AVFS: make forbidden check for specific proc instead of fp

This commit is contained in:
Thomas Veerman 2012-01-27 13:54:35 +00:00
parent 0e537f1085
commit 9233fdb359
8 changed files with 21 additions and 20 deletions

View file

@ -179,7 +179,7 @@ PUBLIC int pm_exec(int proc_e, char *path, vir_bytes path_len, char *frame,
if ((vp->v_mode & I_TYPE) != I_REGULAR)
r = ENOEXEC;
else if ((r1 = forbidden(vp, X_BIT)) != OK)
else if ((r1 = forbidden(fp, vp, X_BIT)) != OK)
r = r1;
else
r = req_stat(vp->v_fs_e, vp->v_inode_nr, VFS_PROC_NR,

View file

@ -66,7 +66,7 @@ PUBLIC int do_link()
if (vp->v_fs_e != dirp->v_fs_e)
r = EXDEV;
else
r = forbidden(dirp, W_BIT | X_BIT);
r = forbidden(fp, dirp, W_BIT | X_BIT);
if (r == OK)
r = req_link(vp->v_fs_e, dirp->v_inode_nr, fullpath,
@ -117,7 +117,7 @@ PUBLIC int do_unlink()
}
/* The caller must have both search and execute permission */
if ((r = forbidden(dirp, X_BIT | W_BIT)) != OK) {
if ((r = forbidden(fp, dirp, X_BIT | W_BIT)) != OK) {
unlock_vnode(dirp);
unlock_vmnt(vmp);
put_vnode(dirp);
@ -243,8 +243,8 @@ PUBLIC int do_rename()
if (old_dirp->v_fs_e != new_dirp->v_fs_e) r = EXDEV;
/* Parent dirs must be writable, searchable and on a writable device */
if ((r1 = forbidden(old_dirp, W_BIT|X_BIT)) != OK ||
(r1 = forbidden(new_dirp, W_BIT|X_BIT)) != OK) r = r1;
if ((r1 = forbidden(fp, old_dirp, W_BIT|X_BIT)) != OK ||
(r1 = forbidden(fp, new_dirp, W_BIT|X_BIT)) != OK) r = r1;
if (r == OK) {
tll_upgrade(&oldvmp->m_lock); /* Upgrade to exclusive access */
@ -289,7 +289,7 @@ PUBLIC int do_truncate()
if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code);
/* Ask FS to truncate the file */
if ((r = forbidden(vp, W_BIT)) == OK)
if ((r = forbidden(fp, vp, W_BIT)) == OK)
r = truncate_vnode(vp, m_in.flength);
unlock_vnode(vp);
@ -366,7 +366,7 @@ PUBLIC int do_slink()
if ((vp = last_dir(&resolve, fp)) == NULL) return(err_code);
if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
r = req_slink(vp->v_fs_e, vp->v_inode_nr, fullpath, who_e,
m_in.name1, m_in.name1_length - 1, fp->fp_effuid,
fp->fp_effgid);

View file

@ -139,13 +139,13 @@ PUBLIC int common_open(char path[PATH_MAX], int oflags, mode_t omode)
/* Only do the normal open code if we didn't just create the file. */
if (exist) {
/* Check protections. */
if ((r = forbidden(vp, bits)) == OK) {
if ((r = forbidden(fp, vp, bits)) == OK) {
/* Opening reg. files, directories, and special files differ */
switch (vp->v_mode & I_TYPE) {
case I_REGULAR:
/* Truncate regular file if O_TRUNC. */
if (oflags & O_TRUNC) {
if ((r = forbidden(vp, W_BIT)) != OK)
if ((r = forbidden(fp, vp, W_BIT)) != OK)
break;
truncate_vnode(vp, 0);
}
@ -351,7 +351,7 @@ PRIVATE struct vnode *new_node(struct lookup *resolve, int oflags, mode_t bits)
lock_vnode(vp, VNODE_OPCL);
if ((r = forbidden(dirp, W_BIT|X_BIT)) != OK ||
if ((r = forbidden(fp, dirp, W_BIT|X_BIT)) != OK ||
(r = req_create(dirp->v_fs_e, dirp->v_inode_nr,bits, fp->fp_effuid,
fp->fp_effgid, path, &res)) != OK ) {
/* Can't create inode either due to permissions or some other
@ -530,7 +530,7 @@ PUBLIC int do_mknod()
/* Make sure that the object is a directory */
if ((vp->v_mode & I_TYPE) != I_DIRECTORY) {
r = ENOTDIR;
} else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
} else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
r = req_mknod(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid,
fp->fp_effgid, bits, m_in.mk_z0);
}
@ -566,7 +566,7 @@ PUBLIC int do_mkdir()
/* Make sure that the object is a directory */
if ((vp->v_mode & I_TYPE) != I_DIRECTORY) {
r = ENOTDIR;
} else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) {
} else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) {
r = req_mkdir(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid,
fp->fp_effgid, bits);
}

