AVFS: make forbidden check for specific proc instead of fp
This commit is contained in:
Thomas Veerman
parent
0e537f1085
commit
9233fdb359
|
|
@ -179,7 +179,7 @@ PUBLIC int pm_exec(int proc_e, char *path, vir_bytes path_len, char *frame,
|
|||
|
||||
if ((vp->v_mode & I_TYPE) != I_REGULAR)
|
||||
r = ENOEXEC;
|
||||
else if ((r1 = forbidden(vp, X_BIT)) != OK)
|
||||
else if ((r1 = forbidden(fp, vp, X_BIT)) != OK)
|
||||
r = r1;
|
||||
else
|
||||
r = req_stat(vp->v_fs_e, vp->v_inode_nr, VFS_PROC_NR,
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ PUBLIC int do_link()
|
|||
if (vp->v_fs_e != dirp->v_fs_e)
|
||||
r = EXDEV;
|
||||
else
|
||||
r = forbidden(dirp, W_BIT | X_BIT);
|
||||
r = forbidden(fp, dirp, W_BIT | X_BIT);
|
||||
|
||||
if (r == OK)
|
||||
r = req_link(vp->v_fs_e, dirp->v_inode_nr, fullpath,
|
||||
|
|
@ -117,7 +117,7 @@ PUBLIC int do_unlink()
|
|||
}
|
||||
|
||||
/* The caller must have both search and execute permission */
|
||||
if ((r = forbidden(dirp, X_BIT | W_BIT)) != OK) {
|
||||
if ((r = forbidden(fp, dirp, X_BIT | W_BIT)) != OK) {
|
||||
unlock_vnode(dirp);
|
||||
unlock_vmnt(vmp);
|
||||
put_vnode(dirp);
|
||||
|
|
@ -243,8 +243,8 @@ PUBLIC int do_rename()
|
|||
if (old_dirp->v_fs_e != new_dirp->v_fs_e) r = EXDEV;
|
||||
|
||||
/* Parent dirs must be writable, searchable and on a writable device */
|
||||
if ((r1 = forbidden(old_dirp, W_BIT|X_BIT)) != OK ||
|
||||
(r1 = forbidden(new_dirp, W_BIT|X_BIT)) != OK) r = r1;
|
||||
if ((r1 = forbidden(fp, old_dirp, W_BIT|X_BIT)) != OK ||
|
||||
(r1 = forbidden(fp, new_dirp, W_BIT|X_BIT)) != OK) r = r1;
|
||||
|
||||
if (r == OK) {
|
||||
tll_upgrade(&oldvmp->m_lock); /* Upgrade to exclusive access */
|
||||
|
|
@ -289,7 +289,7 @@ PUBLIC int do_truncate()
|
|||
if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code);
|
||||
|
||||
/* Ask FS to truncate the file */
|
||||
if ((r = forbidden(vp, W_BIT)) == OK)
|
||||
if ((r = forbidden(fp, vp, W_BIT)) == OK)
|
||||
r = truncate_vnode(vp, m_in.flength);
|
||||
|
||||
unlock_vnode(vp);
|
||||
|
|
@ -366,7 +366,7 @@ PUBLIC int do_slink()
|
|||
|
||||
if ((vp = last_dir(&resolve, fp)) == NULL) return(err_code);
|
||||
|
||||
if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
|
||||
if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
|
||||
r = req_slink(vp->v_fs_e, vp->v_inode_nr, fullpath, who_e,
|
||||
m_in.name1, m_in.name1_length - 1, fp->fp_effuid,
|
||||
fp->fp_effgid);
|
||||
|
|
|
|||
|
|
@ -139,13 +139,13 @@ PUBLIC int common_open(char path[PATH_MAX], int oflags, mode_t omode)
|
|||
/* Only do the normal open code if we didn't just create the file. */
|
||||
if (exist) {
|
||||
/* Check protections. */
|
||||
if ((r = forbidden(vp, bits)) == OK) {
|
||||
if ((r = forbidden(fp, vp, bits)) == OK) {
|
||||
/* Opening reg. files, directories, and special files differ */
|
||||
switch (vp->v_mode & I_TYPE) {
|
||||
case I_REGULAR:
|
||||
/* Truncate regular file if O_TRUNC. */
|
||||
if (oflags & O_TRUNC) {
|
||||
if ((r = forbidden(vp, W_BIT)) != OK)
|
||||
if ((r = forbidden(fp, vp, W_BIT)) != OK)
|
||||
break;
|
||||
truncate_vnode(vp, 0);
|
||||
}
|
||||
|
|
@ -351,7 +351,7 @@ PRIVATE struct vnode *new_node(struct lookup *resolve, int oflags, mode_t bits)
|
|||
|
||||
lock_vnode(vp, VNODE_OPCL);
|
||||
|
||||
if ((r = forbidden(dirp, W_BIT|X_BIT)) != OK ||
|
||||
if ((r = forbidden(fp, dirp, W_BIT|X_BIT)) != OK ||
|
||||
(r = req_create(dirp->v_fs_e, dirp->v_inode_nr,bits, fp->fp_effuid,
|
||||
fp->fp_effgid, path, &res)) != OK ) {
|
||||
/* Can't create inode either due to permissions or some other
|
||||
|
|
@ -530,7 +530,7 @@ PUBLIC int do_mknod()
|
|||
/* Make sure that the object is a directory */
|
||||
if ((vp->v_mode & I_TYPE) != I_DIRECTORY) {
|
||||
r = ENOTDIR;
|
||||
} else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
