d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

openat(2): add O_EMPTY_PATH

Browse Source 
It reopens the passed file descriptor, checking the file backing vnode'
current access rights against open mode. In particular, this flag allows
to convert file descriptor opened with O_PATH, into operable file
descriptor, assuming permissions allow that.

Reviewed by:	markj
Tested by:	Andrew Walker <awalker@ixsystems.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D30148
This commit is contained in:
Konstantin Belousov 2021-05-06 20:16:53 +03:00
parent c55b340f82
commit 5e7cdf1817
3 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
lib/libc/sys/open.2
View File

@ -28,7 +28,7 @@
.\" @(#)open.2 8.2 (Berkeley) 11/16/93 .\" @(#)open.2 8.2 (Berkeley) 11/16/93
.\" $FreeBSD$ .\" $FreeBSD$
.\" .\"
.Dd March 18, 2021 .Dd May 6, 2021
.Dt OPEN 2 .Dt OPEN 2
.Os .Os
.Sh NAME .Sh NAME
@ -169,6 +169,7 @@ O_CLOEXEC set FD_CLOEXEC upon open
O_VERIFY verify the contents of the file O_VERIFY verify the contents of the file
O_RESOLVE_BENEATH path resolution must not cross the fd directory O_RESOLVE_BENEATH path resolution must not cross the fd directory
O_PATH record only the target path in the opened descriptor O_PATH record only the target path in the opened descriptor
O_EMPTY_PATH openat, open file referenced by fd if path is empty
.Ed .Ed
.Pp .Pp
Opening a file with Opening a file with
@ -355,6 +356,21 @@ are not allowed.
File opened with the File opened with the
.Dv O_PATH .Dv O_PATH
flag does not prevent non-forced unmount of the volume it belongs to. flag does not prevent non-forced unmount of the volume it belongs to.
.Pp
A file descriptor created with the
.Dv O_PATH
flag can be opened into normal (operable) file descriptor by
specifying it as the
.Fa fd
argument to
.Fn openat
with empty
.Fa path
and flag
.Dv O_EMPTY_PATH .
Such an open behaves as if the current path of the file referenced by
.Fa fd
is passed, except that the path walk permissions are not checked.
See also the description of See also the description of
.Dv AT_EMPTY_PATH .Dv AT_EMPTY_PATH
flag for flag for

2
sys/kern/vfs_vnops.c
View File

@ -200,6 +200,8 @@ open2nameif(int fmode, u_int vn_open_flags)
res = ISOPEN | LOCKLEAF; res = ISOPEN | LOCKLEAF;
if ((fmode & O_RESOLVE_BENEATH) != 0) if ((fmode & O_RESOLVE_BENEATH) != 0)
res |= RBENEATH; res |= RBENEATH;
if ((fmode & O_EMPTY_PATH) != 0)
res |= EMPTYPATH;
if ((vn_open_flags & VN_OPEN_NOAUDIT) == 0) if ((vn_open_flags & VN_OPEN_NOAUDIT) == 0)
res |= AUDITVNODE1; res |= AUDITVNODE1;
if ((vn_open_flags & VN_OPEN_NOCAPCHECK) != 0) if ((vn_open_flags & VN_OPEN_NOCAPCHECK) != 0)

3
sys/sys/fcntl.h
View File

@ -141,6 +141,9 @@ typedef __pid_t pid_t;
#endif #endif
#define O_DSYNC 0x01000000 /* POSIX data sync */ #define O_DSYNC 0x01000000 /* POSIX data sync */
#if __BSD_VISIBLE
#define O_EMPTY_PATH 0x02000000
#endif
/* /*
* XXX missing O_RSYNC. * XXX missing O_RSYNC.