src - OpenBSD base system

diff options


context:
space:
mode:

author	Philip Guenthe <guenther@cvs.openbsd.org>	2009-11-27 20:05:51 +0000
committer	Philip Guenthe <guenther@cvs.openbsd.org>	2009-11-27 20:05:51 +0000
commit	c0d8f7f98402ba0080bf459aeb08b0fa7d1e27f0 (patch)
tree	7aa9e16b867d47d734d65160e15d6ead3fcc95c0 /sys
parent	b5b5edebe52f3da6dcc3ebe2ed767d2269c40f6d (diff)

Add setrdomain() and getrdomain() system calls. Committing now to

catch the libc major bump per request from deraadt@ Diff by reyk. ok guenther@

Diffstat (limited to 'sys')

-rw-r--r--

sys/kern/init_main.c

-rw-r--r--

sys/kern/kern_fork.c

-rw-r--r--

sys/kern/syscalls.master

-rw-r--r--

sys/kern/uipc_syscalls.c

-rw-r--r--

sys/netinet/in_pcb.c

-rw-r--r--

sys/netinet/ip_output.c

-rw-r--r--

sys/sys/proc.h

-rw-r--r--

sys/sys/socket.h

8 files changed, 57 insertions, 9 deletions

diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c
index 2e0f06f12aa..720c379abf6 100644
--- a/sys/kern/init_main.c
+++ b/sys/kern/init_main.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: init_main.c,v 1.162 2009/08/11 18:43:33 blambert Exp $ */

+/* $OpenBSD: init_main.c,v 1.163 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: init_main.c,v 1.84.4.1 1996/06/02 09:08:06 mrg Exp $ */

@@ -314,6 +314,9 @@ main(void *framep)

limit0.pl_rlimit[RLIMIT_MEMLOCK].rlim_cur = lim / 3;

limit0.p_refcnt = 1;

+ /* Set the default routing domain. */

+ p->p_rdomain = 0;

/* Allocate a prototype map so we have something to fork. */

uvmspace_init(&vmspace0, pmap_kernel(), round_page(VM_MIN_ADDRESS),

trunc_page(VM_MAX_ADDRESS), TRUE, TRUE);

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 117d6b7962e..b390dcdf2b5 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: kern_fork.c,v 1.104 2009/07/09 22:29:56 thib Exp $ */

+/* $OpenBSD: kern_fork.c,v 1.105 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */

@@ -266,6 +266,7 @@ fork1(struct proc *p1, int exitsig, int flags, void *stack, size_t stacksize,

* The p_stats and p_sigacts substructs are set in vm_fork.

p2->p_emul = p1->p_emul;

+ p2->p_rdomain = p1->p_rdomain;

if (p1->p_flag & P_PROFIL)

startprofclock(p2);

atomic_setbits_int(&p2->p_flag, p1->p_flag & (P_SUGID | P_SUGIDEXEC));

diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index fba9aad506c..def51634090 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master

@@ -1,4 +1,4 @@

-; $OpenBSD: syscalls.master,v 1.96 2009/11/27 19:45:53 guenther Exp $

+; $OpenBSD: syscalls.master,v 1.97 2009/11/27 20:05:50 guenther Exp $

; $NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $

; @(#)syscalls.master 8.2 (Berkeley) 1/13/94

@@ -620,3 +620,5 @@

308 STD { int sys_fstatfs(int fd, struct statfs *buf); }

309 STD { int sys_fhstatfs(const fhandle_t *fhp, \

struct statfs *buf); }

+310 STD { int sys_setrdomain(int rdomain); }

+311 STD { int sys_getrdomain(void); }

diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index ec72a5fae78..d5c190b0336 100644
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: uipc_syscalls.c,v 1.72 2009/11/23 13:18:16 jacekm Exp $ */

+/* $OpenBSD: uipc_syscalls.c,v 1.73 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */

@@ -54,6 +54,8 @@

#include <sys/mount.h>

#include <sys/syscallargs.h>

+#include <net/route.h>

* System call interface to the socket abstraction.

