diff options
| author | jh <jh@FreeBSD.org> | 2012-04-10 15:59:37 +0000 |
|---|---|---|
| committer | jh <jh@FreeBSD.org> | 2012-04-10 15:59:37 +0000 |
| commit | a1ada6f9c66040c707e2f2b0717d8fa572553ad0 (patch) | |
| tree | f395af4f7a55d38376b42fc0bf4f88ad8de58486 /sys/ufs | |
| parent | 3efe44ddf85973b60312802cf3d09838fa5e7984 (diff) | |
| download | FreeBSD-src-a1ada6f9c66040c707e2f2b0717d8fa572553ad0.zip FreeBSD-src-a1ada6f9c66040c707e2f2b0717d8fa572553ad0.tar.gz | |
- Return EPERM from ufs_setattr() when an user without PRIV_VFS_SYSFLAGS
privilege attempts to toggle SF_SETTABLE flags.
- Use the '^' operator in the SF_SNAPSHOT anti-toggling check.
Flags are now stored to ip->i_flags in one place after all checks.
Submitted by: bde
Diffstat (limited to 'sys/ufs')
| -rw-r--r-- | sys/ufs/ufs/ufs_vnops.c | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 811237e..ac5b080 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -555,23 +555,17 @@ ufs_setattr(ap) if (error) return (error); } - /* Snapshot flag cannot be set or cleared */ - if (((vap->va_flags & SF_SNAPSHOT) != 0 && - (ip->i_flags & SF_SNAPSHOT) == 0) || - ((vap->va_flags & SF_SNAPSHOT) == 0 && - (ip->i_flags & SF_SNAPSHOT) != 0)) + /* The snapshot flag cannot be toggled. */ + if ((vap->va_flags ^ ip->i_flags) & SF_SNAPSHOT) return (EPERM); - ip->i_flags = vap->va_flags; - DIP_SET(ip, i_flags, vap->va_flags); } else { if (ip->i_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || - (vap->va_flags & UF_SETTABLE) != vap->va_flags) + ((vap->va_flags ^ ip->i_flags) & SF_SETTABLE)) return (EPERM); - ip->i_flags &= SF_SETTABLE; - ip->i_flags |= (vap->va_flags & UF_SETTABLE); - DIP_SET(ip, i_flags, ip->i_flags); } + ip->i_flags = vap->va_flags; + DIP_SET(ip, i_flags, vap->va_flags); ip->i_flag |= IN_CHANGE; error = UFS_UPDATE(vp, 0); if (ip->i_flags & (IMMUTABLE | APPEND)) |
