On Fri, Oct 26, 2018 at 02:53:48PM +0200, Sebastien Marie wrote:
> Hi,
>
> On IRC, someone reported problem with tcpdump whereas /etc was readonly.
> I will not comment on this unsupported configuration, but instead
> looking at unveil(2) itself as it is the root cause of this particular
> problem.
>
> The problem was reported on 6.4, and my tests are done on -current
> (where the problem is still exposed).
>
> It seems unveil(2) doesn't work (generate errno EROFS) on if the path is
> on a readonly filesystem.
>
> [...]
>
> I didn't expect unveil(2) to error out if the partition is readonly.
>
> Reading code source, I see we already have code for managing exceptions
> like that. so I assume a different code path.
>
The following diff corrects my testcase.
Index: kern/vfs_lookup.c
===================================================================
RCS file: /cvs/src/sys/kern/vfs_lookup.c,v
retrieving revision 1.74
diff -u -p -r1.74 vfs_lookup.c
--- kern/vfs_lookup.c 13 Aug 2018 23:11:44 -0000 1.74
+++ kern/vfs_lookup.c 26 Oct 2018 15:53:14 -0000
@@ -549,7 +549,8 @@ dirloop:
* Allow for unveiling of a file in a directory
* where we don't have access to create it ourselves
*/
- if (ndp->ni_pledge == PLEDGE_UNVEIL && error == EACCES)
+ if (ndp->ni_pledge == PLEDGE_UNVEIL &&
+ (error == EACCES || error == EROFS))
error = EJUSTRETURN;
if (error != EJUSTRETURN)
At this specific place, we check the result of VOP_LOOKUP(9).
For now, I didn't check deeper in ufs_lookup() for the exact source of
EROFS. I will try to look that.
thanks.
--
Sebastien Marie