|
||||
} else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
|
||||
r = req_mknod(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid,
|
||||
fp->fp_effgid, bits, m_in.mk_z0);
|
||||
}
|
||||
|
|
@ -566,7 +566,7 @@ PUBLIC int do_mkdir()
|
|||
/* Make sure that the object is a directory */
|
||||
if ((vp->v_mode & I_TYPE) != I_DIRECTORY) {
|
||||
r = ENOTDIR;
|
||||
} else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
|
||||
} else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
|
||||
r = req_mkdir(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid,
|
||||
fp->fp_effgid, bits);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -795,7 +795,7 @@ size_t pathlen;
|
|||
if ((vp = eat_path(&resolve, rfp)) == NULL) return(err_code);
|
||||
|
||||
/* check permissions */
|
||||
r = forbidden(vp, (R_BIT | W_BIT));
|
||||
r = forbidden(rfp, vp, (R_BIT | W_BIT));
|
||||
|
||||
unlock_vnode(vp);
|
||||
unlock_vmnt(vmp);
|
||||
|
|
|
|||
|
|
@ -198,7 +198,7 @@ PUBLIC int do_access()
|
|||
return(err_code);
|
||||
if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code);
|
||||
|
||||
r = forbidden(vp, m_in.mode);
|
||||
r = forbidden(fp, vp, m_in.mode);
|
||||
|
||||
unlock_vnode(vp);
|
||||
unlock_vmnt(vmp);
|
||||
|
|
@ -211,7 +211,7 @@ PUBLIC int do_access()
|
|||
/*===========================================================================*
|
||||
* forbidden *
|
||||
*===========================================================================*/
|
||||
PUBLIC int forbidden(struct vnode *vp, mode_t access_desired)
|
||||
PUBLIC int forbidden(struct fproc *rfp, struct vnode *vp, mode_t access_desired)
|
||||
{
|
||||
/* Given a pointer to an vnode, 'vp', and the access desired, determine
|
||||
* if the access is allowed, and if not why not. The routine looks up the
|
||||
|
|
@ -228,8 +228,8 @@ PUBLIC int forbidden(struct vnode *vp, mode_t access_desired)
|
|||
|
||||
/* Isolate the relevant rwx bits from the mode. */
|
||||
bits = vp->v_mode;
|
||||
uid = (call_nr == ACCESS ? fp->fp_realuid : fp->fp_effuid);
|
||||
gid = (call_nr == ACCESS ? fp->fp_realgid : fp->fp_effgid);
|
||||
uid = (call_nr == ACCESS ? rfp->fp_realuid : rfp->fp_effuid);
|
||||
gid = (call_nr == ACCESS ? rfp->fp_realgid : rfp->fp_effgid);
|
||||
|
||||
if (uid == SU_UID) {
|
||||
/* Grant read and write permission. Grant search permission for
|
||||
|
|
|
|||
|
|
@ -210,7 +210,8 @@ _PROTOTYPE( int do_access, (void) );
|
|||
_PROTOTYPE( int do_chmod, (void) );
|
||||
_PROTOTYPE( int do_chown, (void) );
|
||||
_PROTOTYPE( int do_umask, (void) );
|
||||
_PROTOTYPE( int forbidden, (struct vnode *vp, mode_t access_desired) );
|
||||
_PROTOTYPE( int forbidden, (struct fproc *rfp, struct vnode *vp,
|
||||
mode_t access_desired) );
|
||||
_PROTOTYPE( int read_only, (struct vnode *vp) );
|
||||
|
||||
/* read.c */
|
||||
|
|
|
|||
|
|
@ -111,7 +111,7 @@ struct vnode *vp; /* this is what the inode has to become */
|
|||
if ((vp->v_mode & I_TYPE) != I_DIRECTORY)
|
||||
r = ENOTDIR;
|
||||
else
|
||||
r = forbidden(vp, X_BIT); /* Check if dir is searchable*/
|
||||
r = forbidden(fp, vp, X_BIT); /* Check if dir is searchable*/
|
||||
if (r != OK) return(r);
|
||||
|
||||
/* Everything is OK. Make the change. */
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ PUBLIC int do_utime()
|
|||
/* Only the owner of a file or the super user can change its name. */
|
||||
r = OK;
|
||||
if (vp->v_uid != fp->fp_effuid && fp->fp_effuid != SU_UID) r = EPERM;
|
||||
if (m_in.utime_length == 0 && r != OK) r = forbidden(vp, W_BIT);
|
||||
if (m_in.utime_length == 0 && r != OK) r = forbidden(fp, vp, W_BIT);
|
||||
if (read_only(vp) != OK) r = EROFS; /* Not even su can touch if R/O */
|
||||
if (r == OK) {
|
||||
/* Issue request */
|
||||
|
|
|
|||
Loading…
Reference in a new issue