svn commit: r284443 - in head/sys: compat/svr4 kern ofed/include/linux security/audit

Tue, 16 Jun 2015 02:53:47 -0700 

Author: mjg
Date: Tue Jun 16 09:52:36 2015
New Revision: 284443
URL: https://svnweb.freebsd.org/changeset/base/284443

Log:
  fd: make rights a mandatory argument to fget_unlocked

Modified:
  head/sys/compat/svr4/svr4_misc.c
  head/sys/kern/kern_descrip.c
  head/sys/ofed/include/linux/file.h
  head/sys/security/audit/audit_arg.c

Modified: head/sys/compat/svr4/svr4_misc.c
==============================================================================
--- head/sys/compat/svr4/svr4_misc.c    Tue Jun 16 09:08:30 2015        
(r284442)
+++ head/sys/compat/svr4/svr4_misc.c    Tue Jun 16 09:52:36 2015        
(r284443)
@@ -622,6 +622,7 @@ svr4_sys_fchroot(td, uap)
        struct thread *td;
        struct svr4_sys_fchroot_args *uap;
 {
+       cap_rights_t rights;
        struct filedesc *fdp = td->td_proc->p_fd;
        struct vnode    *vp;
        struct file     *fp;
@@ -630,7 +631,7 @@ svr4_sys_fchroot(td, uap)
        if ((error = priv_check(td, PRIV_VFS_FCHROOT)) != 0)
                return error;
        /* XXX: we have the chroot priv... what cap might we need? all? */
-       if ((error = getvnode(fdp, uap->fd, 0, &fp)) != 0)
+       if ((error = getvnode(fdp, uap->fd, cap_rights_init(&rights), &fp)) != 
0)
                return error;
        vp = fp->f_vnode;
        VREF(vp);

Modified: head/sys/kern/kern_descrip.c
==============================================================================
--- head/sys/kern/kern_descrip.c        Tue Jun 16 09:08:30 2015        
(r284442)
+++ head/sys/kern/kern_descrip.c        Tue Jun 16 09:52:36 2015        
(r284443)
@@ -746,7 +746,8 @@ kern_fcntl(struct thread *td, int fd, in
                arg = arg ? 128 * 1024: 0;
                /* FALLTHROUGH */
        case F_READAHEAD:
-               error = fget_unlocked(fdp, fd, NULL, &fp, NULL);
+               error = fget_unlocked(fdp, fd,
+                   cap_rights_init(&rights), &fp, NULL);
                if (error != 0)
                        break;
                if (fp->f_type != DTYPE_VNODE) {
@@ -2368,11 +2369,9 @@ fget_unlocked(struct filedesc *fdp, int 
                if (fp == NULL)
                        return (EBADF);
 #ifdef CAPABILITIES
-               if (needrightsp != NULL) {
-                       error = cap_check(&haverights, needrightsp);
-                       if (error != 0)
-                               return (error);
-               }
+               error = cap_check(&haverights, needrightsp);
+               if (error != 0)
+                       return (error);
 #endif
        retry:
                count = fp->f_count;

Modified: head/sys/ofed/include/linux/file.h
==============================================================================
--- head/sys/ofed/include/linux/file.h  Tue Jun 16 09:08:30 2015        
(r284442)
+++ head/sys/ofed/include/linux/file.h  Tue Jun 16 09:52:36 2015        
(r284443)
@@ -33,6 +33,7 @@
 #include <sys/file.h>
 #include <sys/filedesc.h>
 #include <sys/refcount.h>
+#include <sys/capsicum.h>
 #include <sys/proc.h>
 
 #include <linux/fs.h>
@@ -46,10 +47,11 @@ extern struct fileops linuxfileops;
 static inline struct linux_file *
 linux_fget(unsigned int fd)
 {
+       cap_rights_t rights;
        struct file *file;
 
-       if (fget_unlocked(curthread->td_proc->p_fd, fd, NULL, &file,
-           NULL) != 0) {
+       if (fget_unlocked(curthread->td_proc->p_fd, fd,
+           cap_rights_init(&rights), &file, NULL) != 0) {
                return (NULL);
        }
        return (struct linux_file *)file->f_data;
@@ -71,10 +73,11 @@ fput(struct linux_file *filp)
 static inline void
 put_unused_fd(unsigned int fd)
 {
+       cap_rights_t rights;
        struct file *file;
 
-       if (fget_unlocked(curthread->td_proc->p_fd, fd, NULL, &file,
-           NULL) != 0) {
+       if (fget_unlocked(curthread->td_proc->p_fd, fd,
+           cap_rights_init(&rights), &file, NULL) != 0) {
                return;
        }
        /*
@@ -91,10 +94,11 @@ put_unused_fd(unsigned int fd)
 static inline void
 fd_install(unsigned int fd, struct linux_file *filp)
 {
+       cap_rights_t rights;
        struct file *file;
 
-       if (fget_unlocked(curthread->td_proc->p_fd, fd, NULL, &file,
-           NULL) != 0) {
+       if (fget_unlocked(curthread->td_proc->p_fd, fd,
+           cap_rights_init(&rights), &file, NULL) != 0) {
                file = NULL;
        }
        filp->_file = file;

Modified: head/sys/security/audit/audit_arg.c
==============================================================================
--- head/sys/security/audit/audit_arg.c Tue Jun 16 09:08:30 2015        
(r284442)
+++ head/sys/security/audit/audit_arg.c Tue Jun 16 09:52:36 2015        
(r284443)
@@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/filedesc.h>
+#include <sys/capsicum.h>
 #include <sys/ipc.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
@@ -894,6 +895,7 @@ audit_arg_fcntl_rights(uint32_t fcntlrig
 void
 audit_sysclose(struct thread *td, int fd)
 {
+       cap_rights_t rights;
        struct kaudit_record *ar;
        struct vnode *vp;
        struct file *fp;
@@ -906,7 +908,7 @@ audit_sysclose(struct thread *td, int fd
 
        audit_arg_fd(fd);
 
-       if (getvnode(td->td_proc->p_fd, fd, 0, &fp) != 0)
+       if (getvnode(td->td_proc->p_fd, fd, cap_rights_init(&rights), &fp) != 0)
                return;
 
        vp = fp->f_vnode;
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to