diff options
| author | Mike Zeller <mike@mikezeller.net> | 2020-04-01 13:54:54 -0400 |
|---|---|---|
| committer | Mike Zeller <mike@mikezeller.net> | 2020-04-01 13:54:54 -0400 |
| commit | dd035614e73d1cceea865a18ca21d4a8bfb50a25 (patch) | |
| tree | 438675e34faab05bc1d925331167e738a028f5e0 | |
| parent | 88606cbe3645730adccc57e29f4b829af51c05f4 (diff) | |
| download | illumos-joyent-dd035614e73d1cceea865a18ca21d4a8bfb50a25.tar.gz | |
OS-8152 lx should return EACCES when SOCK_DGRAM is used with IPPROTO_ICMP
| -rw-r--r-- | usr/src/uts/common/brand/lx/syscall/lx_socket.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/usr/src/uts/common/brand/lx/syscall/lx_socket.c b/usr/src/uts/common/brand/lx/syscall/lx_socket.c index 694549a4cb..905602f46b 100644 --- a/usr/src/uts/common/brand/lx/syscall/lx_socket.c +++ b/usr/src/uts/common/brand/lx/syscall/lx_socket.c @@ -22,7 +22,7 @@ /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. - * Copyright 2019 Joyent, Inc. + * Copyright 2020 Joyent, Inc. * Copyright 2019 OmniOS Community Edition (OmniOSce) Association. */ @@ -1402,6 +1402,18 @@ lx_socket_create(int domain, int type, int protocol, int options, file_t **fpp, file_t *fp; int err, fd; + /* + * EACCES is returned in linux when the user isn't allowed to use a + * "ping socket". EACCES is also used by the iputils-ping userland + * application to determine if fallback to SOCK_RAW is necessary. + * + * This can be removed if we ever implement SOCK_DGRAM + IPPROTO_ICMP. + * See linux commit c319b4d76b9e583a5d88d6bf190e079c4e43213d. + */ + if (type == SOCK_DGRAM && (protocol == IPPROTO_ICMP + || protocol == IPPROTO_ICMPV6)) + return (EACCES); + /* logic cloned from so_socket */ so = socket_create(domain, type, protocol, NULL, NULL, SOCKET_SLEEP, SOV_DEFAULT, CRED(), &err); |