Jeremie Courreges-Anglas([email protected]) on 2017.07.22 21:40:53 +0200:
>
> If you destroy the interface pflogd(8) listens on, you get killed
> because socket(2) is denied by the current pledge(2) restrictions:
>
> pflogd(15868): syscall 97 "inet"
>
> The ioctl(SIOCGIFDATA) call would be fatal too.
>
> The diff below just uses if_nametoindex(3), which is always allowed.
> The if_exists() function is then so simple that it could be deleted.
>
> # ./obj/pflogd -s 160 -D -i pflog1
> [priv]: msg PRIV_OPEN_LOG received
> interface pflog1 went away
> Exiting
>
> Opinions / ok?
ok
> Index: pflogd.c
> ===================================================================
> RCS file: /d/cvs/src/sbin/pflogd/pflogd.c,v
> retrieving revision 1.53
> diff -u -p -p -u -r1.53 pflogd.c
> --- pflogd.c 16 Jan 2016 03:17:48 -0000 1.53
> +++ pflogd.c 22 Jul 2017 19:28:21 -0000
> @@ -194,23 +194,7 @@ set_pcap_filter(void)
> int
> if_exists(char *ifname)
> {
> - int s, ret = 1;
> - struct ifreq ifr;
> - struct if_data ifrdat;
> -
> - if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
> - err(1, "socket");
> - bzero(&ifr, sizeof(ifr));
> - if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) >=
> - sizeof(ifr.ifr_name))
> - errx(1, "main ifr_name: strlcpy");
> - ifr.ifr_data = (caddr_t)&ifrdat;
> - if (ioctl(s, SIOCGIFDATA, (caddr_t)&ifr) == -1)
> - ret = 0;
> - if (close(s))
> - err(1, "close");
> -
> - return (ret);
> + return (if_nametoindex(ifname) != 0);
> }
>
> int
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
>
