Date: Mon, 22 Jun 2009 14:12:57 +1000 (EST) From: Bruce Evans <brde@optusnet.com.au> To: Konstantin Belousov <kib@FreeBSD.org> Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: svn commit: r194586 - in head/sys: cddl/compat/opensolaris/kern cddl/compat/opensolaris/sys cddl/contrib/opensolaris/uts/common/fs/zfs kern sys Message-ID: <20090622133231.W31111@delplex.bde.org> In-Reply-To: <200906211341.n5LDfWEx008281@svn.freebsd.org> References: <200906211341.n5LDfWEx008281@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 21 Jun 2009, Konstantin Belousov wrote:
> Log:
> Add another flags argument to vn_open_cred. Use it to specify that some
> vn_open_cred invocations shall not audit namei path.
> Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c
> ==============================================================================
> --- head/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c Sun Jun 21 13:15:56 2009 (r194585)
> +++ head/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c Sun Jun 21 13:41:32 2009 (r194586)
> @@ -85,7 +85,8 @@ kobj_open_file_vnode(const char *file)
>
> flags = FREAD;
> NDINIT(&nd, LOOKUP, MPSAFE, UIO_SYSSPACE, file, td);
> - error = vn_open_cred(&nd, &flags, O_NOFOLLOW, curthread->td_ucred, NULL);
> + error = vn_open_cred(&nd, &flags, O_NOFOLLOW, 0, curthread->td_ucred,
> + NULL);
I was going to ask "why not put the flag in the existing flags arg,
like O_NOFOLLOW here?", but it seems that there is no existing flags
arg and the above O_NOFOLLOW is garbage. O_NOFOLLOW happens to be
0x100, so I think the above asks for mode S_IRUSR.
Now I will ask "why not put O_NOFOLLOW here and the new flag in the
existing pointer-to-flags arg?".
> Modified: head/sys/cddl/compat/opensolaris/sys/vnode.h
> ==============================================================================
> --- head/sys/cddl/compat/opensolaris/sys/vnode.h Sun Jun 21 13:15:56 2009 (r194585)
> +++ head/sys/cddl/compat/opensolaris/sys/vnode.h Sun Jun 21 13:41:32 2009 (r194586)
> @@ -182,7 +182,7 @@ vn_openat(char *pnamep, enum uio_seg seg
> vref(startvp);
> NDINIT_ATVP(&nd, operation, MPSAFE, UIO_SYSSPACE, pnamep, startvp, td);
> filemode |= O_NOFOLLOW;
> - error = vn_open_cred(&nd, &filemode, createmode, td->td_ucred, NULL);
> + error = vn_open_cred(&nd, &filemode, createmode, 0, td->td_ucred, NULL);
Here it does put O_NOFOLLOW in the existing pointer-to-flags arg. It
obfuscates the open-flags variable by naming it filemode.
> Modified: head/sys/kern/vfs_vnops.c
> ==============================================================================
> --- head/sys/kern/vfs_vnops.c Sun Jun 21 13:15:56 2009 (r194585)
> +++ head/sys/kern/vfs_vnops.c Sun Jun 21 13:41:32 2009 (r194586)
> @@ -102,11 +102,8 @@ vn_open(ndp, flagp, cmode, fp)
> * due to the NDINIT being done elsewhere.
> */
> int
> -vn_open_cred(ndp, flagp, cmode, cred, fp)
> - struct nameidata *ndp;
> - int *flagp, cmode;
> - struct ucred *cred;
> - struct file *fp;
> +vn_open_cred(struct nameidata *ndp, int *flagp, int cmode, u_int vn_open_flags,
> + struct ucred *cred, struct file *fp)
> {
> struct vnode *vp;
> struct mount *mp;
> @@ -124,9 +121,11 @@ restart:
> if (fmode & O_CREAT) {
Internally, flags are obfuscated by copying *flagp to the misnamed local
variable fmode.
The pointer-to-flags variable has about 12 spare bits in it. It already
has just 1 kernel-only flag (O_HASLOCK, misnamed FHASLOCK and misassigned
in the middle of the user flags). fcntl.h's list of open flags has
been obfuscated by putting AT_ flags in the middle of the list.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090622133231.W31111>