From owner-p4-projects Sun Jul 21 12:23:36 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CB4B637B401; Sun, 21 Jul 2002 12:23:31 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 61D6037B400 for ; Sun, 21 Jul 2002 12:23:31 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A29F43E58 for ; Sun, 21 Jul 2002 12:23:31 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6LJNUJU093234 for ; Sun, 21 Jul 2002 12:23:30 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6LJNUNH093231 for perforce@freebsd.org; Sun, 21 Jul 2002 12:23:30 -0700 (PDT) Date: Sun, 21 Jul 2002 12:23:30 -0700 (PDT) Message-Id: <200207211923.g6LJNUNH093231@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 14621 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14621 Change 14621 by rwatson@rwatson_curry on 2002/07/21 12:22:43 A couple of VFS/MAC cleanups including: - Authorize readdir using readdir check rather than search check - Stick in an open check until the emulator is fixed to use vn_open() Affected files ... .. //depot/projects/trustedbsd/mac/sys/compat/linux/linux_file.c#6 edit .. //depot/projects/trustedbsd/mac/sys/compat/linux/linux_getcwd.c#6 edit .. //depot/projects/trustedbsd/mac/sys/compat/linux/linux_misc.c#12 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/compat/linux/linux_file.c#6 (text+ko) ==== @@ -331,7 +331,7 @@ /* * Do directory search MAC check using non-cached credentials. */ - if ((error = mac_cred_check_search_vnode(td->td_proc->p_ucred, vp)) + if ((error = mac_cred_check_readdir_vnode(td->td_proc->p_ucred, vp)) goto out; #endif /* MAC */ if ((error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, &ncookies, ==== //depot/projects/trustedbsd/mac/sys/compat/linux/linux_getcwd.c#6 (text+ko) ==== @@ -203,7 +203,7 @@ eofflag = 0; #ifdef MAC - error = mac_cred_check_search_vnode(td->td_ucred, uvp); + error = mac_cred_check_readdir_vnode(td->td_ucred, uvp); if (error == 0) #endif /* MAC */ error = VOP_READDIR(uvp, &uio, td->td_ucred, &eofflag, ==== //depot/projects/trustedbsd/mac/sys/compat/linux/linux_misc.c#12 (text+ko) ==== @@ -307,6 +307,11 @@ * authorized. It would also remove lots of duplicated code * from vn_open(). */ +#ifdef MAC + error = mac_cred_check_open_vnode(td->td_ucred, vp, FREAD); + if (error) + goto cleanup; +#endif error = VOP_OPEN(vp, FREAD, td->td_ucred, td); if (error) goto cleanup; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message