Changeset View
Changeset View
Standalone View
Standalone View
sys/kern/uipc_socket.c
Show First 20 Lines • Show All 106 Lines • ▼ Show 20 Lines | |||||
#include "opt_inet.h" | #include "opt_inet.h" | ||||
#include "opt_inet6.h" | #include "opt_inet6.h" | ||||
#include "opt_kern_tls.h" | #include "opt_kern_tls.h" | ||||
#include "opt_sctp.h" | #include "opt_sctp.h" | ||||
#include <sys/param.h> | #include <sys/param.h> | ||||
#include <sys/systm.h> | #include <sys/systm.h> | ||||
#include <sys/capsicum.h> | |||||
#include <sys/fcntl.h> | #include <sys/fcntl.h> | ||||
#include <sys/limits.h> | #include <sys/limits.h> | ||||
#include <sys/lock.h> | #include <sys/lock.h> | ||||
#include <sys/mac.h> | #include <sys/mac.h> | ||||
#include <sys/malloc.h> | #include <sys/malloc.h> | ||||
#include <sys/mbuf.h> | #include <sys/mbuf.h> | ||||
#include <sys/mutex.h> | #include <sys/mutex.h> | ||||
#include <sys/domain.h> | #include <sys/domain.h> | ||||
▲ Show 20 Lines • Show All 397 Lines • ▼ Show 20 Lines | if (prp == NULL) { | ||||
/* No support for socket type. */ | /* No support for socket type. */ | ||||
if (proto == 0 && type != 0) | if (proto == 0 && type != 0) | ||||
return (EPROTOTYPE); | return (EPROTOTYPE); | ||||
return (EPROTONOSUPPORT); | return (EPROTONOSUPPORT); | ||||
} | } | ||||
if (prp->pr_usrreqs->pru_attach == NULL || | if (prp->pr_usrreqs->pru_attach == NULL || | ||||
prp->pr_usrreqs->pru_attach == pru_attach_notsupp) | prp->pr_usrreqs->pru_attach == pru_attach_notsupp) | ||||
return (EPROTONOSUPPORT); | return (EPROTONOSUPPORT); | ||||
if (IN_CAPABILITY_MODE(td) && (prp->pr_flags & PR_CAPATTACH) == 0) | |||||
oshogbo: Shouldn't we do this check as early as we can? | |||||
Done Inline ActionsI can reorder this with the preceding check, but that's it. Why is that preferable? Is to try and avoid providing information about protocol support in the kernel? markj: I can reorder this with the preceding check, but that's it. Why is that preferable? Is to try… | |||||
return (ECAPMODE); | |||||
Done Inline ActionsShould we return ECAPMODE ? oshogbo: Should we return ECAPMODE ? | |||||
Done Inline ActionsOh, probably. I forgot about ECAPMODE. markj: Oh, probably. I forgot about ECAPMODE. | |||||
if (prison_check_af(cred, prp->pr_domain->dom_family) != 0) | if (prison_check_af(cred, prp->pr_domain->dom_family) != 0) | ||||
return (EPROTONOSUPPORT); | return (EPROTONOSUPPORT); | ||||
if (prp->pr_type != type) | if (prp->pr_type != type) | ||||
return (EPROTOTYPE); | return (EPROTOTYPE); | ||||
so = soalloc(CRED_TO_VNET(cred)); | so = soalloc(CRED_TO_VNET(cred)); | ||||
if (so == NULL) | if (so == NULL) | ||||
▲ Show 20 Lines • Show All 3,880 Lines • Show Last 20 Lines |
Shouldn't we do this check as early as we can?