Date: Wed, 22 Apr 2015 01:54:26 +0000 (UTC) From: Craig Rodrigues <rodrigc@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r281845 - in head: lib/libc/stdio libexec/rtld-elf sys/kern sys/sys Message-ID: <201504220154.t3M1sQOi031375@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rodrigc Date: Wed Apr 22 01:54:25 2015 New Revision: 281845 URL: https://svnweb.freebsd.org/changeset/base/281845 Log: Support file verification in MAC. * Add VCREAT flag to indicate when a new file is being created * Add VVERIFY to indicate verification is required * Both VCREAT and VVERIFY are only passed on the MAC method vnode_check_open and are removed from the accmode after * Add O_VERIFY flag to rtld open of objects * Add 'v' flag to __sflags to set O_VERIFY flag. Submitted by: Steve Kiernan <stevek@juniper.net> Obtained from: Juniper Networks, Inc. GitHub Pull Request: https://github.com/freebsd/freebsd/pull/27 Relnotes: yes Modified: head/lib/libc/stdio/flags.c head/libexec/rtld-elf/rtld.c head/sys/kern/vfs_vnops.c head/sys/sys/fcntl.h head/sys/sys/vnode.h Modified: head/lib/libc/stdio/flags.c ============================================================================== --- head/lib/libc/stdio/flags.c Wed Apr 22 01:35:29 2015 (r281844) +++ head/lib/libc/stdio/flags.c Wed Apr 22 01:54:25 2015 (r281845) @@ -97,6 +97,10 @@ __sflags(const char *mode, int *optr) /* set close-on-exec */ o |= O_CLOEXEC; break; + case 'v': + /* verify */ + o |= O_VERIFY; + break; default: known = 0; break; Modified: head/libexec/rtld-elf/rtld.c ============================================================================== --- head/libexec/rtld-elf/rtld.c Wed Apr 22 01:35:29 2015 (r281844) +++ head/libexec/rtld-elf/rtld.c Wed Apr 22 01:54:25 2015 (r281845) @@ -2165,7 +2165,7 @@ load_object(const char *name, int fd_u, * To avoid a race, we open the file and use fstat() rather than * using stat(). */ - if ((fd = open(path, O_RDONLY | O_CLOEXEC)) == -1) { + if ((fd = open(path, O_RDONLY | O_CLOEXEC | O_VERIFY)) == -1) { _rtld_error("Cannot open \"%s\"", path); free(path); return (NULL); @@ -2855,7 +2855,7 @@ search_library_pathfds(const char *name, dirfd = parse_libdir(fdstr); if (dirfd < 0) break; - fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC); + fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC | O_VERIFY); if (fd >= 0) { *fdp = fd; len = strlen(fdstr) + strlen(name) + 3; Modified: head/sys/kern/vfs_vnops.c ============================================================================== --- head/sys/kern/vfs_vnops.c Wed Apr 22 01:35:29 2015 (r281844) +++ head/sys/kern/vfs_vnops.c Wed Apr 22 01:54:25 2015 (r281845) @@ -306,9 +306,15 @@ vn_open_vnode(struct vnode *vp, int fmod if ((fmode & O_APPEND) && (fmode & FWRITE)) accmode |= VAPPEND; #ifdef MAC + if (fmode & O_CREAT) + accmode |= VCREAT; + if (fmode & O_VERIFY) + accmode |= VVERIFY; error = mac_vnode_check_open(cred, vp, accmode); if (error) return (error); + + accmode &= ~(VCREAT | VVERIFY); #endif if ((fmode & O_CREAT) == 0) { if (accmode & VWRITE) { Modified: head/sys/sys/fcntl.h ============================================================================== --- head/sys/sys/fcntl.h Wed Apr 22 01:35:29 2015 (r281844) +++ head/sys/sys/fcntl.h Wed Apr 22 01:54:25 2015 (r281845) @@ -129,6 +129,10 @@ typedef __pid_t pid_t; #define O_CLOEXEC 0x00100000 #endif +#if __BSD_VISIBLE +#define O_VERIFY 0x00200000 /* open only after verification */ +#endif + /* * XXX missing O_DSYNC, O_RSYNC. */ Modified: head/sys/sys/vnode.h ============================================================================== --- head/sys/sys/vnode.h Wed Apr 22 01:35:29 2015 (r281844) +++ head/sys/sys/vnode.h Wed Apr 22 01:54:25 2015 (r281845) @@ -336,6 +336,8 @@ struct vattr { #define VWRITE_ACL 000040000000 /* change ACL and/or file mode */ #define VWRITE_OWNER 000100000000 /* change file owner */ #define VSYNCHRONIZE 000200000000 /* not used */ +#define VCREAT 000400000000 /* creating new file */ +#define VVERIFY 001000000000 /* verification required */ /* * Permissions that were traditionally granted only to the file owner.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504220154.t3M1sQOi031375>