diff options
| author | Roy Marples <roy@marples.name> | 2020-10-03 17:00:56 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-10-03 17:00:56 +0100 |
| commit | 984496259fe1b2fb7fd04d7f2c348ac1a2c7985f (patch) | |
| tree | 1e2e7cc17136f003a6b8d721306654a1a05fa8c2 | |
| parent | d13d954be2a7e366e2c5090bf95d762074c278ff (diff) | |
| download | dhcpcd-984496259fe1b2fb7fd04d7f2c348ac1a2c7985f.tar.xz | |
privsep: We need getsockopt as well as setsockopt on the link socket
So we can report receive buffer size.
Important for route(4) overflow so we can try and set a bigger buffer.
| -rw-r--r-- | src/if-bsd.c | 4 | ||||
| -rw-r--r-- | src/privsep.c | 5 | ||||
| -rw-r--r-- | src/privsep.h | 2 |
3 files changed, 7 insertions, 4 deletions
diff --git a/src/if-bsd.c b/src/if-bsd.c index 75b7e62a..8f10acdc 100644 --- a/src/if-bsd.c +++ b/src/if-bsd.c @@ -216,8 +216,10 @@ if_opensockets_os(struct dhcpcd_ctx *ctx) #endif #ifdef PRIVSEP_RIGHTS + /* We need to getsockopt for SO_RCVBUF and + * setsockopt for RO_MISSFILTER. */ if (IN_PRIVSEP(ctx)) - ps_rights_limit_fd_setsockopt(ctx->link_fd); + ps_rights_limit_fd_sockopt(ctx->link_fd); #endif return 0; diff --git a/src/privsep.c b/src/privsep.c index 693a87f5..b54b1b7a 100644 --- a/src/privsep.c +++ b/src/privsep.c @@ -260,11 +260,12 @@ ps_rights_limit_fd(int fd) } int -ps_rights_limit_fd_setsockopt(int fd) +ps_rights_limit_fd_sockopt(int fd) { cap_rights_t rights; - cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT, CAP_SETSOCKOPT); + cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT, + CAP_GETSOCKOPT, CAP_SETSOCKOPT); if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS) return -1; return 0; diff --git a/src/privsep.h b/src/privsep.h index cd26a842..4fd33e7f 100644 --- a/src/privsep.h +++ b/src/privsep.h @@ -197,7 +197,7 @@ int ps_setbuf_fdpair(int []); int ps_rights_limit_ioctl(int); int ps_rights_limit_fd_fctnl(int); int ps_rights_limit_fd_rdonly(int); -int ps_rights_limit_fd_setsockopt(int); +int ps_rights_limit_fd_sockopt(int); int ps_rights_limit_fd(int); int ps_rights_limit_fdpair(int []); #endif |