diff options
author | kib <kib@FreeBSD.org> | 2009-06-21 19:21:01 +0000 |
---|---|---|
committer | kib <kib@FreeBSD.org> | 2009-06-21 19:21:01 +0000 |
commit | 2fc79768f33d575d200ae1482dc23207f9d93703 (patch) | |
tree | 16815288a4df4ec66279d1a1e04aabcdf84a88c9 | |
parent | b69e15d521bbb1550dc659223e33c2343e332269 (diff) | |
download | FreeBSD-src-2fc79768f33d575d200ae1482dc23207f9d93703.zip FreeBSD-src-2fc79768f33d575d200ae1482dc23207f9d93703.tar.gz |
Add explicit struct ucred * argument for VOP_VPTOCNP, to be used by
vn_open_cred in default implementation. Valid struct ucred is needed for
audit and MAC, and curthread credentials may be wrong.
This further requires modifying the interface of vn_fullpath(9), but it
is out of scope of this change.
Reviewed by: rwatson
-rw-r--r-- | sys/fs/nullfs/null_vnops.c | 3 | ||||
-rw-r--r-- | sys/kern/vfs_cache.c | 16 | ||||
-rw-r--r-- | sys/kern/vfs_default.c | 9 | ||||
-rw-r--r-- | sys/kern/vnode_if.src | 1 | ||||
-rw-r--r-- | sys/sys/vnode.h | 3 |
5 files changed, 19 insertions, 13 deletions
diff --git a/sys/fs/nullfs/null_vnops.c b/sys/fs/nullfs/null_vnops.c index 36eee63..a028b63 100644 --- a/sys/fs/nullfs/null_vnops.c +++ b/sys/fs/nullfs/null_vnops.c @@ -747,6 +747,7 @@ null_vptocnp(struct vop_vptocnp_args *ap) struct vnode *vp = ap->a_vp; struct vnode **dvp = ap->a_vpp; struct vnode *lvp, *ldvp; + struct ucred *cred = ap->a_cred; int error, locked; if (vp->v_type == VDIR) @@ -757,7 +758,7 @@ null_vptocnp(struct vop_vptocnp_args *ap) vhold(lvp); VOP_UNLOCK(vp, 0); /* vp is held by vn_vptocnp_locked that called us */ ldvp = lvp; - error = vn_vptocnp(&ldvp, ap->a_buf, ap->a_buflen); + error = vn_vptocnp(&ldvp, cred, ap->a_buf, ap->a_buflen); vdrop(lvp); if (error != 0) { vn_lock(vp, locked | LK_RETRY); diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 0bd7975..f21f4af 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -206,7 +206,8 @@ SYSCTL_OPAQUE(_vfs_cache, OID_AUTO, nchstats, CTLFLAG_RD | CTLFLAG_MPSAFE, static void cache_zap(struct namecache *ncp); -static int vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen); +static int vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf, + u_int *buflen); static int vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, char *buf, char **retbuf, u_int buflen); @@ -1037,12 +1038,12 @@ vn_fullpath_global(struct thread *td, struct vnode *vn, } int -vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen) +vn_vptocnp(struct vnode **vp, struct ucred *cred, char *buf, u_int *buflen) { int error; CACHE_RLOCK(); - error = vn_vptocnp_locked(vp, buf, buflen); + error = vn_vptocnp_locked(vp, cred, buf, buflen); if (error == 0) { /* * vn_vptocnp_locked() dropped hold acquired by @@ -1057,7 +1058,8 @@ vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen) } static int -vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen) +vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf, + u_int *buflen) { struct vnode *dvp; struct namecache *ncp; @@ -1089,7 +1091,7 @@ vn_vptocnp_locked(struct vnode **vp, char *buf, u_int *buflen) CACHE_RUNLOCK(); vfslocked = VFS_LOCK_GIANT((*vp)->v_mount); vn_lock(*vp, LK_SHARED | LK_RETRY); - error = VOP_VPTOCNP(*vp, &dvp, buf, buflen); + error = VOP_VPTOCNP(*vp, &dvp, cred, buf, buflen); VOP_UNLOCK(*vp, 0); vdrop(*vp); VFS_UNLOCK_GIANT(vfslocked); @@ -1137,7 +1139,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, numfullpathcalls++; CACHE_RLOCK(); if (vp->v_type != VDIR) { - error = vn_vptocnp_locked(&vp, buf, &buflen); + error = vn_vptocnp_locked(&vp, td->td_ucred, buf, &buflen); if (error) return (error); if (buflen == 0) { @@ -1167,7 +1169,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, error, vp, NULL, 0, 0); break; } - error = vn_vptocnp_locked(&vp, buf, &buflen); + error = vn_vptocnp_locked(&vp, td->td_ucred, buf, &buflen); if (error) break; if (buflen == 0) { diff --git a/sys/kern/vfs_default.c b/sys/kern/vfs_default.c index c98dad0..86ab01e 100644 --- a/sys/kern/vfs_default.c +++ b/sys/kern/vfs_default.c @@ -693,6 +693,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap) { struct vnode *vp = ap->a_vp; struct vnode **dvp = ap->a_vpp; + struct ucred *cred = ap->a_cred; char *buf = ap->a_buf; int *buflen = ap->a_buflen; char *dirbuf, *cpos; @@ -713,7 +714,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap) if (vp->v_type != VDIR) return (ENOENT); - error = VOP_GETATTR(vp, &va, td->td_ucred); + error = VOP_GETATTR(vp, &va, cred); if (error) return (error); @@ -723,7 +724,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap) NDINIT_ATVP(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "..", vp, td); flags = FREAD; - error = vn_open_cred(&nd, &flags, 0, VN_OPEN_NOAUDIT, NULL, NULL); + error = vn_open_cred(&nd, &flags, 0, VN_OPEN_NOAUDIT, cred, NULL); if (error) { vn_lock(vp, locked | LK_RETRY); return (error); @@ -738,7 +739,7 @@ vop_stdvptocnp(struct vop_vptocnp_args *ap) *dvp = (*dvp)->v_mount->mnt_vnodecovered; VREF(mvp); VOP_UNLOCK(mvp, 0); - vn_close(mvp, FREAD, td->td_ucred, td); + vn_close(mvp, FREAD, cred, td); VREF(*dvp); vn_lock(*dvp, LK_EXCLUSIVE | LK_RETRY); covered = 1; @@ -803,7 +804,7 @@ out: vrele(mvp); } else { VOP_UNLOCK(mvp, 0); - vn_close(mvp, FREAD, td->td_ucred, td); + vn_close(mvp, FREAD, cred, td); } vn_lock(vp, locked | LK_RETRY); return (error); diff --git a/sys/kern/vnode_if.src b/sys/kern/vnode_if.src index 49cc782..c9f20e3 100644 --- a/sys/kern/vnode_if.src +++ b/sys/kern/vnode_if.src @@ -607,6 +607,7 @@ vop_vptofh { vop_vptocnp { IN struct vnode *vp; OUT struct vnode **vpp; + IN struct ucred *cred; INOUT char *buf; INOUT int *buflen; }; diff --git a/sys/sys/vnode.h b/sys/sys/vnode.h index 7bd1aba..ba3816f 100644 --- a/sys/sys/vnode.h +++ b/sys/sys/vnode.h @@ -601,7 +601,8 @@ int insmntque1(struct vnode *vp, struct mount *mp, int insmntque(struct vnode *vp, struct mount *mp); u_quad_t init_va_filerev(void); int speedup_syncer(void); -int vn_vptocnp(struct vnode **vp, char *buf, u_int *buflen); +int vn_vptocnp(struct vnode **vp, struct ucred *cred, char *buf, + u_int *buflen); #define textvp_fullpath(p, rb, rfb) \ vn_fullpath(FIRST_THREAD_IN_PROC(p), (p)->p_textvp, rb, rfb) int vn_fullpath(struct thread *td, struct vnode *vn, |