diff options
author | njl <njl@FreeBSD.org> | 2002-09-14 09:02:28 +0000 |
---|---|---|
committer | njl <njl@FreeBSD.org> | 2002-09-14 09:02:28 +0000 |
commit | 0590c43070aac7fb636a1f4c4b94469046a317a0 (patch) | |
tree | e9205d0e4985af46af0db4bd26e9662b1c25f85b /sys/kern | |
parent | bb76739de046ae1f81a36e96d18f0ee3b1afd323 (diff) | |
download | FreeBSD-src-0590c43070aac7fb636a1f4c4b94469046a317a0.zip FreeBSD-src-0590c43070aac7fb636a1f4c4b94469046a317a0.tar.gz |
Remove all use of vnode->v_tag, replacing with appropriate substitutes.
v_tag is now const char * and should only be used for debugging.
Additionally:
1. All users of VT_NTS now check vfsconf->vf_type VFCF_NETWORK
2. The user of VT_PROCFS now checks for the new flag VV_PROCDEP, which
is propagated by pseudofs to all child vnodes if the fs sets PFS_PROCDEP.
Suggested by: phk
Reviewed by: bde, rwatson (earlier version)
Diffstat (limited to 'sys/kern')
-rw-r--r-- | sys/kern/kern_descrip.c | 17 | ||||
-rw-r--r-- | sys/kern/kern_mac.c | 8 | ||||
-rw-r--r-- | sys/kern/vfs_bio.c | 3 | ||||
-rw-r--r-- | sys/kern/vfs_subr.c | 16 |
4 files changed, 24 insertions, 20 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index d88156b..9c091bd 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -53,6 +53,7 @@ #include <sys/kernel.h> #include <sys/sysctl.h> #include <sys/vnode.h> +#include <sys/mount.h> #include <sys/proc.h> #include <sys/namei.h> #include <sys/file.h> @@ -1407,11 +1408,8 @@ fdfree(td) /* * For setugid programs, we don't want to people to use that setugidness * to generate error messages which write to a file which otherwise would - * otherwise be off-limits to the process. - * - * This is a gross hack to plug the hole. A better solution would involve - * a special vop or other form of generalized access control mechanism. We - * go ahead and just reject all procfs filesystems accesses as dangerous. + * otherwise be off-limits to the process. We check for filesystems where + * the vnode can change out from under us after execve (like [lin]procfs). * * Since setugidsafety calls this only for fd 0, 1 and 2, this check is * sufficient. We also don't for check setugidness since we know we are. @@ -1419,9 +1417,12 @@ fdfree(td) static int is_unsafe(struct file *fp) { - if (fp->f_type == DTYPE_VNODE && - ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS) - return (1); + if (fp->f_type == DTYPE_VNODE) { + struct vnode *vp = (struct vnode *)fp->f_data; + + if ((vp->v_vflag & VV_PROCDEP) != 0) + return (1); + } return (0); } diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index 07d7b2d..5926f55 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -1116,9 +1116,9 @@ vn_refreshlabel(struct vnode *vp, struct ucred *cred) return (0); */ /* printf("vn_refreshlabel: null v_mount\n"); */ - if (vp->v_tag != VT_NON) + if (vp->v_type != VNON) printf( - "vn_refreshlabel: null v_mount with non-VT_NON\n"); + "vn_refreshlabel: null v_mount with non-VNON\n"); return (EBADF); } @@ -2951,8 +2951,8 @@ vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred) if (vp->v_mount == NULL) { /* printf("vn_setlabel: null v_mount\n"); */ - if (vp->v_tag != VT_NON) - printf("vn_setlabel: null v_mount with non-VT_NON\n"); + if (vp->v_type != VNON) + printf("vn_setlabel: null v_mount with non-VNON\n"); return (EBADF); } diff --git a/sys/kern/vfs_bio.c b/sys/kern/vfs_bio.c index 8490644..a4e0397 100644 --- a/sys/kern/vfs_bio.c +++ b/sys/kern/vfs_bio.c @@ -1211,7 +1211,8 @@ brelse(struct buf * bp) * background write. */ if ((bp->b_flags & B_VMIO) - && !(bp->b_vp->v_tag == VT_NFS && + && !(bp->b_vp->v_mount != NULL && + (bp->b_vp->v_mount->mnt_vfc->vfc_flags & VFCF_NETWORK) != 0 && !vn_isdisk(bp->b_vp, NULL) && (bp->b_flags & B_DELWRI)) ) { diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index b0be385..933a17f 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -792,7 +792,7 @@ done: */ int getnewvnode(tag, mp, vops, vpp) - enum vtagtype tag; + const char *tag; struct mount *mp; vop_t **vops; struct vnode **vpp; @@ -1591,14 +1591,16 @@ sched_sync(void) s = splbio(); if (LIST_FIRST(slp) == vp) { /* - * Note: v_tag VT_VFS vps can remain on the + * Note: VFS vnodes can remain on the * worklist too with no dirty blocks, but * since sync_fsync() moves it to a different * slot we are safe. */ if (TAILQ_EMPTY(&vp->v_dirtyblkhd) && - !vn_isdisk(vp, NULL)) - panic("sched_sync: fsync failed vp %p tag %d", vp, vp->v_tag); + !vn_isdisk(vp, NULL)) { + panic("sched_sync: fsync failed " + "vp %p tag %s", vp, vp->v_tag); + } /* * Put us back on the worklist. The worklist * routine will remove us from our current @@ -1812,7 +1814,7 @@ bdevvp(dev, vpp) } if (vfinddev(dev, VCHR, vpp)) return (0); - error = getnewvnode(VT_NON, (struct mount *)0, spec_vnodeop_p, &nvp); + error = getnewvnode("none", (struct mount *)0, spec_vnodeop_p, &nvp); if (error) { *vpp = NULLVP; return (error); @@ -2382,7 +2384,7 @@ vclean(vp, flags, td) vp->v_op = dead_vnodeop_p; if (vp->v_pollinfo != NULL) vn_pollgone(vp); - vp->v_tag = VT_NON; + vp->v_tag = "none"; vp->v_iflag &= ~VI_XLOCK; vp->v_vxproc = NULL; if (vp->v_iflag & VI_XWANT) { @@ -3190,7 +3192,7 @@ vfs_allocate_syncvnode(mp) int error; /* Allocate a new vnode */ - if ((error = getnewvnode(VT_VFS, mp, sync_vnodeop_p, &vp)) != 0) { + if ((error = getnewvnode("vfs", mp, sync_vnodeop_p, &vp)) != 0) { mp->mnt_syncer = NULL; return (error); } |