summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_input.c
diff options
context:
space:
mode:
authorGreg Steuck <gnezdo@cvs.openbsd.org>2022-01-25 04:04:42 +0000
committerGreg Steuck <gnezdo@cvs.openbsd.org>2022-01-25 04:04:42 +0000
commitc06ea86d3e9b1473fa4399cf3e4a6d797e641e21 (patch)
tree1c06afb7bb6adbe3839d789872f4d70a36a09d62 /sys/netinet/ip_input.c
parent37f5b35710e48314d1b0f73843edddd08030977b (diff)
Capture a repeated pattern into sysctl_securelevel_int function
A few variables in the kernel are only writeable before securelevel is raised. It makes sense to handle them with less code. OK sthen@ bluhm@
Diffstat (limited to 'sys/netinet/ip_input.c')
-rw-r--r--sys/netinet/ip_input.c9
1 files changed, 2 insertions, 7 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 9e7e20af30b..e9042d8e093 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_input.c,v 1.364 2021/11/22 13:47:10 bluhm Exp $ */
+/* $OpenBSD: ip_input.c,v 1.365 2022/01/25 04:04:40 gnezdo Exp $ */
/* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */
/*
@@ -1610,13 +1610,8 @@ ip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
switch (name[0]) {
case IPCTL_SOURCEROUTE:
- /*
- * Don't allow this to change in a secure environment.
- */
- if (newp && securelevel > 0)
- return (EPERM);
NET_LOCK();
- error = sysctl_int(oldp, oldlenp, newp, newlen,
+ error = sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
&ip_dosourceroute);
NET_UNLOCK();
return (error);
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 23:32:34 +0000