Date: Sat, 15 Feb 2020 01:28:42 +0000 (UTC) From: Mateusz Guzik <mjg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r357951 - head/sys/kern Message-ID: <202002150128.01F1SgRO045608@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mjg Date: Sat Feb 15 01:28:42 2020 New Revision: 357951 URL: https://svnweb.freebsd.org/changeset/base/357951 Log: vfs: use new capsicum helpers Modified: head/sys/kern/vfs_acl.c head/sys/kern/vfs_extattr.c head/sys/kern/vfs_lookup.c head/sys/kern/vfs_syscalls.c Modified: head/sys/kern/vfs_acl.c ============================================================================== --- head/sys/kern/vfs_acl.c Sat Feb 15 01:28:06 2020 (r357950) +++ head/sys/kern/vfs_acl.c Sat Feb 15 01:28:42 2020 (r357951) @@ -436,7 +436,7 @@ sys___acl_get_fd(struct thread *td, struct __acl_get_f AUDIT_ARG_FD(uap->filedes); error = getvnode(td, uap->filedes, - cap_rights_init(&rights, CAP_ACL_GET), &fp); + cap_rights_init_one(&rights, CAP_ACL_GET), &fp); if (error == 0) { error = vacl_get_acl(td, fp->f_vnode, uap->type, uap->aclp); fdrop(fp, td); @@ -456,7 +456,7 @@ sys___acl_set_fd(struct thread *td, struct __acl_set_f AUDIT_ARG_FD(uap->filedes); error = getvnode(td, uap->filedes, - cap_rights_init(&rights, CAP_ACL_SET), &fp); + cap_rights_init_one(&rights, CAP_ACL_SET), &fp); if (error == 0) { error = vacl_set_acl(td, fp->f_vnode, uap->type, uap->aclp); fdrop(fp, td); @@ -512,7 +512,7 @@ sys___acl_delete_fd(struct thread *td, struct __acl_de AUDIT_ARG_FD(uap->filedes); error = getvnode(td, uap->filedes, - cap_rights_init(&rights, CAP_ACL_DELETE), &fp); + cap_rights_init_one(&rights, CAP_ACL_DELETE), &fp); if (error == 0) { error = vacl_delete(td, fp->f_vnode, uap->type); fdrop(fp, td); @@ -569,7 +569,7 @@ sys___acl_aclcheck_fd(struct thread *td, struct __acl_ AUDIT_ARG_FD(uap->filedes); error = getvnode(td, uap->filedes, - cap_rights_init(&rights, CAP_ACL_CHECK), &fp); + cap_rights_init_one(&rights, CAP_ACL_CHECK), &fp); if (error == 0) { error = vacl_aclcheck(td, fp->f_vnode, uap->type, uap->aclp); fdrop(fp, td); Modified: head/sys/kern/vfs_extattr.c ============================================================================== --- head/sys/kern/vfs_extattr.c Sat Feb 15 01:28:06 2020 (r357950) +++ head/sys/kern/vfs_extattr.c Sat Feb 15 01:28:42 2020 (r357951) @@ -243,7 +243,7 @@ sys_extattr_set_fd(struct thread *td, struct extattr_s AUDIT_ARG_TEXT(attrname); error = getvnode(td, uap->fd, - cap_rights_init(&rights, CAP_EXTATTR_SET), &fp); + cap_rights_init_one(&rights, CAP_EXTATTR_SET), &fp); if (error) return (error); @@ -410,7 +410,7 @@ sys_extattr_get_fd(struct thread *td, struct extattr_g AUDIT_ARG_TEXT(attrname); error = getvnode(td, uap->fd, - cap_rights_init(&rights, CAP_EXTATTR_GET), &fp); + cap_rights_init_one(&rights, CAP_EXTATTR_GET), &fp); if (error) return (error); @@ -545,7 +545,7 @@ sys_extattr_delete_fd(struct thread *td, struct extatt AUDIT_ARG_TEXT(attrname); error = getvnode(td, uap->fd, - cap_rights_init(&rights, CAP_EXTATTR_DELETE), &fp); + cap_rights_init_one(&rights, CAP_EXTATTR_DELETE), &fp); if (error) return (error); @@ -691,7 +691,7 @@ sys_extattr_list_fd(struct thread *td, struct extattr_ AUDIT_ARG_FD(uap->fd); AUDIT_ARG_VALUE(uap->attrnamespace); error = getvnode(td, uap->fd, - cap_rights_init(&rights, CAP_EXTATTR_LIST), &fp); + cap_rights_init_one(&rights, CAP_EXTATTR_LIST), &fp); if (error) return (error); Modified: head/sys/kern/vfs_lookup.c ============================================================================== --- head/sys/kern/vfs_lookup.c Sat Feb 15 01:28:06 2020 (r357950) +++ head/sys/kern/vfs_lookup.c Sat Feb 15 01:28:42 2020 (r357951) @@ -440,7 +440,7 @@ namei(struct nameidata *ndp) } else { vrefact(ndp->ni_rootdir); rights = ndp->ni_rightsneeded; - cap_rights_set(&rights, CAP_LOOKUP); + cap_rights_set_one(&rights, CAP_LOOKUP); if (cnp->cn_flags & AUDITVNODE1) AUDIT_ARG_ATFD1(ndp->ni_dirfd); @@ -493,7 +493,7 @@ namei(struct nameidata *ndp) vrefact(ndp->ni_beneath_latch); } else { rights = ndp->ni_rightsneeded; - cap_rights_set(&rights, CAP_LOOKUP); + cap_rights_set_one(&rights, CAP_LOOKUP); error = fgetvp_rights(td, ndp->ni_dirfd, &rights, &dirfd_caps, &ndp->ni_beneath_latch); if (error == 0 && dp->v_type != VDIR) { @@ -1344,7 +1344,7 @@ NDINIT_ALL(struct nameidata *ndp, u_long op, u_long fl if (rightsp != NULL) ndp->ni_rightsneeded = *rightsp; else - cap_rights_init(&ndp->ni_rightsneeded); + cap_rights_init_zero(&ndp->ni_rightsneeded); } /* Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Sat Feb 15 01:28:06 2020 (r357950) +++ head/sys/kern/vfs_syscalls.c Sat Feb 15 01:28:42 2020 (r357951) @@ -966,34 +966,34 @@ flags_to_rights(int flags, cap_rights_t *rightsp) { if (flags & O_EXEC) { - cap_rights_set(rightsp, CAP_FEXECVE); + cap_rights_set_one(rightsp, CAP_FEXECVE); } else { switch ((flags & O_ACCMODE)) { case O_RDONLY: - cap_rights_set(rightsp, CAP_READ); + cap_rights_set_one(rightsp, CAP_READ); break; case O_RDWR: - cap_rights_set(rightsp, CAP_READ); + cap_rights_set_one(rightsp, CAP_READ); /* FALLTHROUGH */ case O_WRONLY: - cap_rights_set(rightsp, CAP_WRITE); + cap_rights_set_one(rightsp, CAP_WRITE); if (!(flags & (O_APPEND | O_TRUNC))) - cap_rights_set(rightsp, CAP_SEEK); + cap_rights_set_one(rightsp, CAP_SEEK); break; } } if (flags & O_CREAT) - cap_rights_set(rightsp, CAP_CREATE); + cap_rights_set_one(rightsp, CAP_CREATE); if (flags & O_TRUNC) - cap_rights_set(rightsp, CAP_FTRUNCATE); + cap_rights_set_one(rightsp, CAP_FTRUNCATE); if (flags & (O_SYNC | O_FSYNC)) - cap_rights_set(rightsp, CAP_FSYNC); + cap_rights_set_one(rightsp, CAP_FSYNC); if (flags & (O_EXLOCK | O_SHLOCK)) - cap_rights_set(rightsp, CAP_FLOCK); + cap_rights_set_one(rightsp, CAP_FLOCK); } /* @@ -1048,7 +1048,7 @@ kern_openat(struct thread *td, int fd, const char *pat AUDIT_ARG_FFLAGS(flags); AUDIT_ARG_MODE(mode); - cap_rights_init(&rights, CAP_LOOKUP); + cap_rights_init_one(&rights, CAP_LOOKUP); flags_to_rights(flags, &rights); /* * Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags @@ -3752,7 +3752,7 @@ kern_frmdirat(struct thread *td, int dfd, const char * fp = NULL; if (fd != FD_NONE) { - error = getvnode(td, fd, cap_rights_init(&rights, CAP_LOOKUP), + error = getvnode(td, fd, cap_rights_init_one(&rights, CAP_LOOKUP), &fp); if (error != 0) return (error);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002150128.01F1SgRO045608>