diff options
| author | Roy Marples <roy@marples.name> | 2020-06-05 11:12:21 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-06-05 11:12:21 +0100 |
| commit | 14af21e525d20018c73466f4c90afc3c4c2567fc (patch) | |
| tree | ce9774419ef10a2842ee505c360d13e54c645bf1 /src/if-bsd.c | |
| parent | d8abf7196114e205e2b6a6318111ea4b3f948668 (diff) | |
| download | dhcpcd-14af21e525d20018c73466f4c90afc3c4c2567fc.tar.xz | |
privsep: Remove pledges inet and dns from the master process
Achieved by adding IPC to ignore interfaces names based on
the interface group.
This means every process just pledges stdio for IPC which the
exception of the master process which also pledges route so it
can access the routing table.
Diffstat (limited to 'src/if-bsd.c')
| -rw-r--r-- | src/if-bsd.c | 51 |
1 files changed, 31 insertions, 20 deletions
diff --git a/src/if-bsd.c b/src/if-bsd.c index 78735c7b..495d9acb 100644 --- a/src/if-bsd.c +++ b/src/if-bsd.c @@ -292,21 +292,10 @@ if_ignore1(const char *drvname) return false; } -bool -if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) -{ - struct if_spec spec; - - if (if_nametospec(ifname, &spec) != 0) - return false; - - if (if_ignore1(spec.drvname)) - return true; - #ifdef SIOCGIFGROUP -#ifdef HAVE_PLEDGE -#warning Fix SIOCGIFGROUP to use privsep to remove inet pledge requirement -#endif +int +if_ignoregroup(int s, const char *ifname) +{ struct ifgroupreq ifgr = { .ifgr_len = 0 }; struct ifg_req *ifg; size_t ifg_len; @@ -316,12 +305,12 @@ if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) * will be very unlikely.... */ strlcpy(ifgr.ifgr_name, ifname, sizeof(ifgr.ifgr_name)); - if (ioctl(ctx->pf_inet_fd, SIOCGIFGROUP, &ifgr) == -1 || + if (ioctl(s, SIOCGIFGROUP, &ifgr) == -1 || (ifgr.ifgr_groups = malloc(ifgr.ifgr_len)) == NULL || - ioctl(ctx->pf_inet_fd, SIOCGIFGROUP, &ifgr) == -1) + ioctl(s, SIOCGIFGROUP, &ifgr) == -1) { logerr(__func__); - return false; + return -1; } for (ifg = ifgr.ifgr_groups, ifg_len = ifgr.ifgr_len; @@ -329,13 +318,35 @@ if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) ifg++, ifg_len -= sizeof(*ifg)) { if (if_ignore1(ifg->ifgrq_group)) - return true; + return 1; } -#else - UNUSED(ctx); + return 0; +} #endif +bool +if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) +{ + struct if_spec spec; + + if (if_nametospec(ifname, &spec) != 0) + return false; + + if (if_ignore1(spec.drvname)) + return true; + +#ifdef SIOCGIFGROUP +#if defined(PRIVSEP) && defined(HAVE_PLEDGE) + if (IN_PRIVSEP(ctx)) + return ps_root_ifignoregroup(ctx, ifname) == 1 ? true : false; +#endif + else + return if_ignoregroup(ctx->pf_inet_fd, ifname) == 1 ? + true : false; +#else + UNUSED(ctx); return false; +#endif } int |