, so->so_fibnum); CURVNET_RESTORE(); } else { CURVNET_SET(so->so_vnet); diff --git a/sys/net/if.c b/sys/net/if.c index 5bf44d014db3..1e410142747f 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -2968,15 +2968,6 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td) bool shutdown; #endif - /* - * Interface ioctls access a global namespace. There is currently no - * capability-based representation for interfaces, so the configuration - * interface is simply unaccessible from capability mode. If necessary, - * select ioctls may be permitted here. - */ - if (IN_CAPABILITY_MODE(td)) - return (ECAPMODE); - CURVNET_SET(so->so_vnet); #ifdef VIMAGE /* Make sure the VNET is stable. */ diff --git a/sys/net/route.c b/sys/net/route.c index f093a71b7585..2416aa9a983f 100644 --- a/sys/net/route.c +++ b/sys/net/route.c @@ -43,7 +43,6 @@ #include #include -#include #include #include #include @@ -246,10 +245,8 @@ rib_add_redirect(u_int fibnum, struct sockaddr *dst, struct sockaddr *gateway, * Routing table ioctl interface. */ int -rtioctl_fib(u_long req, caddr_t data, u_int fibnum, struct thread *td) +rtioctl_fib(u_long req, caddr_t data, u_int fibnum) { - if (IN_CAPABILITY_MODE(td)) - return (ECAPMODE); /* * If more ioctl commands are added here, make sure the proper diff --git a/sys/net/route.h b/sys/net/route.h index 64e89965f9cd..67217f237e0b 100644 --- a/sys/net/route.h +++ b/sys/net/route.h @@ -431,13 +431,11 @@ void rt_updatemtu(struct ifnet *); void rt_flushifroutes(struct ifnet *ifp); -struct thread; - /* XXX MRT NEW VERSIONS THAT USE FIBs * For now the protocol indepedent versions are the same as the AF_INET ones * but this will change.. */ -int rtioctl_fib(u_long, caddr_t, u_int, struct thread *); +int rtioctl_fib(u_long, caddr_t, u_int); int rib_lookup_info(uint32_t, const struct sockaddr *, uint32_t, uint32_t, struct rt_addrinfo *); void rib_free_info(struct rt_addrinfo *info); diff --git a/sys/netinet/in.c b/sys/netinet/in.c index 5f70dd1ec824..bcf071a81e0e 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -36,7 +36,6 @@ __FBSDID("$FreeBSD$"); #include -#include #include #include #include @@ -238,9 +237,6 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, if (ifp == NULL) return (EADDRNOTAVAIL); - if (td != NULL && IN_CAPABILITY_MODE(td)) - return (ECAPMODE); - /* * Filter out 4 ioctls we implement directly. Forward the rest * to specific functions and ifp->if_ioctl(). diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index de3db6dc7d33..02cb9df7da3a 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -69,7 +69,6 @@ __FBSDID("$FreeBSD$"); #include "opt_inet6.h" #include -#include #include #include #include @@ -255,9 +254,6 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, int error; u_long ocmd = cmd; - if (td != NULL && IN_CAPABILITY_MODE(td)) - return (ECAPMODE); - /* * Compat to make pre-10.x ifconfig(8) operable. */