From: Roy Marples <roy@marples.name>
Date: Fri, 2 Oct 2020 14:57:01 +0000 (+0100)
Subject: privsep: allow CAP_SETSOCKOPT for route(4) fd.
X-Git-Tag: v9.3.0~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d13d954be2a7e366e2c5090bf95d762074c278ff;p=thirdparty%2Fdhcpcd.git

privsep: allow CAP_SETSOCKOPT for route(4) fd.

If FreeBSD ever implements RO_MISSFILTER it will need special
rights to work over Capsium.
---

diff --git a/src/if-bsd.c b/src/if-bsd.c
index 3eb78045..75b7e62a 100644
--- a/src/if-bsd.c
+++ b/src/if-bsd.c
@@ -215,6 +215,11 @@ if_opensockets_os(struct dhcpcd_ctx *ctx)
 #warning kernel does not support route message filtering
 #endif
 
+#ifdef PRIVSEP_RIGHTS
+	if (IN_PRIVSEP(ctx))
+		ps_rights_limit_fd_setsockopt(ctx->link_fd);
+#endif
+
 	return 0;
 }
 
diff --git a/src/privsep.c b/src/privsep.c
index a7a17e92..693a87f5 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -259,6 +259,17 @@ ps_rights_limit_fd(int fd)
 	return 0;
 }
 
+int
+ps_rights_limit_fd_setsockopt(int fd)
+{
+	cap_rights_t rights;
+
+	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT, CAP_SETSOCKOPT);
+	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
+		return -1;
+	return 0;
+}
+
 int
 ps_rights_limit_fd_rdonly(int fd)
 {
@@ -537,7 +548,6 @@ ps_mastersandbox(struct dhcpcd_ctx *ctx, const char *_pledge)
 #ifdef PRIVSEP_RIGHTS
 	if ((ctx->pf_inet_fd != -1 &&
 	    ps_rights_limit_ioctl(ctx->pf_inet_fd) == -1) ||
-	    (ctx->link_fd != -1 && ps_rights_limit_fd(ctx->link_fd) == -1) ||
 	     ps_rights_limit_stdio(ctx) == -1)
 	{
 		logerr("%s: cap_rights_limit", __func__);
diff --git a/src/privsep.h b/src/privsep.h
index 93f7965e..cd26a842 100644
--- a/src/privsep.h
+++ b/src/privsep.h
@@ -197,6 +197,7 @@ int ps_setbuf_fdpair(int []);
 int ps_rights_limit_ioctl(int);
 int ps_rights_limit_fd_fctnl(int);
 int ps_rights_limit_fd_rdonly(int);
+int ps_rights_limit_fd_setsockopt(int);
 int ps_rights_limit_fd(int);
 int ps_rights_limit_fdpair(int []);
 #endif