svn commit: r354047 - in stable: 11/sys/kern 12/sys/kern

Thu, 24 Oct 2019 13:49:32 -0700 

Author: jhb
Date: Thu Oct 24 20:48:30 2019
New Revision: 354047
URL: https://svnweb.freebsd.org/changeset/base/354047

Log:
  MFC 350549: Set ISOPEN in namei flags when opening executable interpreters.
  
  These vnodes are explicitly opened via VOP_OPEN via
  exec_check_permissions identical to the main exectuable image.
  Setting ISOPEN allows filesystems to perform suitable checks in
  VOP_LOOKUP (e.g. close-to-open consistency in the NFS client).

Modified:
  stable/12/sys/kern/imgact_elf.c
  stable/12/sys/kern/kern_exec.c
Directory Properties:
  stable/12/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/11/sys/kern/imgact_elf.c
  stable/11/sys/kern/kern_exec.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/12/sys/kern/imgact_elf.c
==============================================================================
--- stable/12/sys/kern/imgact_elf.c     Thu Oct 24 20:22:52 2019        
(r354046)
+++ stable/12/sys/kern/imgact_elf.c     Thu Oct 24 20:48:30 2019        
(r354047)
@@ -767,8 +767,8 @@ __elfN(load_file)(struct proc *p, const char *file, u_
        imgp->proc = p;
        imgp->attr = attr;
 
-       NDINIT(nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF, UIO_SYSSPACE, file,
-           curthread);
+       NDINIT(nd, LOOKUP, ISOPEN | FOLLOW | LOCKSHARED | LOCKLEAF,
+           UIO_SYSSPACE, file, curthread);
        if ((error = namei(nd)) != 0) {
                nd->ni_vp = NULL;
                goto fail;

Modified: stable/12/sys/kern/kern_exec.c
==============================================================================
--- stable/12/sys/kern/kern_exec.c      Thu Oct 24 20:22:52 2019        
(r354046)
+++ stable/12/sys/kern/kern_exec.c      Thu Oct 24 20:48:30 2019        
(r354047)
@@ -643,7 +643,7 @@ interpret:
                free(imgp->freepath, M_TEMP);
                imgp->freepath = NULL;
                /* set new name to that of the interpreter */
-               NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW | SAVENAME,
+               NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | FOLLOW | SAVENAME,
                    UIO_SYSSPACE, imgp->interpreter_name, td);
                args->fname = imgp->interpreter_name;
                goto interpret;
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to