diff options
| author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2008-10-17 16:26:16 +0000 |
|---|---|---|
| committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2008-10-17 16:26:16 +0000 |
| commit | f08ef6c5955243df89b3f536540d971cc1c5e53f (patch) | |
| tree | 5281cd8b122823b07a0da3d73d1b7dd5592afe3d /sys/netinet/ip_divert.c | |
| parent | dd8c8a8e43a6406a15c995356806b3d5783086bf (diff) | |
| download | src-f08ef6c5955243df89b3f536540d971cc1c5e53f.tar.gz src-f08ef6c5955243df89b3f536540d971cc1c5e53f.zip | |
Add cr_canseeinpcb() doing checks using the cached socket
credentials from inp_cred which is also available after the
socket is gone.
Switch cr_canseesocket consumers to cr_canseeinpcb.
This removes an extra acquisition of the socket lock.
Reviewed by: rwatson
MFC after: 3 months (set timer; decide then)
Notes
Notes:
svn path=/head/; revision=183982
Diffstat (limited to 'sys/netinet/ip_divert.c')
| -rw-r--r-- | sys/netinet/ip_divert.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index aea0d613e596..bac453437824 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -627,7 +627,7 @@ div_pcblist(SYSCTL_HANDLER_ARGS) inp = LIST_NEXT(inp, inp_list)) { INP_RLOCK(inp); if (inp->inp_gencnt <= gencnt && - cr_canseesocket(req->td->td_ucred, inp->inp_socket) == 0) + cr_canseeinpcb(req->td->td_ucred, inp) == 0) inp_list[i++] = inp; INP_RUNLOCK(inp); } |