d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8677689134
freebsd-dev/sys
History
Christian S.J. Peron 8677689134 Ensure that file flags such as schg, sappnd (and others) are honored 
by md(4). Before this change, it was possible to by-pass these flags
by creating memory disks which used a file as a backing store and
writing to the device.

This was discussed by the security team, and although this is problematic,
it was decided that it was not critical as we never guarantee that root will
be restricted.

This change implements the following behavior changes:

-If the user specifies the readonly flag, unset write operations before
 opening the file. If the FWRITE mask is unset, the device will be
 created with the MD_READONLY mask set. (readonly)
-Add a check in g_md_access which checks to see if the MD_READONLY mask
 is set, if so return EROFS
-Do not gracefully downgrade access modes without telling the user. Instead
 make the user specify their intentions for the device (assuming the file is
 read only). This seems like the more correct way to handle things.

This is a RELENG_6 candidate.

PR:		kern/84635
Reviewed by:	phk
2005-08-17 01:24:55 +00:00
..
alpha Add hints for uart(4). These are the same as for sio(4) and make it 2005-08-06 19:24:22 +00:00
amd64 Simplify the page table page reference counting by pmap_enter()'s change of 2005-08-14 20:02:50 +00:00
arm - Add support for saving stack traces and displaying them via printf(9) 2005-08-03 04:27:40 +00:00
boot - Change the code that determines whether to use a serial console and 2005-08-15 20:58:36 +00:00
bsm For consistency with more system include files, add a trailing '_' to 2005-05-29 16:11:34 +00:00
cam Merge the dev_clone and dev_clone_cred event handlers into a single 2005-08-08 19:55:32 +00:00
coda Merge the dev_clone and dev_clone_cred event handlers into a single 2005-08-08 19:55:32 +00:00
compat Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and 2005-08-09 10:20:02 +00:00
conf Add code for Ext2FS and ReiserFS labels recognition. 2005-08-12 00:27:45 +00:00
contrib Wrap the new world order in __FreeBSD__ to ease future imports. 2005-08-09 11:59:02 +00:00
crypto Unbreak the world build (in sbin/gbde). This file is used by both 2005-08-17 00:24:20 +00:00
ddb Remove the need to forward declare statics by moving them around. 2005-08-10 07:08:14 +00:00
dev Ensure that file flags such as schg, sappnd (and others) are honored 2005-08-17 01:24:55 +00:00
doc
fs Collect the devfs related sysctls in one place 2005-08-16 19:25:02 +00:00
gdb check return value of gdb_rx_varhex 2005-03-28 18:31:18 +00:00
geom remove stale comments 2005-08-16 20:03:29 +00:00
gnu Repair this: 2005-07-09 18:30:31 +00:00
i4b Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and 2005-08-09 10:20:02 +00:00
i386 Clarify a comment. 2005-08-16 18:15:17 +00:00
ia64 Remove the execute permission for stacks. 2005-08-14 23:17:59 +00:00
isa Add pnp and location info for the ISA bus. The pnp info is the 2005-08-01 07:03:10 +00:00
isofs/cd9660 - restore the ability to mount cd9660 filesystems as root by inverting 2005-08-14 04:19:36 +00:00
kern Save cpu level only when priority is greater than PRIO_USER 2005-08-16 20:03:08 +00:00
libkern Ha! This is a very interesting bug. 2005-08-08 19:38:00 +00:00
modules Add code for Ext2FS and ReiserFS labels recognition. 2005-08-12 00:27:45 +00:00
net - Move IF_ADDR_LOCK_DESTROY(ifp) from if_free to if_free_type. 2005-08-16 17:02:35 +00:00
net80211 revert 1.64: we cannot use the channel characteristics to decide when to 2005-08-13 17:50:21 +00:00
netatalk Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is 2005-07-05 23:39:51 +00:00
netatm Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and 2005-08-09 10:20:02 +00:00
netgraph Use the ISO standard function variable vs. a GCC'ism. 2005-08-10 06:25:41 +00:00
netinet Fix broken build of rev. 1.108 in case of no INET6 and IPFIREWALL 2005-08-14 18:20:33 +00:00
netinet6 avoid exclusive sleep mutex. 2005-08-16 19:49:10 +00:00
netipsec Correct typo in a comment describing vshiftl(). 2005-06-02 23:56:10 +00:00
netipx Stop embedding struct ifnet at the top of driver softcs. Instead the 2005-06-10 16:49:24 +00:00
netkey fix build without option INET6. 2005-07-30 20:10:31 +00:00
netnatm Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and 2005-08-09 10:20:02 +00:00
netncp Change API of mb_copy_t in libmchain so that netsmb can handle 2005-07-29 13:22:37 +00:00
netsmb Merge the dev_clone and dev_clone_cred event handlers into a single 2005-08-08 19:55:32 +00:00
nfs Fixes for NFS crashes on architectures that require strict alignment. 2005-07-14 20:08:27 +00:00
nfs4client - We want if (mrep != NULL) not if (m_freem != NULL). m_freem will never 2005-04-25 05:11:19 +00:00
nfsclient FIx for a bug in the change that made nfs_timer() MPSAFE. We need to 2005-07-27 15:06:26 +00:00
nfsserver NFS write gathering defers execution of NFS server write requests to wait 2005-04-17 16:25:36 +00:00
opencrypto Check key size for rijndael, as invalid key size can lead to kernel panic. 2005-08-16 18:59:00 +00:00
pc98 MFi386: revision 1.1204. 2005-07-21 11:13:12 +00:00
pccard Change a directory layout for pc98. 2005-05-10 12:02:18 +00:00
pci * Solve "No PHY found" problem for more Yukon Lite variants. 2005-08-13 11:13:12 +00:00
posix4 Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00
powerpc Remove unnecessary and alarming printf. 2005-08-16 02:38:02 +00:00
rpc - Don't call rpcclnt_realign() if we don't have any mbufs to realign. 2005-03-19 01:16:25 +00:00
security Insert a series of place-holder function pointers in mac_policy.h for 2005-08-08 16:09:33 +00:00
sparc64 Now that at least some screen savers work on sparc64 sync with other 2005-08-15 21:15:07 +00:00
sys Create a new internal .h file to communicate very private stuff 2005-08-16 19:08:01 +00:00
tools Allow EVFILT_VNODE events to work on every filesystem type, not just 2005-06-09 20:20:31 +00:00
ufs Delay freeing disk space for file system blocks until all dirty buffers 2005-07-31 20:24:14 +00:00
vm Do not use vm_pager_init() to initialize vnode_pbuf_freecnt variable. 2005-08-13 20:21:33 +00:00
Makefile When building cscopnamefile, default architecture to ${MACHINE}, not i386. 2005-03-08 00:09:41 +00:00