Bug 201052 - capsicum: propagate rights on sctp_peeloff
Summary: capsicum: propagate rights on sctp_peeloff
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks: 203349 231027
  Show dependency treegraph
 
Reported: 2015-06-22 20:54 UTC by Ed Maste
Modified: 2019-01-11 19:06 UTC (History)
4 users (show)

See Also:
emaste: mfc-stable11+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ed Maste freebsd_committer 2015-06-22 20:54:15 UTC
A new fd generated from accept() or sctp_peeloff() should inherit the rights of the original fd (cf. https://lists.cam.ac.uk/pipermail/cl-capsicum-discuss/2014-February/msg00001.html)

Test case available in https://github.com/google/capsicum-test
Comment 1 commit-hook freebsd_committer 2016-09-22 09:59:05 UTC
A commit references this bug:

Author: oshogbo
Date: Thu Sep 22 09:58:47 UTC 2016
New revision: 306174
URL: https://svnweb.freebsd.org/changeset/base/306174

Log:
  capsicum: propagate rights on accept(2)

  Descriptor returned by accept(2) should inherits capabilities rights from
  the listening socket.

  PR:		201052
  Reviewed by:	emaste, jonathan
  Discussed with:	many
  Differential Revision:	https://reviews.freebsd.org/D7724

Changes:
  head/sys/compat/cloudabi/cloudabi_sock.c
  head/sys/compat/linux/linux_socket.c
  head/sys/kern/kern_sendfile.c
  head/sys/kern/uipc_syscalls.c
  head/sys/netinet/sctp_syscalls.c
  head/sys/sys/socketvar.h
Comment 2 commit-hook freebsd_committer 2017-03-15 16:38:53 UTC
A commit references this bug:

Author: dchagin
Date: Wed Mar 15 16:38:40 UTC 2017
New revision: 315312
URL: https://svnweb.freebsd.org/changeset/base/315312

Log:
  MFC r305093 (by mjg@):

  fd: add fdeget_locked and use in kern_descrip

  MFC r305756 (by oshogbo@):

  fd: add fget_cap and fget_cap_locked primitives.
  They can be used to obtain capabilities along with a referenced fp.

  MFC r306174 (by oshogbo@):

  capsicum: propagate rights on accept(2)

  Descriptor returned by accept(2) should inherits capabilities rights from
  the listening socket.

  PR:           201052

  MFC r306184 (by oshogbo@):

  fd: simplify fgetvp_rights by using fget_cap_locked.

  MFC r306225 (by mjg@):

  fd: fix up fgetvp_rights after r306184

  fget_cap_locked returns a referenced file, but the fgetvp_rights does
  not need it. Instead, due to the filedesc lock being held, it can
  ref the vnode after the file was looked up.

  Fix up fget_cap_locked to be consistent with other _locked helpers and not
  ref the file.

  This plugs a leak introduced in r306184.

  MFC r306232 (by oshogbo@):

  fd: fix up fget_cap

  If the kernel is not compiled with the CAPABILITIES kernel options
  fget_unlocked doesn't return the sequence number so fd_modify will
  always report modification, in that case we got infinity loop.

  MFC r311474 (by glebius@):

  Use getsock_cap() instead of fgetsock().

  MFC r312079 (by glebius@):

  Use getsock_cap() instead of deprecated fgetsock().

  MFC r312081 (by glebius@):

  Use getsock_cap() instead of deprecated fgetsock().

  MFC r312087 (by glebius@):

  Remove deprecated fgetsock() and fputsock().

  Bump __FreeBSD_version as getsock_cap changed and
  fgetsock/fputsock pair removed.

Changes:
_U  stable/11/
  stable/11/sys/compat/cloudabi/cloudabi_sock.c
  stable/11/sys/compat/linux/linux_socket.c
  stable/11/sys/dev/iscsi_initiator/isc_soc.c
  stable/11/sys/dev/iscsi_initiator/iscsi.c
  stable/11/sys/kern/kern_descrip.c
  stable/11/sys/kern/kern_sendfile.c
  stable/11/sys/kern/uipc_syscalls.c
  stable/11/sys/netinet/sctp_syscalls.c
  stable/11/sys/sys/file.h
  stable/11/sys/sys/filedesc.h
  stable/11/sys/sys/param.h
  stable/11/sys/sys/socketvar.h
Comment 3 Ed Maste freebsd_committer 2017-07-19 13:49:47 UTC
Mariusz, can this be closed now?
Comment 4 Mariusz Zaborski freebsd_committer 2017-07-19 18:45:31 UTC
We still don't have support for sctp_peeloff.
Comment 5 Ed Maste freebsd_committer 2017-07-19 18:48:34 UTC
(In reply to Mariusz Zaborski from comment #4)
Ah, indeed. I've reset the asignee for now.
Comment 6 Eitan Adler freebsd_committer freebsd_triage 2018-05-21 00:00:01 UTC
For bugs matching the following conditions:
- Status == In Progress
- Assignee == "bugs@FreeBSD.org"
- Last Modified Year <= 2017

Do
- Set Status to "Open"