From 4fd85c4b5d3a8e5faf2de63e14aede642577fd00 Mon Sep 17 00:00:00 2001
From: Mateusz Guzik <mjg@FreeBSD.org>
Date: Mon, 9 Jul 2012 05:39:31 +0000
Subject: [PATCH] Follow-up commit to r238220:

Pass only FEXEC (instead of FREAD|FEXEC) in fgetvp_exec. _fget has to check for
!FWRITE anyway and may as well know about FREAD.

Make _fget code a bit more readable by converting permission checking from if()
to switch(). Assert that correct permission flags are passed.

In collaboration with:	kib
Approved by:	trasz (mentor)
MFC after:	6 days
X-MFC: with r238220
---
 sys/kern/kern_descrip.c | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index a4b7580b3666..f8e3f3d076de 100644
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -2275,8 +2275,8 @@ _fget(struct thread *td, int fd, struct file **fpp, int flags,
 	struct file *fp;
 #ifdef CAPABILITIES
 	struct file *fp_fromcap;
-	int error;
 #endif
+	int error;
 
 	*fpp = NULL;
 	if (td == NULL || (fdp = td->td_proc->p_fd) == NULL)
@@ -2315,7 +2315,7 @@ _fget(struct thread *td, int fd, struct file **fpp, int flags,
 		else
 			error = cap_funwrap_mmap(fp, needrights, maxprotp,
 			    &fp_fromcap);
-		if (error) {
+		if (error != 0) {
 			fdrop(fp, td);
 			return (error);
 		}
@@ -2341,13 +2341,29 @@ _fget(struct thread *td, int fd, struct file **fpp, int flags,
 	/*
 	 * FREAD and FWRITE failure return EBADF as per POSIX.
 	 */
-	if ((flags == FREAD && (fp->f_flag & FREAD) == 0) ||
-	    (flags == FWRITE && (fp->f_flag & FWRITE) == 0) ||
-	    (flags == (FREAD | FEXEC) &&
-	    (((fp->f_flag & flags) == 0) || ((fp->f_flag & FWRITE) != 0)))) {
-		fdrop(fp, td);
-		return (EBADF);
+	error = 0;
+	switch (flags) {
+	case FREAD:
+	case FWRITE:
+		if ((fp->f_flag & flags) == 0)
+			error = EBADF;
+		break;
+	case FEXEC:
+	    	if ((fp->f_flag & (FREAD | FEXEC)) == 0 ||
+		    ((fp->f_flag & FWRITE) != 0))
+			error = EBADF;
+		break;
+	case 0:
+		break;
+	default:
+		KASSERT(0, ("wrong flags"));
 	}
+
+	if (error != 0) {
+		fdrop(fp, td);
+		return (error);
+	}
+
 	*fpp = fp;
 	return (0);
 }
@@ -2448,7 +2464,7 @@ int
 fgetvp_exec(struct thread *td, int fd, cap_rights_t rights, struct vnode **vpp)
 {
 
-	return (_fgetvp(td, fd, FREAD | FEXEC, rights, NULL, vpp));
+	return (_fgetvp(td, fd, FEXEC, rights, NULL, vpp));
 }
 
 #ifdef notyet