diff options
| author | csjp <csjp@FreeBSD.org> | 2008-07-31 16:57:41 +0000 |
|---|---|---|
| committer | csjp <csjp@FreeBSD.org> | 2008-07-31 16:57:41 +0000 |
| commit | 743d0edd9200e99955e096f8c7d04c3712e3c463 (patch) | |
| tree | c616ad9966bbd6fee782592f1c5f3daa8fffa61d /sys/kern | |
| parent | 26ada4b390d67732f86ca80952574ba039eecdf5 (diff) | |
| download | FreeBSD-src-743d0edd9200e99955e096f8c7d04c3712e3c463.zip FreeBSD-src-743d0edd9200e99955e096f8c7d04c3712e3c463.tar.gz | |
Currently, BSM audit pathname token generation for chrooted or jailed
processes are not producing absolute pathname tokens. It is required
that audited pathnames are generated relative to the global root mount
point. This modification changes our implementation of audit_canon_path(9)
and introduces a new function: vn_fullpath_global(9) which performs a
vnode -> pathname translation relative to the global mount point based
on the contents of the name cache. Much like vn_fullpath,
vn_fullpath_global is a wrapper function which called vn_fullpath1.
Further, the string parsing routines have been converted to use the
sbuf(9) framework. This change also removes the conditional acquisition
of Giant, since the vn_fullpath1 method will not dip into file system
dependent code.
The vnode locking was modified to use vhold()/vdrop() instead the vref()
and vrele(). This will modify the hold count instead of modifying the
user count. This makes more sense since it's the kernel that requires
the reference to the vnode. This also makes sure that the vnode does not
get recycled we hold the reference to it. [1]
Discussed with: rwatson
Reviewed by: kib [1]
MFC after: 2 weeks
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/vfs_cache.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 0f12f96..ff18009 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -754,6 +754,32 @@ vn_fullpath(struct thread *td, struct vnode *vn, char **retbuf, char **freebuf) } /* + * This function is similar to vn_fullpath, but it attempts to lookup the + * pathname relative to the global root mount point. This is required for the + * auditing sub-system, as audited pathnames must be absolute, relative to the + * global root mount point. + */ +int +vn_fullpath_global(struct thread *td, struct vnode *vn, + char **retbuf, char **freebuf) +{ + char *buf; + int error; + + if (disablefullpath) + return (ENODEV); + if (vn == NULL) + return (EINVAL); + buf = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); + error = vn_fullpath1(td, vn, rootvnode, buf, retbuf, MAXPATHLEN); + if (!error) + *freebuf = buf; + else + free(buf, M_TEMP); + return (error); +} + +/* * The magic behind kern___getcwd() and vn_fullpath(). */ static int |
