[Bug 201052] [sctp] capsicum: propagate rights on sctp_peeloff

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201052

--- Comment #9 from Ed Maste <emaste@freebsd.org> ---
The change should be similar to the one for accept(), i.e.
https://github.com/freebsd/freebsd-src/commit/85b0f9de11c3988f53f899cd171b685037da03a8

getsock_cap gained a new arg `struct filecaps *havecapsp` which is not used in
most cases but in kern_accept4() we pass fcaps to get the existing
capabilities, and then pass that to falloc_caps to obtain the new fd.

I think the diff would look like:

diff --git a/sys/netinet/sctp_syscalls.c b/sys/netinet/sctp_syscalls.c
index d67e260b6f99..1bd6f2707d5d 100644
--- a/sys/netinet/sctp_syscalls.c
+++ b/sys/netinet/sctp_syscalls.c
@@ -141,13 +141,14 @@ sys_sctp_peeloff(struct thread *td, struct
sctp_peeloff_args *uap)
 {
        struct file *headfp, *nfp = NULL;
        struct socket *head, *so;
+       struct filecaps fcaps;
        cap_rights_t rights;
        u_int fflag;
        int error, fd;

        AUDIT_ARG_FD(uap->sd);
-       error = getsock(td, uap->sd, cap_rights_init_one(&rights, CAP_PEELOFF),
-           &headfp);
+       error = getsock_cap(td, uap->sd,
+           cap_rights_init_one(&rights, CAP_PEELOFF), &headfp, NULL, &fcaps);
        if (error != 0)
                goto done2;
        fflag = atomic_load_int(&headfp->f_flag);
@@ -165,7 +166,7 @@ sys_sctp_peeloff(struct thread *td, struct
sctp_peeloff_args *uap)
         * but that is ok.
         */

-       error = falloc(td, &nfp, &fd, 0);
+       error = falloc_cap(td, &nfp, &fd, 0, &fcaps);
        if (error != 0)
                goto done;
        td->td_retval[0] = fd;

-- 
You are receiving this mail because:
You are the assignee for the bug.