Module Name: src
Committed By: christos
Date: Tue Sep 21 15:07:43 UTC 2021
Modified Files:
src/sys/netinet6: ip6_output.c
Log Message:
don't opencode kauth_cred_get()
To generate a diff of this commit:
cvs rdiff -u -r1.228 -r1.229 src/sys/netinet6/ip6_output.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.228 src/sys/netinet6/ip6_output.c:1.229
--- src/sys/netinet6/ip6_output.c:1.228 Tue Aug 17 18:00:32 2021
+++ src/sys/netinet6/ip6_output.c Tue Sep 21 11:07:43 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.228 2021/08/17 22:00:32 andvar Exp $ */
+/* $NetBSD: ip6_output.c,v 1.229 2021/09/21 15:07:43 christos Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.228 2021/08/17 22:00:32 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.229 2021/09/21 15:07:43 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1361,7 +1361,8 @@ ip6_ctloutput(int op, struct socket *so,
case IPV6_RECVHOPOPTS:
case IPV6_RECVDSTOPTS:
case IPV6_RECVRTHDRDSTOPTS:
- error = kauth_authorize_network(kauth_cred_get(),
+ error = kauth_authorize_network(
+ kauth_cred_get(),
KAUTH_NETWORK_IPV6, KAUTH_REQ_NETWORK_IPV6_HOPBYHOP,
NULL, NULL, NULL);
if (error)
@@ -1612,8 +1613,8 @@ else \
* Check super-user privilege.
* See comments for IPV6_RECVHOPOPTS.
*/
- error =
- kauth_authorize_network(kauth_cred_get(),
+ error = kauth_authorize_network(
+ kauth_cred_get(),
KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL,
NULL, NULL);
@@ -1622,8 +1623,8 @@ else \
OPTSET2292(IN6P_HOPOPTS);
break;
case IPV6_2292DSTOPTS:
- error =
- kauth_authorize_network(kauth_cred_get(),
+ error = kauth_authorize_network(
+ kauth_cred_get(),
KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL,
NULL, NULL);
@@ -2358,7 +2359,8 @@ ip6_get_membership(const struct sockopt
* all multicast addresses. Only super user is allowed
* to do this.
*/
- if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_IPV6,
+ if (kauth_authorize_network(kauth_cred_get(),
+ KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST, NULL, NULL, NULL))
return EACCES;
} else if (IN6_IS_ADDR_V4MAPPED(ia)) {
@@ -2973,7 +2975,8 @@ ip6_setpktopt(int optname, u_char *buf,
case IPV6_2292NEXTHOP:
#endif
case IPV6_NEXTHOP:
- error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+ error = kauth_authorize_network(cred,
+ KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
if (error)
return (error);
@@ -3031,7 +3034,8 @@ ip6_setpktopt(int optname, u_char *buf,
* options, since per-option restriction has too much
* overhead.
*/
- error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+ error = kauth_authorize_network(cred,
+ KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
if (error)
return (error);
@@ -3069,7 +3073,8 @@ ip6_setpktopt(int optname, u_char *buf,
int destlen;
/* XXX: see the comment for IPV6_HOPOPTS */
- error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+ error = kauth_authorize_network(cred,
+ KAUTH_NETWORK_IPV6,
KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
if (error)
return (error);