View file

@ -795,7 +795,7 @@ size_t pathlen;
if ((vp = eat_path(&resolve, rfp)) == NULL) return(err_code);
/* check permissions */
r = forbidden(vp, (R_BIT | W_BIT));
r = forbidden(rfp, vp, (R_BIT | W_BIT));
unlock_vnode(vp);
unlock_vmnt(vmp);

View file

@ -198,7 +198,7 @@ PUBLIC int do_access()
return(err_code);
if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code);
r = forbidden(vp, m_in.mode);
r = forbidden(fp, vp, m_in.mode);
unlock_vnode(vp);
unlock_vmnt(vmp);
@ -211,7 +211,7 @@ PUBLIC int do_access()
/*===========================================================================*
* forbidden *
*===========================================================================*/
PUBLIC int forbidden(struct vnode *vp, mode_t access_desired)
PUBLIC int forbidden(struct fproc *rfp, struct vnode *vp, mode_t access_desired)
{
/* Given a pointer to an vnode, 'vp', and the access desired, determine
* if the access is allowed, and if not why not. The routine looks up the
@ -228,8 +228,8 @@ PUBLIC int forbidden(struct vnode *vp, mode_t access_desired)
/* Isolate the relevant rwx bits from the mode. */
bits = vp->v_mode;
uid = (call_nr == ACCESS ? fp->fp_realuid : fp->fp_effuid);
gid = (call_nr == ACCESS ? fp->fp_realgid : fp->fp_effgid);
uid = (call_nr == ACCESS ? rfp->fp_realuid : rfp->fp_effuid);
gid = (call_nr == ACCESS ? rfp->fp_realgid : rfp->fp_effgid);
if (uid == SU_UID) {
/* Grant read and write permission. Grant search permission for

View file

@ -210,7 +210,8 @@ _PROTOTYPE( int do_access, (void) );
_PROTOTYPE( int do_chmod, (void) );
_PROTOTYPE( int do_chown, (void) );
_PROTOTYPE( int do_umask, (void) );
_PROTOTYPE( int forbidden, (struct vnode *vp, mode_t access_desired) );
_PROTOTYPE( int forbidden, (struct fproc *rfp, struct vnode *vp,
mode_t access_desired) );
_PROTOTYPE( int read_only, (struct vnode *vp) );
/* read.c */

View file

@ -111,7 +111,7 @@ struct vnode *vp; /* this is what the inode has to become */
if ((vp->v_mode & I_TYPE) != I_DIRECTORY)
r = ENOTDIR;
else
r = forbidden(vp, X_BIT); /* Check if dir is searchable*/
r = forbidden(fp, vp, X_BIT); /* Check if dir is searchable*/
if (r != OK) return(r);
/* Everything is OK. Make the change. */

View file

@ -45,7 +45,7 @@ PUBLIC int do_utime()
/* Only the owner of a file or the super user can change its name. */
r = OK;
if (vp->v_uid != fp->fp_effuid && fp->fp_effuid != SU_UID) r = EPERM;
if (m_in.utime_length == 0 && r != OK) r = forbidden(vp, W_BIT);
if (m_in.utime_length == 0 && r != OK) r = forbidden(fp, vp, W_BIT);
if (read_only(vp) != OK) r = EROFS; /* Not even su can touch if R/O */
if (r == OK) {
/* Issue request */