Date: Wed, 4 Nov 2009 19:00:38 +0100 From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r198874 - head/sys/kern Message-ID: <32B76852-3EA3-4814-A8B8-954CC510DAA3@FreeBSD.org> In-Reply-To: <20091104070427.GE2073@garage.freebsd.pl> References: <200911040648.nA46mYrb021862@svn.freebsd.org> <20091104070427.GE2073@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Wiadomo=B6=E6 napisana przez Pawel Jakub Dawidek w dniu 2009-11-04, o =20= godz. 08:04: > On Wed, Nov 04, 2009 at 06:48:34AM +0000, Edward Tomasz Napierala =20 > wrote: >> Author: trasz >> Date: Wed Nov 4 06:48:34 2009 >> New Revision: 198874 >> URL: http://svn.freebsd.org/changeset/base/198874 >> >> Log: >> Make sure we don't end up with VAPPEND without VWRITE, if someone =20= >> calls open(2) >> like this: open(..., O_APPEND). >> >> Modified: >> head/sys/kern/vfs_vnops.c >> >> Modified: head/sys/kern/vfs_vnops.c >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=20 >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >> --- head/sys/kern/vfs_vnops.c Wed Nov 4 06:47:14 2009 = (r198873) >> +++ head/sys/kern/vfs_vnops.c Wed Nov 4 06:48:34 2009 = (r198874) >> @@ -213,7 +213,7 @@ restart: >> if (fmode & FEXEC) >> accmode |=3D VEXEC; >> if (fmode & O_APPEND) >> - accmode |=3D VAPPEND; >> + accmode |=3D VWRITE | VAPPEND; >> #ifdef MAC >> error =3D mac_vnode_check_open(cred, vp, accmode); >> if (error) > > Why? If someone does O_APPEND only we don't want to give him write > access... As it is now, VAPPEND is not a real V* flag - it's a kind of modifier =20= to VWRITE. Which means that it doesn't really make sense, from the conceptual =20 point of view, to have VAPPEND without VWRITE being set at the same time. This =20 doesn't break things right now - at least I don't know about any such breakage - but =20= in the future I'd like to have a few KASSERTs to verify that VAPPEND is never =20= specified without VWRITE, just to make sure something unexpected doesn't happen =20= somewhere. As it is now, doing open(..., O_APPEND) will result in a =20 filedescriptor open for... reading. So, the change above would change the behaviour. =20 What about something like this instead: Index: vfs_vnops.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- vfs_vnops.c (revision 198876) +++ vfs_vnops.c (working copy) @@ -212,7 +212,7 @@ accmode |=3D VREAD; if (fmode & FEXEC) accmode |=3D VEXEC; - if (fmode & O_APPEND) + if ((fmode & O_APPEND) && (fmode & FWRITE)) accmode |=3D VAPPEND; #ifdef MAC error =3D mac_vnode_check_open(cred, vp, accmode); -- If you cut off my head, what would I say? Me and my head, or me and =20 my body?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?32B76852-3EA3-4814-A8B8-954CC510DAA3>