net: check permissions on net contexts
The original sockets system calls used file descriptors which
were actually net_context pointers. For all socket system calls,
any calls from user mode would check if the caller had permission
to use the net context.
This was later changed to not stuff net_context pointers into file
descriptors, but all the permission checking was unintentionally
lost, allowing all threads on the system to
read/write all socket file descriptors in the system at will, with
no way to isolate applications running on the same microcontroller
from each other's network activity.
This patch restores the permission checks on network context objects
for socket system calls that originated from user mode.
The call to z_object_recycle() was never removed from
zsock_socket_internal(); this is again leveraged to grant the
caller who opened the socket permission on the net_context
associated with the returned file descriptor.
To ensure that all socket calls do this checking, all uses of
z_get_fd_obj_and_vtable() have been routed through get_sock_vtable().
Objects have initialization state set and thread permissions
reset to just the caller in common zsock_socket() code.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
1 file changed
