From: Thomas Veerman Date: Fri, 27 Jan 2012 13:54:35 +0000 (+0000) Subject: AVFS: make forbidden check for specific proc instead of fp X-Git-Tag: v3.2.0~101 X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/Bv9ARM.ch05.html?a=commitdiff_plain;h=9233fdb35955744f40969837c2b5e6629f8419b8;p=minix.git AVFS: make forbidden check for specific proc instead of fp --- diff --git a/servers/avfs/exec.c b/servers/avfs/exec.c index 7c00d3f32..3f6e4a7e2 100644 --- a/servers/avfs/exec.c +++ b/servers/avfs/exec.c @@ -179,7 +179,7 @@ PUBLIC int pm_exec(int proc_e, char *path, vir_bytes path_len, char *frame, if ((vp->v_mode & I_TYPE) != I_REGULAR) r = ENOEXEC; - else if ((r1 = forbidden(vp, X_BIT)) != OK) + else if ((r1 = forbidden(fp, vp, X_BIT)) != OK) r = r1; else r = req_stat(vp->v_fs_e, vp->v_inode_nr, VFS_PROC_NR, diff --git a/servers/avfs/link.c b/servers/avfs/link.c index dc51c2d57..4dc72b4b3 100644 --- a/servers/avfs/link.c +++ b/servers/avfs/link.c @@ -66,7 +66,7 @@ PUBLIC int do_link() if (vp->v_fs_e != dirp->v_fs_e) r = EXDEV; else - r = forbidden(dirp, W_BIT | X_BIT); + r = forbidden(fp, dirp, W_BIT | X_BIT); if (r == OK) r = req_link(vp->v_fs_e, dirp->v_inode_nr, fullpath, @@ -117,7 +117,7 @@ PUBLIC int do_unlink() } /* The caller must have both search and execute permission */ - if ((r = forbidden(dirp, X_BIT | W_BIT)) != OK) { + if ((r = forbidden(fp, dirp, X_BIT | W_BIT)) != OK) { unlock_vnode(dirp); unlock_vmnt(vmp); put_vnode(dirp); @@ -243,8 +243,8 @@ PUBLIC int do_rename() if (old_dirp->v_fs_e != new_dirp->v_fs_e) r = EXDEV; /* Parent dirs must be writable, searchable and on a writable device */ - if ((r1 = forbidden(old_dirp, W_BIT|X_BIT)) != OK || - (r1 = forbidden(new_dirp, W_BIT|X_BIT)) != OK) r = r1; + if ((r1 = forbidden(fp, old_dirp, W_BIT|X_BIT)) != OK || + (r1 = forbidden(fp, new_dirp, W_BIT|X_BIT)) != OK) r = r1; if (r == OK) { tll_upgrade(&oldvmp->m_lock); /* Upgrade to exclusive access */ @@ -289,7 +289,7 @@ PUBLIC int do_truncate() if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code); /* Ask FS to truncate the file */ - if ((r = forbidden(vp, W_BIT)) == OK) + if ((r = forbidden(fp, vp, W_BIT)) == OK) r = truncate_vnode(vp, m_in.flength); unlock_vnode(vp); @@ -366,7 +366,7 @@ PUBLIC int do_slink() if ((vp = last_dir(&resolve, fp)) == NULL) return(err_code); - if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) { + if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) { r = req_slink(vp->v_fs_e, vp->v_inode_nr, fullpath, who_e, m_in.name1, m_in.name1_length - 1, fp->fp_effuid, fp->fp_effgid); diff --git a/servers/avfs/open.c b/servers/avfs/open.c index e3cbf4470..d0c652108 100644 --- a/servers/avfs/open.c +++ b/servers/avfs/open.c @@ -139,13 +139,13 @@ PUBLIC int common_open(char path[PATH_MAX], int oflags, mode_t omode) /* Only do the normal open code if we didn't just create the file. */ if (exist) { /* Check protections. */ - if ((r = forbidden(vp, bits)) == OK) { + if ((r = forbidden(fp, vp, bits)) == OK) { /* Opening reg. files, directories, and special files differ */ switch (vp->v_mode & I_TYPE) { case I_REGULAR: /* Truncate regular file if O_TRUNC. */ if (oflags & O_TRUNC) { - if ((r = forbidden(vp, W_BIT)) != OK) + if ((r = forbidden(fp, vp, W_BIT)) != OK) break; truncate_vnode(vp, 0); } @@ -351,7 +351,7 @@ PRIVATE struct vnode *new_node(struct lookup *resolve, int oflags, mode_t bits) lock_vnode(vp, VNODE_OPCL); - if ((r = forbidden(dirp, W_BIT|X_BIT)) != OK || + if ((r = forbidden(fp, dirp, W_BIT|X_BIT)) != OK || (r = req_create(dirp->v_fs_e, dirp->v_inode_nr,bits, fp->fp_effuid, fp->fp_effgid, path, &res)) != OK ) { /* Can't create inode either due to permissions or some other @@ -530,7 +530,7 @@ PUBLIC int do_mknod() /* Make sure that the object is a directory */ if ((vp->v_mode & I_TYPE) != I_DIRECTORY) { r = ENOTDIR; - } else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) { + } else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) { r = req_mknod(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid, fp->fp_effgid, bits, m_in.mk_z0); } @@ -566,7 +566,7 @@ PUBLIC int do_mkdir() /* Make sure that the object is a directory */ if ((vp->v_mode & I_TYPE) != I_DIRECTORY) { r = ENOTDIR; - } else if ((r = forbidden(vp, W_BIT|X_BIT)) == OK) { + } else if ((r = forbidden(fp, vp, W_BIT|X_BIT)) == OK) { r = req_mkdir(vp->v_fs_e, vp->v_inode_nr, fullpath, fp->fp_effuid, fp->fp_effgid, bits); } diff --git a/servers/avfs/path.c b/servers/avfs/path.c index d33f711a8..a6945458f 100644 --- a/servers/avfs/path.c +++ b/servers/avfs/path.c @@ -795,7 +795,7 @@ size_t pathlen; if ((vp = eat_path(&resolve, rfp)) == NULL) return(err_code); /* check permissions */ - r = forbidden(vp, (R_BIT | W_BIT)); + r = forbidden(rfp, vp, (R_BIT | W_BIT)); unlock_vnode(vp); unlock_vmnt(vmp); diff --git a/servers/avfs/protect.c b/servers/avfs/protect.c index 45df97349..04325c614 100644 --- a/servers/avfs/protect.c +++ b/servers/avfs/protect.c @@ -198,7 +198,7 @@ PUBLIC int do_access() return(err_code); if ((vp = eat_path(&resolve, fp)) == NULL) return(err_code); - r = forbidden(vp, m_in.mode); + r = forbidden(fp, vp, m_in.mode); unlock_vnode(vp); unlock_vmnt(vmp); @@ -211,7 +211,7 @@ PUBLIC int do_access() /*===========================================================================* * forbidden * *===========================================================================*/ -PUBLIC int forbidden(struct vnode *vp, mode_t access_desired) +PUBLIC int forbidden(struct fproc *rfp, struct vnode *vp, mode_t access_desired) { /* Given a pointer to an vnode, 'vp', and the access desired, determine * if the access is allowed, and if not why not. The routine looks up the @@ -228,8 +228,8 @@ PUBLIC int forbidden(struct vnode *vp, mode_t access_desired) /* Isolate the relevant rwx bits from the mode. */ bits = vp->v_mode; - uid = (call_nr == ACCESS ? fp->fp_realuid : fp->fp_effuid); - gid = (call_nr == ACCESS ? fp->fp_realgid : fp->fp_effgid); + uid = (call_nr == ACCESS ? rfp->fp_realuid : rfp->fp_effuid); + gid = (call_nr == ACCESS ? rfp->fp_realgid : rfp->fp_effgid); if (uid == SU_UID) { /* Grant read and write permission. Grant search permission for diff --git a/servers/avfs/proto.h b/servers/avfs/proto.h index e0a815293..432ef3a52 100644 --- a/servers/avfs/proto.h +++ b/servers/avfs/proto.h @@ -210,7 +210,8 @@ _PROTOTYPE( int do_access, (void) ); _PROTOTYPE( int do_chmod, (void) ); _PROTOTYPE( int do_chown, (void) ); _PROTOTYPE( int do_umask, (void) ); -_PROTOTYPE( int forbidden, (struct vnode *vp, mode_t access_desired) ); +_PROTOTYPE( int forbidden, (struct fproc *rfp, struct vnode *vp, + mode_t access_desired) ); _PROTOTYPE( int read_only, (struct vnode *vp) ); /* read.c */ diff --git a/servers/avfs/stadir.c b/servers/avfs/stadir.c index ec8920b71..bc49bf9c4 100644 --- a/servers/avfs/stadir.c +++ b/servers/avfs/stadir.c @@ -111,7 +111,7 @@ struct vnode *vp; /* this is what the inode has to become */ if ((vp->v_mode & I_TYPE) != I_DIRECTORY) r = ENOTDIR; else - r = forbidden(vp, X_BIT); /* Check if dir is searchable*/ + r = forbidden(fp, vp, X_BIT); /* Check if dir is searchable*/ if (r != OK) return(r); /* Everything is OK. Make the change. */ diff --git a/servers/avfs/time.c b/servers/avfs/time.c index 77892808d..29b84e320 100644 --- a/servers/avfs/time.c +++ b/servers/avfs/time.c @@ -45,7 +45,7 @@ PUBLIC int do_utime() /* Only the owner of a file or the super user can change its name. */ r = OK; if (vp->v_uid != fp->fp_effuid && fp->fp_effuid != SU_UID) r = EPERM; - if (m_in.utime_length == 0 && r != OK) r = forbidden(vp, W_BIT); + if (m_in.utime_length == 0 && r != OK) r = forbidden(fp, vp, W_BIT); if (read_only(vp) != OK) r = EROFS; /* Not even su can touch if R/O */ if (r == OK) { /* Issue request */