Bug 201052

Summary: capsicum: propagate rights on sctp_peeloff
Product: Base System Reporter: Ed Maste <emaste>
Component: kernAssignee: freebsd-bugs mailing list <bugs>
Status: Open ---    
Severity: Affects Only Me CC: drysdale, markj, oshogbo, tuexen
Priority: --- Flags: emaste: mfc-stable11+
Version: CURRENT   
Hardware: Any   
OS: Any   
Bug Depends on:    
Bug Blocks: 203349, 231027    

Description Ed Maste freebsd_committer 2015-06-22 20:54:15 UTC
A new fd generated from accept() or sctp_peeloff() should inherit the rights of the original fd (cf. https://lists.cam.ac.uk/pipermail/cl-capsicum-discuss/2014-February/msg00001.html)

Test case available in https://github.com/google/capsicum-test
Comment 1 commit-hook freebsd_committer 2016-09-22 09:59:05 UTC
A commit references this bug:

Author: oshogbo
Date: Thu Sep 22 09:58:47 UTC 2016
New revision: 306174
URL: https://svnweb.freebsd.org/changeset/base/306174

  capsicum: propagate rights on accept(2)

  Descriptor returned by accept(2) should inherits capabilities rights from
  the listening socket.

  PR:		201052
  Reviewed by:	emaste, jonathan
  Discussed with:	many
  Differential Revision:	https://reviews.freebsd.org/D7724

Comment 2 commit-hook freebsd_committer 2017-03-15 16:38:53 UTC
A commit references this bug:

Author: dchagin
Date: Wed Mar 15 16:38:40 UTC 2017
New revision: 315312
URL: https://svnweb.freebsd.org/changeset/base/315312

  MFC r305093 (by mjg@):

  fd: add fdeget_locked and use in kern_descrip

  MFC r305756 (by oshogbo@):

  fd: add fget_cap and fget_cap_locked primitives.
  They can be used to obtain capabilities along with a referenced fp.

  MFC r306174 (by oshogbo@):

  capsicum: propagate rights on accept(2)

  Descriptor returned by accept(2) should inherits capabilities rights from
  the listening socket.

  PR:           201052

  MFC r306184 (by oshogbo@):

  fd: simplify fgetvp_rights by using fget_cap_locked.

  MFC r306225 (by mjg@):

  fd: fix up fgetvp_rights after r306184

  fget_cap_locked returns a referenced file, but the fgetvp_rights does
  not need it. Instead, due to the filedesc lock being held, it can
  ref the vnode after the file was looked up.

  Fix up fget_cap_locked to be consistent with other _locked helpers and not
  ref the file.

  This plugs a leak introduced in r306184.

  MFC r306232 (by oshogbo@):

  fd: fix up fget_cap

  If the kernel is not compiled with the CAPABILITIES kernel options
  fget_unlocked doesn't return the sequence number so fd_modify will
  always report modification, in that case we got infinity loop.

  MFC r311474 (by glebius@):

  Use getsock_cap() instead of fgetsock().

  MFC r312079 (by glebius@):

  Use getsock_cap() instead of deprecated fgetsock().

  MFC r312081 (by glebius@):

  Use getsock_cap() instead of deprecated fgetsock().

  MFC r312087 (by glebius@):

  Remove deprecated fgetsock() and fputsock().

  Bump __FreeBSD_version as getsock_cap changed and
  fgetsock/fputsock pair removed.

_U  stable/11/
Comment 3 Ed Maste freebsd_committer 2017-07-19 13:49:47 UTC
Mariusz, can this be closed now?
Comment 4 Mariusz Zaborski freebsd_committer 2017-07-19 18:45:31 UTC
We still don't have support for sctp_peeloff.
Comment 5 Ed Maste freebsd_committer 2017-07-19 18:48:34 UTC
(In reply to Mariusz Zaborski from comment #4)
Ah, indeed. I've reset the asignee for now.
Comment 6 Eitan Adler freebsd_committer freebsd_triage 2018-05-21 00:00:01 UTC
For bugs matching the following conditions:
- Status == In Progress
- Assignee == "bugs@FreeBSD.org"
- Last Modified Year <= 2017

- Set Status to "Open"