From owner-p4-projects@FreeBSD.ORG Thu May 22 08:27:56 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 264CA106567B; Thu, 22 May 2008 08:27:56 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DCD911065679 for ; Thu, 22 May 2008 08:27:55 +0000 (UTC) (envelope-from jb@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id CB0C88FC18 for ; Thu, 22 May 2008 08:27:55 +0000 (UTC) (envelope-from jb@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m4M8RtDU097766 for ; Thu, 22 May 2008 08:27:55 GMT (envelope-from jb@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m4M8Rt1F097764 for perforce@freebsd.org; Thu, 22 May 2008 08:27:55 GMT (envelope-from jb@freebsd.org) Date: Thu, 22 May 2008 08:27:55 GMT Message-Id: <200805220827.m4M8Rt1F097764@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to jb@freebsd.org using -f From: John Birrell To: Perforce Change Reviews Cc: Subject: PERFORCE change 142030 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2008 08:27:56 -0000 http://perforce.freebsd.org/chv.cgi?CH=142030 Change 142030 by jb@freebsd3 on 2008/05/22 08:27:30 IFC Affected files ... .. //depot/projects/dtrace/src/sys/netinet/ip_dummynet.c#11 integrate .. //depot/projects/dtrace/src/sys/netinet/raw_ip.c#17 integrate Differences ... ==== //depot/projects/dtrace/src/sys/netinet/ip_dummynet.c#11 (text+ko) ==== @@ -26,7 +26,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.115 2008/02/27 13:52:33 dwmalone Exp $"); +__FBSDID("$FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.116 2008/05/22 08:10:31 rwatson Exp $"); #define DUMMYNET_DEBUG @@ -63,6 +63,7 @@ #include #include #include +#include #include #include #include @@ -2124,6 +2125,10 @@ int error = 0 ; struct dn_pipe *p, tmp_pipe; + error = priv_check(sopt->sopt_td, PRIV_NETINET_DUMMYNET); + if (error) + return (error); + /* Disallow sets in really-really secure mode. */ if (sopt->sopt_dir == SOPT_SET) { #if __FreeBSD_version >= 500034 ==== //depot/projects/dtrace/src/sys/netinet/raw_ip.c#17 (text+ko) ==== @@ -30,7 +30,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/netinet/raw_ip.c,v 1.184 2008/05/09 23:02:57 julian Exp $"); +__FBSDID("$FreeBSD: src/sys/netinet/raw_ip.c,v 1.185 2008/05/22 08:10:31 rwatson Exp $"); #include "opt_inet6.h" #include "opt_ipsec.h" @@ -381,13 +381,6 @@ case IP_FW_TABLE_LIST: case IP_FW_NAT_GET_CONFIG: case IP_FW_NAT_GET_LOG: - /* - * XXXRW: Isn't this checked one layer down? Yes, it - * is. - */ - error = priv_check(curthread, PRIV_NETINET_IPFW); - if (error != 0) - return (error); if (ip_fw_ctl_ptr != NULL) error = ip_fw_ctl_ptr(sopt); else @@ -395,9 +388,6 @@ break; case IP_DUMMYNET_GET: - error = priv_check(curthread, PRIV_NETINET_DUMMYNET); - if (error != 0) - return (error); if (ip_dn_ctl_ptr != NULL) error = ip_dn_ctl_ptr(sopt); else @@ -452,12 +442,6 @@ case IP_FW_TABLE_FLUSH: case IP_FW_NAT_CFG: case IP_FW_NAT_DEL: - /* - * XXXRW: Isn't this checked one layer down? - */ - error = priv_check(curthread, PRIV_NETINET_IPFW); - if (error != 0) - return (error); if (ip_fw_ctl_ptr != NULL) error = ip_fw_ctl_ptr(sopt); else @@ -467,9 +451,6 @@ case IP_DUMMYNET_CONFIGURE: case IP_DUMMYNET_DEL: case IP_DUMMYNET_FLUSH: - error = priv_check(curthread, PRIV_NETINET_DUMMYNET); - if (error != 0) - return (error); if (ip_dn_ctl_ptr != NULL) error = ip_dn_ctl_ptr(sopt); else