diff options
author | Ed Maste <emaste@FreeBSD.org> | 2024-10-03 11:54:44 +0000 |
---|---|---|
committer | Ed Maste <emaste@FreeBSD.org> | 2024-10-09 00:36:50 +0000 |
commit | 91a9e4e01dab7a740b8e3b7c39c59a537e71e5d2 (patch) | |
tree | ac1b854349d00f614b84aa9afd02348362d01e37 | |
parent | e4550c9aa06af54d066c794f1da14f7c91bb5bc0 (diff) | |
download | src-91a9e4e01dab.tar.gz src-91a9e4e01dab.zip |
sctp: propagate cap rights on sctp_peeloff
PR: 201052
Reviewed by: oshogbo, tuexen
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46884
-rw-r--r-- | sys/netinet/sctp_syscalls.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/netinet/sctp_syscalls.c b/sys/netinet/sctp_syscalls.c index d67e260b6f99..9d85576e2592 100644 --- a/sys/netinet/sctp_syscalls.c +++ b/sys/netinet/sctp_syscalls.c @@ -141,13 +141,14 @@ sys_sctp_peeloff(struct thread *td, struct sctp_peeloff_args *uap) { struct file *headfp, *nfp = NULL; struct socket *head, *so; + struct filecaps fcaps; cap_rights_t rights; u_int fflag; int error, fd; AUDIT_ARG_FD(uap->sd); - error = getsock(td, uap->sd, cap_rights_init_one(&rights, CAP_PEELOFF), - &headfp); + error = getsock_cap(td, uap->sd, + cap_rights_init_one(&rights, CAP_PEELOFF), &headfp, &fcaps); if (error != 0) goto done2; fflag = atomic_load_int(&headfp->f_flag); @@ -165,7 +166,7 @@ sys_sctp_peeloff(struct thread *td, struct sctp_peeloff_args *uap) * but that is ok. */ - error = falloc(td, &nfp, &fd, 0); + error = falloc_caps(td, &nfp, &fd, 0, &fcaps); if (error != 0) goto done; td->td_retval[0] = fd; |