From owner-svn-src-all@FreeBSD.ORG Mon Oct 1 05:43:24 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C43CC1065713; Mon, 1 Oct 2012 05:43:24 +0000 (UTC) (envelope-from pjd@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 96D0F8FC1D; Mon, 1 Oct 2012 05:43:24 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q915hO1u089514; Mon, 1 Oct 2012 05:43:24 GMT (envelope-from pjd@svn.freebsd.org) Received: (from pjd@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q915hOxm089511; Mon, 1 Oct 2012 05:43:24 GMT (envelope-from pjd@svn.freebsd.org) Message-Id: <201210010543.q915hOxm089511@svn.freebsd.org> From: Pawel Jakub Dawidek Date: Mon, 1 Oct 2012 05:43:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r241083 - in head/sys: kern sys X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Oct 2012 05:43:25 -0000 Author: pjd Date: Mon Oct 1 05:43:24 2012 New Revision: 241083 URL: http://svn.freebsd.org/changeset/base/241083 Log: - Enforce CAP_MKFIFO on mkfifoat(2), not on mknodat(2). Without this change mkfifoat(2) was not restricted. - Introduce CAP_MKNOD and enforce it on mknodat(2). Sponsored by: FreeBSD Foundation MFC after: 2 weeks Modified: head/sys/kern/vfs_syscalls.c head/sys/sys/capability.h Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Mon Oct 1 05:42:43 2012 (r241082) +++ head/sys/kern/vfs_syscalls.c Mon Oct 1 05:43:24 2012 (r241083) @@ -1334,7 +1334,7 @@ restart: bwillwrite(); NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, pathseg, path, fd, - CAP_MKFIFO, td); + CAP_MKNOD, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -1458,8 +1458,9 @@ kern_mkfifoat(struct thread *td, int fd, AUDIT_ARG_MODE(mode); restart: bwillwrite(); - NDINIT_AT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, - pathseg, path, fd, td); + NDINIT_ATRIGHTS(&nd, CREATE, + LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, pathseg, path, fd, + CAP_MKFIFO, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); Modified: head/sys/sys/capability.h ============================================================================== --- head/sys/sys/capability.h Mon Oct 1 05:42:43 2012 (r241082) +++ head/sys/sys/capability.h Mon Oct 1 05:43:24 2012 (r241083) @@ -81,6 +81,7 @@ #define CAP_MKDIR 0x0000000000200000ULL #define CAP_RMDIR 0x0000000000400000ULL #define CAP_MKFIFO 0x0000000000800000ULL +#define CAP_MKNOD 0x0080000000000000ULL /* Lookups - used to constrain *at() calls. */ #define CAP_LOOKUP 0x0000000001000000ULL @@ -137,7 +138,7 @@ #define CAP_PDKILL 0x0040000000000000ULL /* The mask of all valid method rights. */ -#define CAP_MASK_VALID 0x007fffffffffffffULL +#define CAP_MASK_VALID 0x00ffffffffffffffULL #ifdef _KERNEL