Add explicit struct ucred * argument for VOP_VPTOCNP, to be used by
vn_open_cred in default implementation. Valid struct ucred is needed for audit and MAC, and curthread credentials may be wrong. This further requires modifying the interface of vn_fullpath(9), but it is out of scope of this change. Reviewed by: rwatson
This commit is contained in:
Konstantin Belousov
parent
04ddfac339
commit
c808c9632d
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=194601
@ -747,6 +747,7 @@ null_vptocnp(struct vop_vptocnp_args *ap)
|
||||
struct vnode *vp = ap->a_vp;
|
||||
struct vnode **dvp = ap->a_vpp;
|
||||
struct vnode *lvp, *ldvp;
|
||||
struct ucred *cred = ap->a_cred;
|
||||
int error, locked;
|
||||
|
||||
if (vp->v_type == VDIR)
|
||||
@ -757,7 +758,7 @@ null_vptocnp(struct vop_vptocnp_args *ap)
|
||||
vhold(lvp);
|
||||
VOP_UNLOCK(vp, 0); /* vp is held by vn_vptocnp_locked that called us */
|
||||
ldvp = lvp;
|
||||
error = vn_vptocnp(&ldvp, ap->a_buf, ap->a_buflen);
|
||||
error = vn_vptocnp(&ldvp, cred, ap->a_buf, ap->a_buflen);
|
||||
vdrop(lvp);
|
||||
if (error != 0) {
|
||||
vn_lock(vp, locked | LK_RETRY);
|
||||
|
||||
@ -206,7 +206,8 @@ SYSCTL_OPAQUE(_vfs_cache, OID_AUTO, nchstats, CTLFLAG_RD | CTLFLAG_MPSAFE,
|
||||
|
||||
|
||||
static void cache_zap(struct namecache *ncp);
|
||||
static int vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen);
|
||||
static int vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf,
|
||||
u_int *buflen);
|
||||
static int vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
|
||||
char *buf, char **retbuf, u_int buflen);
|
||||
|
||||
@ -1037,12 +1038,12 @@ vn_fullpath_global(struct thread *td, struct vnode *vn,
|
||||
}
|
||||
|
||||
int
|
||||
vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen)
|
||||
vn_vptocnp(struct vnode **vp, struct ucred *cred, char *buf, u_int *buflen)
|
||||
{
|
||||
int error;
|
||||
|
||||
CACHE_RLOCK();
|
||||
error = vn_vptocnp_locked(vp, buf, buflen);
|
||||
error = vn_vptocnp_locked(vp, cred, buf, buflen);
|
||||
if (error == 0) {
|
||||
/*
|
||||
* vn_vptocnp_locked() dropped hold acquired by
|
||||
@ -1057,7 +1058,8 @@ vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen)
|
||||
}
|
||||
|
||||
static int
|
||||
vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen)
|
||||
vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf,
|
||||
u_int *buflen)
|
||||
{
|
||||
struct vnode *dvp;
|
||||
struct namecache *ncp;
|
||||
@ -1089,7 +1091,7 @@ vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen)
|
||||
CACHE_RUNLOCK();
|
||||
vfslocked = VFS_LOCK_GIANT((*vp)->v_mount);
|
||||
vn_lock(*vp, LK_SHARED | LK_RETRY);
|
||||
error = VOP_VPTOCNP(*vp, &dvp, buf, buflen);
|
||||
error = VOP_VPTOCNP(*vp, &dvp, cred, buf, buflen);
|
||||
VOP_UNLOCK(*vp, 0);
|
||||
vdrop(*vp);
|
||||
VFS_UNLOCK_GIANT(vfslocked);
|
||||
@ -1137,7 +1139,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
|
||||
numfullpathcalls++;
|
||||
CACHE_RLOCK();
|
||||
