Date: Mon, 27 Jul 2009 15:39:46 GMT From: Jonathan Anderson <jona@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 166626 for review Message-ID: <200907271539.n6RFdkPd094531@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=166626 Change 166626 by jona@jona-trustedbsd-belle-vmware on 2009/07/27 15:38:53 Handling passing of umasks for open() calls which create files (rather than using a default 0666) Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel-powerbox.h#3 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#12 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#12 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/TextEditor.cpp#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/powerbox.c#9 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#18 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel-powerbox.h#3 (text+ko) ==== @@ -60,6 +60,7 @@ int filterlen; /* length of filter expression */ int flags; /* open() flags, e.g. O_RDONLY */ cap_rights_t rights; /* capabilities, e.g. CAP_SEEK */ + int umask; /* umask, for open() with O_CREAT */ }; ==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#12 (text+ko) ==== @@ -199,7 +199,7 @@ -int ua_open(const char *path, int flags) +int ua_open(const char *path, int flags, ...) { cap_rights_t rights = CAP_FSTAT | CAP_SEEK | CAP_FSYNC; @@ -209,12 +209,21 @@ if(flags & O_DIRECTORY) rights |= CAP_FSTATFS | CAP_FEXECVE; - return ua_ropen(path, flags, rights); + int mask = 0; + if(flags & O_CREAT) + { + va_list args; + va_start(args, flags); + mask = va_arg(args, int); + va_end(args); + } + + return ua_ropen(path, flags, rights, mask); } -int ua_ropen(const char *path, int flags, cap_rights_t rights) +int ua_ropen(const char *path, int flags, cap_rights_t rights, int mask) { if(angel < 0) angel = ua_find(); if(angel < 0) return -1; @@ -224,14 +233,14 @@ data[1] = ua_marshall_string(path, strlen(path)); data[2] = ua_marshall_int(flags); data[3] = ua_marshall_int(rights); + data[4] = ua_marshall_int(mask); - for(int i = 0; i < 4; i++) if(ua_send(angel, data[i], NULL, 0) < 0) return -1; - - free(data[0]); - free(data[1]); - free(data[2]); - free(data[3]); + for(int i = 0; i <= 4; i++) + { + if(ua_send(angel, data[i], NULL, 0) < 0) return -1; + free(data[i]); + } @@ -639,7 +648,7 @@ datum* ua_marshall_powerbox(const struct ua_powerbox_options *options) { - datum *data[8]; + datum *data[9]; data[0] = ua_marshall_int(options->ui); data[1] = ua_marshall_int(options->operation); data[2] = ua_marshall_int(options->parent_window); @@ -648,9 +657,10 @@ data[5] = ua_marshall_string(options->filter, options->filterlen); data[6] = ua_marshall_int(options->flags); data[7] = ua_marshall_int(options->rights); + data[8] = ua_marshall_int(options->umask); int total_size = 0; - for(int i = 0; i < 8; i++) + for(int i = 0; i <= 8; i++) if(data[i] == NULL) { errno = EINVAL; @@ -664,7 +674,7 @@ char *buffer = ((char*) d) + sizeof(datum); char *head = buffer; - for(int i = 0; i < 8; i++) + for(int i = 0; i <= 8; i++) { memcpy(head, data[i], sizeof(datum) + data[i]->length); head += sizeof(datum) + data[i]->length; @@ -736,6 +746,10 @@ if(ua_unmarshall_int(head, &tmp_int) < 0) return -1; options->rights = tmp_int; + head = (const datum*) (((const char*) head) + sizeof(datum) + head->length); + + if(ua_unmarshall_int(head, &tmp_int) < 0) return -1; + options->umask = tmp_int; return sizeof(datum) + d->length; ==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#12 (text+ko) ==== @@ -63,10 +63,10 @@ int ua_stat(const char *path, struct stat *s); /** Open a file via the User Angel */ -int ua_open(const char *path, int flags); +int ua_open(const char *path, int flags, ...); /** Open a file via the User Angel, specifying rights the capability should have */ -int ua_ropen(const char *path, int flags, cap_rights_t rights); +int ua_ropen(const char *path, int flags, cap_rights_t rights, int umask); /** Open a file stream via the User Angel */ FILE* ua_fopen(const char *path, const char *mode); ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/TextEditor.cpp#2 (text+ko) ==== @@ -139,6 +139,7 @@ options.filterlen = 0; options.flags = O_WRONLY | O_CREAT | O_TRUNC; options.rights = CAP_FSTAT | CAP_SEEK | CAP_FSYNC | CAP_WRITE | CAP_FTRUNCATE; + options.umask = 0666; int fdcount = 1; int fd; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#7 (text+ko) ==== @@ -45,9 +45,9 @@ const char *cap_error() { return errstr; } -int cap_open(const char *path, int flags, cap_rights_t rights) +int cap_open(const char *path, int flags, cap_rights_t rights, int umask) { - int fd = open(path, flags); + int fd = open(path, flags, umask); if(fd < 0) { if(strlen(path) > 256) path = "<very long path>"; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#4 (text+ko) ==== @@ -46,5 +46,5 @@ /** Open a file in capability mode with specified rights */ -int cap_open(const char *path, int flags, cap_rights_t rights); +int cap_open(const char *path, int flags, cap_rights_t rights, int umask); ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/powerbox.c#9 (text+ko) ==== @@ -70,7 +70,8 @@ // open the files using the requested flags and rights for(int i = 0; i < *len; i++) { - fds[i] = cap_open(names[i], options->flags, options->rights); + fds[i] = cap_open(names[i], options->flags, options->rights, + options->umask); if(fds[i] < 0) { perror("Error opening file capability"); ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#18 (text+ko) ==== @@ -429,12 +429,13 @@ if(ua_unmarshall_string(d, path, &pathlen) < 0) return -1; printf(": '%s'\n", path); - int32_t flags, rights; + int32_t flags, rights, umask; if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &flags) < 0) return -1; if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &rights) < 0) return -1; + if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &umask) < 0) return -1; - int cap = cap_open(path, flags, rights); + int cap = cap_open(path, flags, rights, umask); if(cap < 0) return 1; d = ua_marshall_int(1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200907271539.n6RFdkPd094531>