diff options
| author | Roy Marples <roy@marples.name> | 2020-05-15 22:29:30 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-05-15 22:29:30 +0100 |
| commit | f55742151ec03f517471ab9a9724e5c1359fbc30 (patch) | |
| tree | 8d7b13fd95e9ca13d0be21ee964a76b31c455301 /src/privsep-bpf.c | |
| parent | e591578fa167bd838c8a0051eadf0a33062cbb06 (diff) | |
| download | dhcpcd-f55742151ec03f517471ab9a9724e5c1359fbc30.tar.xz | |
ARP: Remove ability to filter specific addresses
This is only really needed for long lasting ARP, which is only
used for IPv4 address defence.
Modern NetBSD does not need this and it fails to work with
OpenBSD Pledge. FreeBSD Capsicum is more secure without this
as the BPF fd can then be locked for other changes [1].
That just leaves Linux and Solaris.
If anyone feels dhcpcd is processing to much ARP then please
implement RFC 5227 in the kernel like NetBSD.
[1] Locking the BPF fd is questionable because the inet proxy
using sendmsg can send any packet to any destination.
Diffstat (limited to 'src/privsep-bpf.c')
| -rw-r--r-- | src/privsep-bpf.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/privsep-bpf.c b/src/privsep-bpf.c index 06247c0f..ed8fa5b8 100644 --- a/src/privsep-bpf.c +++ b/src/privsep-bpf.c @@ -90,6 +90,7 @@ ps_bpf_recvbpf(void *arg) } #ifdef ARP +#if !defined(HAVE_CAPSICUM) && !defined(HAVE_PLEDGE) static ssize_t ps_bpf_arp_addr(uint16_t cmd, struct ps_process *psp, struct msghdr *msg) { @@ -125,6 +126,7 @@ ps_bpf_arp_addr(uint16_t cmd, struct ps_process *psp, struct msghdr *msg) return bpf_arp(ifp, psp->psp_work_fd); } #endif +#endif static ssize_t ps_bpf_recvmsgcb(void *arg, struct ps_msghdr *psm, struct msghdr *msg) @@ -134,7 +136,11 @@ ps_bpf_recvmsgcb(void *arg, struct ps_msghdr *psm, struct msghdr *msg) #ifdef ARP if (psm->ps_cmd & (PS_START | PS_DELETE)) +#if !defined(HAVE_CAPSICUM) && !defined(HAVE_PLEDGE) return ps_bpf_arp_addr(psm->ps_cmd, psp, msg); +#else + return 0; +#endif #endif return bpf_send(&psp->psp_ifp, psp->psp_work_fd, psp->psp_proto, @@ -276,13 +282,12 @@ ps_bpf_cmd(struct dhcpcd_ctx *ctx, struct ps_msghdr *psm, struct msghdr *msg) return -1; case 0: #ifdef HAVE_CAPSICUM - if (cap_enter() == -1 && errno != ENOSYS) - logerr("%s: cap_enter", __func__); + if (cap_enter() == -1 && errno != ENOSYS) + logerr("%s: cap_enter", __func__); #endif #ifdef HAVE_PLEDGE - /* Cant change BPF fitler for ARP yet. */ - if (cmd != PS_BPF_ARP && pledge("stdio", NULL) == -1) - logerr("%s: pledge", __func__); + if (pledge("stdio", NULL) == -1) + logerr("%s: pledge", __func__); #endif break; default: |