diff options
| author | rodrigc <rodrigc@FreeBSD.org> | 2015-04-22 01:54:25 +0000 |
|---|---|---|
| committer | rodrigc <rodrigc@FreeBSD.org> | 2015-04-22 01:54:25 +0000 |
| commit | b5fb244c277f505abc33458d438abec0b0820b9b (patch) | |
| tree | 4a4ce32d78747f0a082c75528f944a46aa0fc6e7 /libexec | |
| parent | a303879bce8d790548f97ecf342fcb6629ee5f2b (diff) | |
| download | FreeBSD-src-b5fb244c277f505abc33458d438abec0b0820b9b.zip FreeBSD-src-b5fb244c277f505abc33458d438abec0b0820b9b.tar.gz | |
Support file verification in MAC.
* Add VCREAT flag to indicate when a new file is being created
* Add VVERIFY to indicate verification is required
* Both VCREAT and VVERIFY are only passed on the MAC method vnode_check_open
and are removed from the accmode after
* Add O_VERIFY flag to rtld open of objects
* Add 'v' flag to __sflags to set O_VERIFY flag.
Submitted by: Steve Kiernan <stevek@juniper.net>
Obtained from: Juniper Networks, Inc.
GitHub Pull Request: https://github.com/freebsd/freebsd/pull/27
Relnotes: yes
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/rtld-elf/rtld.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 78f823c..b070474 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -2165,7 +2165,7 @@ load_object(const char *name, int fd_u, const Obj_Entry *refobj, int flags) * To avoid a race, we open the file and use fstat() rather than * using stat(). */ - if ((fd = open(path, O_RDONLY | O_CLOEXEC)) == -1) { + if ((fd = open(path, O_RDONLY | O_CLOEXEC | O_VERIFY)) == -1) { _rtld_error("Cannot open \"%s\"", path); free(path); return (NULL); @@ -2855,7 +2855,7 @@ search_library_pathfds(const char *name, const char *path, int *fdp) dirfd = parse_libdir(fdstr); if (dirfd < 0) break; - fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC); + fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC | O_VERIFY); if (fd >= 0) { *fdp = fd; len = strlen(fdstr) + strlen(name) + 3; |
