Date: Wed, 4 Nov 2009 19:00:38 +0100 From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r198874 - head/sys/kern Message-ID: <32B76852-3EA3-4814-A8B8-954CC510DAA3@FreeBSD.org> In-Reply-To: <20091104070427.GE2073@garage.freebsd.pl> References: <200911040648.nA46mYrb021862@svn.freebsd.org> <20091104070427.GE2073@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Wiadomość napisana przez Pawel Jakub Dawidek w dniu 2009-11-04, o godz. 08:04: > On Wed, Nov 04, 2009 at 06:48:34AM +0000, Edward Tomasz Napierala > wrote: >> Author: trasz >> Date: Wed Nov 4 06:48:34 2009 >> New Revision: 198874 >> URL: http://svn.freebsd.org/changeset/base/198874 >> >> Log: >> Make sure we don't end up with VAPPEND without VWRITE, if someone >> calls open(2) >> like this: open(..., O_APPEND). >> >> Modified: >> head/sys/kern/vfs_vnops.c >> >> Modified: head/sys/kern/vfs_vnops.c >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- head/sys/kern/vfs_vnops.c Wed Nov 4 06:47:14 2009 (r198873) >> +++ head/sys/kern/vfs_vnops.c Wed Nov 4 06:48:34 2009 (r198874) >> @@ -213,7 +213,7 @@ restart: >> if (fmode & FEXEC) >> accmode |= VEXEC; >> if (fmode & O_APPEND) >> - accmode |= VAPPEND; >> + accmode |= VWRITE | VAPPEND; >> #ifdef MAC >> error = mac_vnode_check_open(cred, vp, accmode); >> if (error) > > Why? If someone does O_APPEND only we don't want to give him write > access... As it is now, VAPPEND is not a real V* flag - it's a kind of modifier to VWRITE. Which means that it doesn't really make sense, from the conceptual point of view, to have VAPPEND without VWRITE being set at the same time. This doesn't break things right now - at least I don't know about any such breakage - but in the future I'd like to have a few KASSERTs to verify that VAPPEND is never specified without VWRITE, just to make sure something unexpected doesn't happen somewhere. As it is now, doing open(..., O_APPEND) will result in a filedescriptor open for... reading. So, the change above would change the behaviour. What about something like this instead: Index: vfs_vnops.c =================================================================== --- vfs_vnops.c (revision 198876) +++ vfs_vnops.c (working copy) @@ -212,7 +212,7 @@ accmode |= VREAD; if (fmode & FEXEC) accmode |= VEXEC; - if (fmode & O_APPEND) + if ((fmode & O_APPEND) && (fmode & FWRITE)) accmode |= VAPPEND; #ifdef MAC error = mac_vnode_check_open(cred, vp, accmode); -- If you cut off my head, what would I say? Me and my head, or me and my body?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?32B76852-3EA3-4814-A8B8-954CC510DAA3>