if (vp->v_type != VDIR) {
|
||||
error = vn_vptocnp_locked(&vp, buf, &buflen);
|
||||
error = vn_vptocnp_locked(&vp, td->td_ucred, buf, &buflen);
|
||||
if (error)
|
||||
return (error);
|
||||
if (buflen == 0) {
|
||||
@ -1167,7 +1169,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
|
||||
error, vp, NULL, 0, 0);
|
||||
break;
|
||||
}
|
||||
error = vn_vptocnp_locked(&vp, buf, &buflen);
|
||||
error = vn_vptocnp_locked(&vp, td->td_ucred, buf, &buflen);
|
||||
if (error)
|
||||
break;
|
||||
if (buflen == 0) {
|
||||
|
||||
@ -693,6 +693,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap)
|
||||
{
|
||||
struct vnode *vp = ap->a_vp;
|
||||
struct vnode **dvp = ap->a_vpp;
|
||||
struct ucred *cred = ap->a_cred;
|
||||
char *buf = ap->a_buf;
|
||||
int *buflen = ap->a_buflen;
|
||||
char *dirbuf, *cpos;
|
||||
@ -713,7 +714,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap)
|
||||
if (vp->v_type != VDIR)
|
||||
return (ENOENT);
|
||||
|
||||
error = VOP_GETATTR(vp, &va, td->td_ucred);
|
||||
error = VOP_GETATTR(vp, &va, cred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -723,7 +724,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap)
|
||||
NDINIT_ATVP(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
|
||||
"..", vp, td);
|
||||
flags = FREAD;
|
||||
error = vn_open_cred(&nd, &flags, 0, VN_OPEN_NOAUDIT, NULL, NULL);
|
||||
error = vn_open_cred(&nd, &flags, 0, VN_OPEN_NOAUDIT, cred, NULL);
|
||||
if (error) {
|
||||
vn_lock(vp, locked | LK_RETRY);
|
||||
return (error);
|
||||
@ -738,7 +739,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap)
|
||||
*dvp = (*dvp)->v_mount->mnt_vnodecovered;
|
||||
VREF(mvp);
|
||||
VOP_UNLOCK(mvp, 0);
|
||||
vn_close(mvp, FREAD, td->td_ucred, td);
|
||||
vn_close(mvp, FREAD, cred, td);
|
||||
VREF(*dvp);
|
||||
vn_lock(*dvp, LK_EXCLUSIVE | LK_RETRY);
|
||||
covered = 1;
|
||||
@ -803,7 +804,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap)
|
||||
vrele(mvp);
|
||||
} else {
|
||||
VOP_UNLOCK(mvp, 0);
|
||||
vn_close(mvp, FREAD, td->td_ucred, td);
|
||||
vn_close(mvp, FREAD, cred, td);
|
||||
}
|
||||
vn_lock(vp, locked | LK_RETRY);
|
||||
return (error);
|
||||
|
||||
@ -607,6 +607,7 @@ vop_vptofh {
|
||||
vop_vptocnp {
|
||||
IN struct vnode *vp;
|
||||
OUT struct vnode **vpp;
|
||||
IN struct ucred *cred;
|
||||
INOUT char *buf;
|
||||
INOUT int *buflen;
|
||||
};
|
||||
|
||||
@ -601,7 +601,8 @@ int insmntque1(struct vnode *vp, struct mount *mp,
|
||||
int insmntque(struct vnode *vp, struct mount *mp);
|
||||
u_quad_t init_va_filerev(void);
|
||||
int speedup_syncer(void);
|
||||
int vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen);
|
||||
int vn_vptocnp(struct vnode **vp, struct ucred *cred, char *buf,
|
||||
u_int *buflen);
|
||||
#define textvp_fullpath(p, rb, rfb) \
|
||||
vn_fullpath(FIRST_THREAD_IN_PROC(p), (p)->p_textvp, rb, rfb)
|
||||
int vn_fullpath(struct thread *td, struct vnode *vn,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user