Date: Sun, 27 Jan 2008 15:51:53 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134202 for review Message-ID: <200801271551.m0RFpr3Z000639@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134202 Change 134202 by rwatson@rwatson_freebsd_capabilities on 2008/01/27 15:50:53 Add CAP_FEXECVE to authorize use of a capability for fexecve(). Use fgetvp_read() rather than fgetvp_exec(), as there is no FEXEC in this branch (and probably won't be). Require CAP_READ | CAP_FEXECVE but possibly this should just be CAP_FEXECVE. Update for VOP_UNLOCK() prototype change. len doesn't need to be initialized on declaration [anymore]. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#4 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#9 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#4 (text+ko) ==== @@ -305,7 +305,7 @@ struct ucred *newcred = NULL, *oldcred; struct uidinfo *euip; register_t *stack_base; - int error, len = 0, i; + int error, len, i; struct image_params image_params, *imgp; struct vattr attr; int (*img_first)(struct image_params *); @@ -392,7 +392,9 @@ binvp = ndp->ni_vp; imgp->vp = binvp; } else { - error = fgetvp_exec(td, args->fd, &binvp); + /* XXXRW: Possibly should just be CAP_FEXECVE? */ + error = fgetvp_read(td, args->fd, CAP_READ | CAP_FEXECVE, + &binvp); if (error) goto exec_fail; vfslocked = VFS_LOCK_GIANT(binvp->v_mount); @@ -526,7 +528,7 @@ } /* close files on exec */ - VOP_UNLOCK(imgp->vp, 0, td); + VOP_UNLOCK(imgp->vp, 0); fdcloseexec(td); vn_lock(imgp->vp, LK_EXCLUSIVE | LK_RETRY); @@ -644,7 +646,7 @@ */ PROC_UNLOCK(p); setugidsafety(td); - VOP_UNLOCK(imgp->vp, 0, td); + VOP_UNLOCK(imgp->vp, 0); error = fdcheckstd(td); vn_lock(imgp->vp, LK_EXCLUSIVE | LK_RETRY); if (error != 0) @@ -778,7 +780,7 @@ crfree(oldcred); else crfree(newcred); - VOP_UNLOCK(imgp->vp, 0, td); + VOP_UNLOCK(imgp->vp, 0); /* * Handle deferred decrement of ref counts. */ ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#9 (text+ko) ==== @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#8 $ + * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#9 $ */ /* @@ -62,7 +62,7 @@ #define CAP_GETDIRENTRIES 0x0000000000020000ULL /* getdirentries */ #define CAP_FSTATFS 0x0000000000040000ULL /* fstatfs */ #define CAP_REVOKE 0x0000000000080000ULL /* revoke */ -#define _CAP_UNUSED1 0x0000000000100000ULL +#define CAP_FEXECVE 0x0000000000100000ULL /* fexecve */ #define CAP_FPATHCONF 0x0000000000200000ULL /* fpathconf */ #define CAP_FUTIMES 0x0000000000400000ULL /* futimes */ #define CAP_AIO 0x0000000000800000ULL /* aio_* */ @@ -84,7 +84,7 @@ #define CAP_LISTEN 0x0000008000000000ULL /* listen */ #define CAP_SHUTDOWN 0x0000010000000000ULL /* shutdown */ #define CAP_PEELOFF 0x0000020000000000ULL /* sctp_peeloff */ -#define CAP_MASK_VALID 0x000003ffffe7ffffULL +#define CAP_MASK_VALID 0x000003ffffffffffULL /* * Notes:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801271551.m0RFpr3Z000639>