tap(4) should go UP if opened
Frank Behrens
frank at pinky.sax.de
Wed Mar 14 12:13:52 UTC 2007
Bruce M. Simpson <bms at freebsd.org> wrote on 9 Mar 2007 12:30:
> However, we also support the creation of tap/tun instances by
> non-super-users, so there is motivation for the change. Configuring a
> tap interface to up by a non-superuser should only be permitted if the
> interface itself was created by a non-superuser, and if
> net.link.tap.user_open is set to 1.
>
> A more involved patch is needed to do this right for all cases -- we
> should not do this by default.
After thinking about the problem I agree with you and propose the following patch:
--- sys/net/if_tap.c.orig Thu Mar 8 19:10:59 2007
+++ sys/net/if_tap.c Wed Mar 14 12:35:58 2007
@@ -501,6 +501,8 @@
s = splimp();
ifp->if_drv_flags |= IFF_DRV_RUNNING;
ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
+ if (tapuopen)
+ ifp->if_flags |= IFF_UP;
splx(s);
TAPDEBUG("%s is open. minor = %#x\n", ifp->if_xname, minor(dev));
Rationale:
For transmitting packets via tap(4) device (at least) two conditions have to met:
1. The control device must be opened by an process.
2. The ethernet interface must be UP.
For 1. we allow non-root processes the access, when
a) sysctl net.link.tap.user_open=1 AND
b) /dev/tapx has sufficient permissions
If we have no possibility to mark the interface as UP for the non-root process the
net.link.tap.user_open=1 is useless, because we can not transmit any packets. With the
patch the interface goes UP only, when the administrator allowed non-root user access.
Regards,
Frank
--
Frank Behrens, Osterwieck, Germany
PGP-key 0x5B7C47ED on public servers available.
More information about the freebsd-net
mailing list