d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move the initialization of the vattr flags field in setfflags() to

Browse Source 
before the MAC check so that we pass the flags field into the MAC
check properly initialized.  This didn't affect any current MAC
modules since they didn't care what the flags argument was (as
they were primarily interested in the fact that it was a meta-data
write, not the contents of the write), but would be relevant to
future modules relying on that field.

Submitted by:	Mike Halderman <mrh@spawar.navy.mil>
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
This commit is contained in:
rwatson 2003-03-05 23:15:23 +00:00
parent cd00a5e471
commit 3158a8710a
2 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/kern/vfs_extattr.c
View File

@ -1942,16 +1942,13 @@ setfflags(td, vp, flags)
return (error);
VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
VATTR_NULL(&vattr);
vattr.va_flags = flags;
#ifdef MAC
error = mac_check_vnode_setflags(td->td_ucred, vp, vattr.va_flags);
if (error == 0) {
if (error == 0)
#endif
VATTR_NULL(&vattr);
vattr.va_flags = flags;
error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
#ifdef MAC
}
#endif
VOP_UNLOCK(vp, 0, td);
vn_finished_write(mp);
return (error);

9
sys/kern/vfs_syscalls.c
View File

@ -1942,16 +1942,13 @@ setfflags(td, vp, flags)
return (error);
VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
VATTR_NULL(&vattr);
vattr.va_flags = flags;
#ifdef MAC
error = mac_check_vnode_setflags(td->td_ucred, vp, vattr.va_flags);
if (error == 0) {
if (error == 0)
#endif
VATTR_NULL(&vattr);
vattr.va_flags = flags;
error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
#ifdef MAC
}
#endif
VOP_UNLOCK(vp, 0, td);
vn_finished_write(mp);
return (error);