d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do a bit more work in the aio code to simulate the credential environment

Browse Source 
of the original AIO request: save and restore the active thread credential
as well as using the file credential, since MAC (and some other bits of
the system) rely on the thread credential instead of/as well as the
file credential.  In brief: cache td->td_ucred when the AIO operation
is queued, temporarily set and restore the kernel thread credential,
and release the credential when done.  Similar to ktrace credential
management.

Reviewed by:	alc
Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
This commit is contained in:
Robert Watson 2002-11-07 20:46:37 +00:00
parent 0285334bc8
commit f8f750c53e
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=106574
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/kern/vfs_aio.c
View File

@ -175,6 +175,7 @@ struct aiocblist {
struct callout_handle timeouthandle;
struct buf *bp; /* Buffer pointer */
struct proc *userproc; /* User process */ /* Not td! */
struct ucred *cred; /* Active credential when created */
struct file *fd_file; /* Pointer to file structure */
struct aio_liojob *lio; /* Optional lio job */
struct aiocb *uuaiocb; /* Pointer in userspace of aiocb */
@ -507,6 +508,7 @@ aio_free_entry(struct aiocblist *aiocbe)
aiocbe->jobstate = JOBST_NULL;
untimeout(process_signal, aiocbe, aiocbe->timeouthandle);
fdrop(aiocbe->fd_file, curthread);
crfree(aiocbe->cred);
uma_zfree(aiocb_zone, aiocbe);
return 0;
}
@ -667,6 +669,7 @@ aio_selectjob(struct aiothreadlist *aiop)
static void
aio_process(struct aiocblist *aiocbe)
{
struct ucred *td_savedcred;
struct thread *td;
struct proc *mycp;
struct aiocb *cb;
@ -679,6 +682,8 @@ aio_process(struct aiocblist *aiocbe)
int inblock_st, inblock_end;
td = curthread;
td_savedcred = td->td_ucred;
td->td_ucred = aiocbe->cred;
mycp = td->td_proc;
cb = &aiocbe->uaiocb;
fp = aiocbe->fd_file;
@ -726,6 +731,7 @@ aio_process(struct aiocblist *aiocbe)
cnt -= auio.uio_resid;
cb->_aiocb_private.error = error;
cb->_aiocb_private.status = cnt;
td->td_ucred = td_savedcred;
}
/*
@ -1408,6 +1414,7 @@ _aio_aqueue(struct thread *td, struct aiocb *job, struct aio_liojob *lj, int typ
suword(&job->_aiocb_private.error, EINPROGRESS);
aiocbe->uaiocb._aiocb_private.error = EINPROGRESS;
aiocbe->userproc = p;
aiocbe->cred = crhold(td->td_ucred);
aiocbe->jobflags = 0;
aiocbe->lio = lj;
ki = p->p_aioinfo;