sctp: propagate cap rights on sctp_peeloff

PR:		201052
Reviewed by:	oshogbo, tuexen
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46884
This commit is contained in:
Ed Maste
2024-10-03 07:54:44 -04:00
parent e4550c9aa0
commit 91a9e4e01d
+4 -3
View File
@@ -141,13 +141,14 @@ sys_sctp_peeloff(struct thread *td, struct sctp_peeloff_args *uap)
{ {
struct file *headfp, *nfp = NULL; struct file *headfp, *nfp = NULL;
struct socket *head, *so; struct socket *head, *so;
struct filecaps fcaps;
cap_rights_t rights; cap_rights_t rights;
u_int fflag; u_int fflag;
int error, fd; int error, fd;
AUDIT_ARG_FD(uap->sd); AUDIT_ARG_FD(uap->sd);
error = getsock(td, uap->sd, cap_rights_init_one(&rights, CAP_PEELOFF), error = getsock_cap(td, uap->sd,
&headfp); cap_rights_init_one(&rights, CAP_PEELOFF), &headfp, &fcaps);
if (error != 0) if (error != 0)
goto done2; goto done2;
fflag = atomic_load_int(&headfp->f_flag); fflag = atomic_load_int(&headfp->f_flag);
@@ -165,7 +166,7 @@ sys_sctp_peeloff(struct thread *td, struct sctp_peeloff_args *uap)
* but that is ok. * but that is ok.
*/ */
error = falloc(td, &nfp, &fd, 0); error = falloc_caps(td, &nfp, &fd, 0, &fcaps);
if (error != 0) if (error != 0)
goto done; goto done;
td->td_retval[0] = fd; td->td_retval[0] = fd;