git: 91a9e4e01dab - main - sctp: propagate cap rights on sctp_peeloff

Ed Maste Tue, 08 Oct 2024 17:37:28 -0700

The branch main has been updated by emaste:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=91a9e4e01dab7a740b8e3b7c39c59a537e71e5d2


commit 91a9e4e01dab7a740b8e3b7c39c59a537e71e5d2
Author:     Ed Maste <ema...@freebsd.org>
AuthorDate: 2024-10-03 11:54:44 +0000
Commit:     Ed Maste <ema...@freebsd.org>
CommitDate: 2024-10-09 00:36:50 +0000

    sctp: propagate cap rights on sctp_peeloff
    
    PR:             201052
    Reviewed by:    oshogbo, tuexen
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46884
---
 sys/netinet/sctp_syscalls.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/sys/netinet/sctp_syscalls.c b/sys/netinet/sctp_syscalls.c
index d67e260b6f99..9d85576e2592 100644
--- a/sys/netinet/sctp_syscalls.c
+++ b/sys/netinet/sctp_syscalls.c
@@ -141,13 +141,14 @@ sys_sctp_peeloff(struct thread *td, struct 
sctp_peeloff_args *uap)
 {
        struct file *headfp, *nfp = NULL;
        struct socket *head, *so;
+       struct filecaps fcaps;
        cap_rights_t rights;
        u_int fflag;
        int error, fd;
 
        AUDIT_ARG_FD(uap->sd);
-       error = getsock(td, uap->sd, cap_rights_init_one(&rights, CAP_PEELOFF),
-           &headfp);
+       error = getsock_cap(td, uap->sd,
+           cap_rights_init_one(&rights, CAP_PEELOFF), &headfp, &fcaps);
        if (error != 0)
                goto done2;
        fflag = atomic_load_int(&headfp->f_flag);
@@ -165,7 +166,7 @@ sys_sctp_peeloff(struct thread *td, struct 
sctp_peeloff_args *uap)
         * but that is ok.
         */
 
-       error = falloc(td, &nfp, &fd, 0);
+       error = falloc_caps(td, &nfp, &fd, 0, &fcaps);
        if (error != 0)
                goto done;
        td->td_retval[0] = fd;

git: 91a9e4e01dab - main - sctp: propagate cap rights on sctp_peeloff

Reply via email to