PERFORCE change 17673 for review
Robert Watson
rwatson at freebsd.org
Wed Sep 18 22:16:12 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=17673
Change 17673 by rwatson at rwatson_paprika on 2002/09/18 15:15:59
Add a missing MAC check for the BPF code; not clear if this
was lost during an integ, or a victim of moving source code
in -current.
Pointed out by: phk
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/net/bpf.c#16 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/net/bpf.c#16 (text+ko) ====
@@ -1137,7 +1137,11 @@
++d->bd_rcount;
slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
if (slen != 0)
- catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy);
+#ifdef MAC
+ if (mac_check_bpfdesc_receive(d, ifp) == 0)
+#endif
+ catchpacket(d, (u_char *)m, pktlen, slen,
+ bpf_mcopy);
BPFD_UNLOCK(d);
}
BPFIF_UNLOCK(bp);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list