@@ -1091,3 +1093,33 @@ getsock(struct filedesc *fdp, int fdes, struct file **fpp)

return (0);

}

+/* ARGSUSED */

+int

+sys_setrdomain(struct proc *p, void *v, register_t *retval)

+ struct sys_setrdomain_args /* {

+ syscallarg(int) rdomain;

+ } */ *uap = v;

+ int rdomain, error;

+ rdomain = SCARG(uap, rdomain);

+ if (p->p_rdomain == (u_int)rdomain)

+ return (0);

+ if (p->p_rdomain != 0 && (error = suser(p, 0)) != 0)

+ return (error);

+ if (rdomain < 0 || !rtable_exists((u_int)rdomain))

+ return (EINVAL);

+ p->p_rdomain = (u_int)rdomain;

+ return (0);

+/* ARGSUSED */

+int

+sys_getrdomain(struct proc *p, void *v, register_t *retval)

+ *retval = (int)p->p_rdomain;

+ return (0);

diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 333e5b3f071..74247a92ac7 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: in_pcb.c,v 1.108 2009/11/13 20:54:05 claudio Exp $ */

+/* $OpenBSD: in_pcb.c,v 1.109 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */

@@ -198,6 +198,7 @@ in_pcballoc(so, v)

inp->inp_seclevel[SL_ESP_TRANS] = ipsec_esp_trans_default_level;

inp->inp_seclevel[SL_ESP_NETWORK] = ipsec_esp_network_default_level;

inp->inp_seclevel[SL_IPCOMP] = ipsec_ipcomp_default_level;

+ inp->inp_rdomain = curproc->p_rdomain;

s = splnet();

CIRCLEQ_INSERT_HEAD(&table->inpt_queue, inp, inp_queue);

LIST_INSERT_HEAD(INPCBLHASH(table, inp->inp_lport,

diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index e091d4d1518..f952ddd5010 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_output.c,v 1.199 2009/11/20 09:02:21 guenther Exp $ */

+/* $OpenBSD: ip_output.c,v 1.200 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */

@@ -1061,8 +1061,8 @@ ip_ctloutput(op, so, level, optname, mp)

struct inpcb *inp = sotoinpcb(so);

struct mbuf *m = *mp;

int optval = 0;

-#ifdef IPSEC

struct proc *p = curproc; /* XXX */

+#ifdef IPSEC

struct ipsec_ref *ipr;

u_int16_t opt16val;

#endif

@@ -1423,6 +1423,11 @@ ip_ctloutput(op, so, level, optname, mp)

break;

}

rtid = *mtod(m, u_int *);

+ if (p->p_rdomain != 0 && p->p_rdomain != rtid &&

+ (error = suser(p, 0)) != 0) {

+ error = EACCES;

+ break;

+ }

/* table must exist and be a domain */

if (!rtable_exists(rtid) || rtid != rtable_l2(rtid)) {

error = EINVAL;

diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index aa442beb5e7..106de47376a 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: proc.h,v 1.119 2009/06/05 00:30:05 guenther Exp $ */

+/* $OpenBSD: proc.h,v 1.120 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: proc.h,v 1.44 1996/04/22 01:23:21 christos Exp $ */

/*-

@@ -255,6 +255,8 @@ struct proc {

u_short p_xstat; /* Exit status for wait; also stop signal. */

u_short p_acflag; /* Accounting flags. */

struct rusage *p_ru; /* Exit information. XXX */

+ u_int p_rdomain; /* Process routing domain. */

};

#define p_session p_pgrp->pg_session

diff --git a/sys/sys/socket.h b/sys/sys/socket.h
index 4b0bec17837..140976111bd 100644
--- a/sys/sys/socket.h
+++ b/sys/sys/socket.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: socket.h,v 1.61 2009/06/11 08:11:53 jsg Exp $ */

+/* $OpenBSD: socket.h,v 1.62 2009/11/27 20:05:50 guenther Exp $ */

/* $NetBSD: socket.h,v 1.14 1996/02/09 18:25:36 christos Exp $ */

@@ -485,6 +485,8 @@ int setsockopt(int, int, int, const void *, socklen_t);

int shutdown(int, int);

int socket(int, int, int);

int socketpair(int, int, int, int *);

+int getrdomain(void);

+int setrdomain(int);

__END_DECLS

#else

# if defined(COMPAT_43) || defined(COMPAT_SUNOS) || defined(COMPAT_LINUX) || \