Date: Sat, 7 Oct 2000 04:23:40 +0200 (CEST) From: mbendiks@eunet.no To: FreeBSD-gnats-submit@freebsd.org Subject: kern/21807: [patches] Request change to msdosfs semantics Message-ID: <200010070223.EAA23805@suiram.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 21807
>Category: kern
>Synopsis: [patches] Make System attribute correspond to SF_IMMUTABLE
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Oct 06 21:40:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Marius Bendiksen
>Release: FreeBSD 4.1-RELEASE i386
>Organization:
n/a
>Environment:
not relevant.
>Description:
In MS-DOS, the usage of the system attribute roughly corresponds to the
typical use of the SF_IMMUTABLE attribute in Unix. I think changing the
current semantics would be an improvement as far as compatibility goes,
and there should be few POLA issues with it.
>How-To-Repeat:
not relevant.
>Fix:
In /sys/msdosfs; diff -u4
--- ./msdosfs_vnops.c.orig Sun Sep 24 14:12:47 2000
+++ ./msdosfs_vnops.c Sun Sep 24 14:18:58 2000
@@ -171,10 +171,12 @@
error = uniqdosname(pdep, cnp, ndirent.de_Name);
if (error)
goto bad;
- ndirent.de_Attributes = (ap->a_vap->va_mode & VWRITE) ?
- ATTR_ARCHIVE : ATTR_ARCHIVE | ATTR_READONLY;
+ ndirent.de_Attributes = ((ap->a_vap->va_mode & VWRITE) ?
+ ATTR_ARCHIVE : ATTR_ARCHIVE | ATTR_READONLY) |
+ ((ap->a_vap->va_flags & SF_IMMUTABLE) ?
+ ATTR_SYSTEM : 0);
ndirent.de_LowerCase = 0;
ndirent.de_StartCluster = 0;
ndirent.de_FileSize = 0;
ndirent.de_dev = pdep->de_dev;
@@ -275,8 +277,12 @@
break;
}
}
+ /* System (SF_IMMUTABLE) files cannot be written by anyone. */
+ if ((mode & VEXEC) && (dep->de_Attributes & ATTR_SYSTEM))
+ return EPERM;
+
return (vaccess(vp->v_type, file_mode, pmp->pm_uid, pmp->pm_gid,
ap->a_mode, ap->a_cred, NULL));
}
@@ -333,9 +339,9 @@
} else {
vap->va_atime = vap->va_mtime;
vap->va_ctime = vap->va_mtime;
}
- vap->va_flags = 0;
+ vap->va_flags = (dep->de_Attributes & ATTR_SYSTEM) ? SF_IMMUTABLE : 0;
if ((dep->de_Attributes & ATTR_ARCHIVE) == 0)
vap->va_flags |= SF_ARCHIVED;
vap->va_gen = 0;
vap->va_blocksize = pmp->pm_bpcluster;
@@ -384,8 +390,12 @@
vap->va_uid, vap->va_gid);
#endif
return (EINVAL);
}
+ /* Check for immutability and securelevel */
+ if ((dep->de_Attributes & ATTR_SYSTEM) && (securelevel > 0))
+ return EPERM;
+ /* Set appropriate flags */
if (vap->va_flags != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
if (cred->cr_uid != pmp->pm_uid &&
@@ -401,12 +411,19 @@
* users to attempt to set SF_SETTABLE bits or anyone to
* set unsupported bits. However, we ignore attempts to
* set ATTR_ARCHIVE for directories `cp -pr' from a more
* sensible file system attempts it a lot.
+ *
+ * An exception with regards to the SF_SETTABLE bits, is
+ * SF_IMMUTABLE, which we map to ATTR_SYSTEM.
*/
if (cred->cr_uid != 0) {
- if (vap->va_flags & SF_SETTABLE)
+ if (vap->va_flags & (SF_SETTABLE^SF_IMMUTABLE))
return EPERM;
+ if (vap->va_flags & SF_IMMUTABLE)
+ dep->de_Attributes |= ATTR_SYSTEM;
+ else
+ dep->de_Attributes &= ~ATTR_SYSTEM;
}
if (vap->va_flags & ~SF_ARCHIVED)
return EOPNOTSUPP;
if (vap->va_flags & SF_ARCHIVED)
@@ -414,8 +431,10 @@
else if (!(dep->de_Attributes & ATTR_DIRECTORY))
dep->de_Attributes |= ATTR_ARCHIVE;
dep->de_flag |= DE_MODIFIED;
}
+ if (dep->de_Attributes & ATTR_SYSTEM)
+ return EPERM;
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
uid_t uid;
gid_t gid;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010070223.EAA23805>