From owner-svn-src-head@FreeBSD.ORG Wed Oct 22 00:23:45 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 100292A5; Wed, 22 Oct 2014 00:23:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EFF6E62D; Wed, 22 Oct 2014 00:23:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s9M0Nild089977; Wed, 22 Oct 2014 00:23:44 GMT (envelope-from mjg@FreeBSD.org) Received: (from mjg@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s9M0NiBX089974; Wed, 22 Oct 2014 00:23:44 GMT (envelope-from mjg@FreeBSD.org) Message-Id: <201410220023.s9M0NiBX089974@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mjg set sender to mjg@FreeBSD.org using -f From: Mateusz Guzik Date: Wed, 22 Oct 2014 00:23:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r273441 - in head/sys: kern sys X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2014 00:23:45 -0000 Author: mjg Date: Wed Oct 22 00:23:43 2014 New Revision: 273441 URL: https://svnweb.freebsd.org/changeset/base/273441 Log: filedesc: cleanup setugidsafety a little Rename it to fdsetugidsafety for consistency with other functions. There is no need to take filedesc lock if not closing any files. The loop has to verify each file and we are guaranteed fdtable has space for at least 20 fds. As such there is no need to check fd_lastfile. While here tidy up is_unsafe. Modified: head/sys/kern/kern_descrip.c head/sys/kern/kern_exec.c head/sys/sys/filedesc.h Modified: head/sys/kern/kern_descrip.c ============================================================================== --- head/sys/kern/kern_descrip.c Tue Oct 21 23:57:31 2014 (r273440) +++ head/sys/kern/kern_descrip.c Wed Oct 22 00:23:43 2014 (r273441) @@ -2078,23 +2078,23 @@ fdescfree(struct thread *td) * Since setugidsafety calls this only for fd 0, 1 and 2, this check is * sufficient. We also don't check for setugidness since we know we are. */ -static int +static bool is_unsafe(struct file *fp) { - if (fp->f_type == DTYPE_VNODE) { - struct vnode *vp = fp->f_vnode; + struct vnode *vp; - if ((vp->v_vflag & VV_PROCDEP) != 0) - return (1); - } - return (0); + if (fp->f_type != DTYPE_VNODE) + return (false); + + vp = fp->f_vnode; + return ((vp->v_vflag & VV_PROCDEP) != 0); } /* * Make this setguid thing safe, if at all possible. */ void -setugidsafety(struct thread *td) +fdsetugidsafety(struct thread *td) { struct filedesc *fdp; struct file *fp; @@ -2102,12 +2102,10 @@ setugidsafety(struct thread *td) fdp = td->td_proc->p_fd; KASSERT(fdp->fd_refcnt == 1, ("the fdtable should not be shared")); - FILEDESC_XLOCK(fdp); - for (i = 0; i <= fdp->fd_lastfile; i++) { - if (i > 2) - break; + for (i = 0; i <= 2; i++) { fp = fdp->fd_ofiles[i].fde_file; if (fp != NULL && is_unsafe(fp)) { + FILEDESC_XLOCK(fdp); knote_fdclose(td, i); /* * NULL-out descriptor prior to close to avoid @@ -2116,10 +2114,8 @@ setugidsafety(struct thread *td) fdfree(fdp, i); FILEDESC_XUNLOCK(fdp); (void) closef(fp, td); - FILEDESC_XLOCK(fdp); } } - FILEDESC_XUNLOCK(fdp); } /* Modified: head/sys/kern/kern_exec.c ============================================================================== --- head/sys/kern/kern_exec.c Tue Oct 21 23:57:31 2014 (r273440) +++ head/sys/kern/kern_exec.c Wed Oct 22 00:23:43 2014 (r273441) @@ -695,7 +695,7 @@ interpret: */ PROC_UNLOCK(p); VOP_UNLOCK(imgp->vp, 0); - setugidsafety(td); + fdsetugidsafety(td); error = fdcheckstd(td); if (error != 0) goto done1; Modified: head/sys/sys/filedesc.h ============================================================================== --- head/sys/sys/filedesc.h Tue Oct 21 23:57:31 2014 (r273440) +++ head/sys/sys/filedesc.h Wed Oct 22 00:23:43 2014 (r273441) @@ -148,6 +148,7 @@ int fdallocn(struct thread *td, int minf int fdcheckstd(struct thread *td); void fdclose(struct filedesc *fdp, struct file *fp, int idx, struct thread *td); void fdcloseexec(struct thread *td); +void fdsetugidsafety(struct thread *td); struct filedesc *fdcopy(struct filedesc *fdp); void fdunshare(struct thread *td); void fdescfree(struct thread *td); @@ -159,7 +160,6 @@ struct filedesc_to_leader * int getvnode(struct filedesc *fdp, int fd, cap_rights_t *rightsp, struct file **fpp); void mountcheckdirs(struct vnode *olddp, struct vnode *newdp); -void setugidsafety(struct thread *td); /* Return a referenced file from an unlocked descriptor. */ int fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,