On Sun, Feb 26, 2017 at 10:56:16AM +0100, Claudio Jeker wrote:
> This diff works for me but I did not test each and every protocol (TCP,
> UDP, ICMP, AF_UNIX work).
I am currently running it with all regression tests.
> Also not sure if I should renumber the PRU_* defines... in a way this can
> be solved in a second step.
I would say, leave it as it is.
> +int
> +pfkey_attach(struct socket *so, int proto)
> {
I think you forgot the check from pfkey_usrreq() here.
if ((socket->so_proto->pr_protocol > PFKEY_PROTOCOL_MAX) ||
(socket->so_proto->pr_protocol < 0) ||
!pfkey_versions[socket->so_proto->pr_protocol])
return (EPROTONOSUPPORT);
> int
> +route_attach(struct socket *so, int proto)
> +{
...
> + /*
> + * Don't call raw_usrreq() in the attach case, because
> + * we want to allow non-privileged processes to listen
> + * on and send "safe" commands to the routing socket.
> + */
This comment does not make sense anymore. It is more the other way
around now. Don't call raw_attach() from anywhere else without
checking SS_PRIV.
> @@ -578,35 +578,6 @@ rip6_usrreq(struct socket *so, int req,
The variable priv in rip6_usrreq() is no longer used.
> @@ -74,15 +74,6 @@ mpls_raw_usrreq(struct socket *so, int r
> return (EOPNOTSUPP);
>
> switch (req) {
> - case PRU_ATTACH:
> - if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
> - error = soreserve(so, mpls_raw_sendspace,
> - mpls_raw_recvspace);
> - if (error)
> - break;
> - }
> - break;
> -
Why can you just delete this?
bluhm
