All cases do the same check up first, so merge it before the switch.
It could be hoisted further in both in_ioctl() and in_ioctl_change_ifaddr(),
but that meant a change in errno return semantic, so leave it for now.
Feedback? Objection OK?
Index: in.c
===================================================================
RCS file: /cvs/src/sys/netinet/in.c,v
retrieving revision 1.179
diff -u -p -r1.179 in.c
--- in.c 6 Dec 2022 22:19:39 -0000 1.179
+++ in.c 14 Apr 2023 23:05:30 -0000
@@ -283,13 +283,13 @@ in_ioctl(u_long cmd, caddr_t data, struc
goto err;
}
+ if (!privileged) {
+ error = EPERM;
+ goto err;
+ }
+
switch (cmd) {
case SIOCSIFDSTADDR:
- if (!privileged) {
- error = EPERM;
- break;
- }
-
if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
error = EINVAL;
break;
@@ -309,11 +309,6 @@ in_ioctl(u_long cmd, caddr_t data, struc
break;
case SIOCSIFBRDADDR:
- if (!privileged) {
- error = EPERM;
- break;
- }
-
if ((ifp->if_flags & IFF_BROADCAST) == 0) {
error = EINVAL;
break;
@@ -325,11 +320,6 @@ in_ioctl(u_long cmd, caddr_t data, struc
break;
case SIOCSIFNETMASK:
- if (!privileged) {
- error = EPERM;
- break;
- }
-
if (ifr->ifr_addr.sa_len < 8) {
error = EINVAL;
break;
@@ -427,6 +417,9 @@ in_ioctl_change_ifaddr(u_long cmd, caddr
return (error);
}
+ if (!privileged)
+ return (EPERM);
+
NET_LOCK();
TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
@@ -444,11 +437,6 @@ in_ioctl_change_ifaddr(u_long cmd, caddr
case SIOCAIFADDR: {
int needinit = 0;
- if (!privileged) {
- error = EPERM;
- break;
- }
-
if (ifra->ifra_mask.sin_len) {
if (ifra->ifra_mask.sin_len < 8) {
error = EINVAL;
@@ -531,11 +519,6 @@ in_ioctl_change_ifaddr(u_long cmd, caddr
break;
}
case SIOCDIFADDR:
- if (!privileged) {
- error = EPERM;
- break;
- }
-
if (ia == NULL) {
error = EADDRNOTAVAIL;
break;
