vfs: Permit unix sockets to be opened with O_PATH
As with FIFOs, a path descriptor for a unix socket cannot be used with kevent(). In principle connectat(2) and bindat(2) could be modified to support an AT_EMPTY_PATH-like mode which operates on the socket referenced by an O_PATH fd referencing a unix socket. That would eliminate the path length limit imposed by sockaddr_un. Update O_PATH tests. Reviewed by: kib MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D31970
This commit is contained in:
parent
c13f6dd7d2
commit
2bd9826995
@ -399,13 +399,13 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred,
|
||||
if ((fmode & O_PATH) == 0 || (fmode & FEXEC) != 0)
|
||||
return (EMLINK);
|
||||
}
|
||||
if (vp->v_type == VSOCK)
|
||||
return (EOPNOTSUPP);
|
||||
if (vp->v_type != VDIR && fmode & O_DIRECTORY)
|
||||
return (ENOTDIR);
|
||||
|
||||
accmode = 0;
|
||||
if ((fmode & O_PATH) == 0) {
|
||||
if (vp->v_type == VSOCK)
|
||||
return (EOPNOTSUPP);
|
||||
if ((fmode & (FWRITE | O_TRUNC)) != 0) {
|
||||
if (vp->v_type == VDIR)
|
||||
return (EISDIR);
|
||||
@ -437,11 +437,8 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred,
|
||||
return (error);
|
||||
}
|
||||
if ((fmode & O_PATH) != 0) {
|
||||
if (vp->v_type == VFIFO)
|
||||
error = EPIPE;
|
||||
else
|
||||
error = VOP_ACCESS(vp, VREAD, cred, td);
|
||||
if (error == 0)
|
||||
if (vp->v_type != VFIFO && vp->v_type != VSOCK &&
|
||||
VOP_ACCESS(vp, VREAD, cred, td) == 0)
|
||||
fp->f_flag |= FKQALLOWED;
|
||||
return (0);
|
||||
}
|
||||
|
@ -845,13 +845,15 @@ ATF_TC_BODY(path_rights, tc)
|
||||
CHECKED_CLOSE(sd[1]);
|
||||
}
|
||||
|
||||
/* Verify that a local socket can't be opened with O_PATH. */
|
||||
/* Verify that a local socket can be opened with O_PATH. */
|
||||
ATF_TC_WITHOUT_HEAD(path_unix);
|
||||
ATF_TC_BODY(path_unix, tc)
|
||||
{
|
||||
char path[PATH_MAX];
|
||||
char buf[BUFSIZ], path[PATH_MAX];
|
||||
struct kevent ev;
|
||||
struct sockaddr_un sun;
|
||||
int pathfd, sd;
|
||||
struct stat sb;
|
||||
int kq, pathfd, sd;
|
||||
|
||||
snprintf(path, sizeof(path), "path_unix.XXXXXX");
|
||||
ATF_REQUIRE_MSG(mktemp(path) == path, FMT_ERR("mktemp"));
|
||||
@ -866,9 +868,31 @@ ATF_TC_BODY(path_unix, tc)
|
||||
FMT_ERR("bind"));
|
||||
|
||||
pathfd = open(path, O_PATH);
|
||||
ATF_REQUIRE_ERRNO(EOPNOTSUPP, pathfd < 0);
|
||||
ATF_REQUIRE_MSG(pathfd >= 0, FMT_ERR("open"));
|
||||
|
||||
ATF_REQUIRE_MSG(fstatat(pathfd, "", &sb, AT_EMPTY_PATH) == 0,
|
||||
FMT_ERR("fstatat"));
|
||||
ATF_REQUIRE_MSG(sb.st_mode & S_IFSOCK, "socket mode %#x", sb.st_mode);
|
||||
ATF_REQUIRE_MSG(sb.st_ino != 0, "socket has inode number 0");
|
||||
|
||||
memset(buf, 0, sizeof(buf));
|
||||
ATF_REQUIRE_ERRNO(EBADF, write(pathfd, buf, sizeof(buf)));
|
||||
ATF_REQUIRE_ERRNO(EBADF, read(pathfd, buf, sizeof(buf)));
|
||||
|
||||
/* kevent() is disallowed with sockets. */
|
||||
kq = kqueue();
|
||||
ATF_REQUIRE_MSG(kq >= 0, FMT_ERR("kqueue"));
|
||||
EV_SET(&ev, pathfd, EVFILT_READ, EV_ADD | EV_ENABLE, 0, 0, 0);
|
||||
ATF_REQUIRE_ERRNO(EBADF, kevent(kq, &ev, 1, NULL, 0, NULL) == -1);
|
||||
|
||||
/* Should not be able to open a socket without O_PATH. */
|
||||
ATF_REQUIRE_ERRNO(EOPNOTSUPP, openat(pathfd, "", O_EMPTY_PATH) == -1);
|
||||
|
||||
ATF_REQUIRE_MSG(funlinkat(AT_FDCWD, path, pathfd, 0) == 0,
|
||||
FMT_ERR("funlinkat"));
|
||||
|
||||
CHECKED_CLOSE(sd);
|
||||
CHECKED_CLOSE(pathfd);
|
||||
}
|
||||
|
||||
ATF_TP_ADD_TCS(tp)
|
||||
|
Loading…
Reference in New Issue
Block a user