aboutsummaryrefslogtreecommitdiffstats
path: root/sys/fs
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2013-09-10 10:15:33 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2013-09-10 10:15:33 +0000
commit772e608bdc472eeb1e92841230515892b162e512 (patch)
tree463cdc20ccde2d82930ce1349a53a1bd69124b44 /sys/fs
parent26a053bf13387f41c179de8fa2d3ee7f3dfca2cf (diff)
downloadsrc-772e608bdc472eeb1e92841230515892b162e512.tar.gz
src-772e608bdc472eeb1e92841230515892b162e512.zip
In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK at the socket layer rather than pass them on to the link layer without validation or credential checks. [SA-13:12] Prevent cross-mount hardlinks between different nullfs mounts of the same underlying filesystem. [SA-13:13] Security: CVE-2013-5691 Security: FreeBSD-SA-13:12.ifioctl Security: CVE-2013-5710 Security: FreeBSD-SA-13:13.nullfs Approved by: so
Notes
Notes: svn path=/releng/9.1/; revision=255448
Diffstat (limited to 'sys/fs')
-rw-r--r--sys/fs/nullfs/null_vnops.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/sys/fs/nullfs/null_vnops.c b/sys/fs/nullfs/null_vnops.c
index b607666d093f..666aa76f0ac2 100644
--- a/sys/fs/nullfs/null_vnops.c
+++ b/sys/fs/nullfs/null_vnops.c
@@ -815,6 +815,15 @@ null_vptocnp(struct vop_vptocnp_args *ap)
return (error);
}
+static int
+null_link(struct vop_link_args *ap)
+{
+
+ if (ap->a_tdvp->v_mount != ap->a_vp->v_mount)
+ return (EXDEV);
+ return (null_bypass((struct vop_generic_args *)ap));
+}
+
/*
* Global vfs data structures
*/
@@ -828,6 +837,7 @@ struct vop_vector null_vnodeops = {
.vop_getwritemount = null_getwritemount,
.vop_inactive = null_inactive,
.vop_islocked = vop_stdislocked,
+ .vop_link = null_link,
.vop_lock1 = null_lock,
.vop_lookup = null_lookup,
.vop_open = null_open,