Date: Mon, 28 Aug 2000 13:06:17 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: freebsd-fs@FreeBSD.ORG Subject: Re: procfs_lookup() and jail interaction Message-ID: <Pine.NEB.3.96L.1000828130132.84062L-100000@fledge.watson.org> In-Reply-To: <11697.967482003@critter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Aug 2000, Poul-Henning Kamp wrote:
> In message <Pine.NEB.3.96L.1000828124049.84062K-100000@fledge.watson.org>, Robe
> rt Watson writes:
> >
> >So I've largely resolved these concerns -- as a synthetic in-memory file
> >system, procfs is not using the name cache -- the issue I'm running into
> >now in procfs is with the open() syscall. Following the p_stuff patches,
> >procfs_getattrt() and so on all return ENOENT. However, an attempt to
> >call open(/proc/1, O_CREAT) results in an EISDIR error, instead of EROFS.
> >I believe this may be a result of that type check happening in vn_open,
> >above the VFS layer, resulting in procfs_* never seeing the request, and
> >thereby revealing the presence of the directory.
>
> Uhm, isn't a VOP_GETATTR() done to find out what we're fiddling ?
>
> How else would it know that it is a directory ?
So perhaps I need to do some more tracing to track this down further, but
my believe is that procfs_getattr() should not be returning information to
the calling process:
switch (pfs->pfs_type) {
case Proot:
case Pcurproc:
procp = 0;
break;
default:
procp = PFIND(pfs->pfs_pid);
if (procp == 0 || procp->p_cred == NULL ||
procp->p_ucred == NULL)
return (ENOENT);
if (p_cansee(ap->a_p, procp, NULL))
return (ENOENT);
}
However:
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs> touch /proc/1
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs> su
Password:
alsvid# sysctl -w kern.ps_showallprocs=0
kern.ps_showallprocs: 1 -> 0
alsvid# exit
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs> touch /proc/1
touch: /proc/1: Is a directory
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs>
But:
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs> ktrace touch /proc/1
touch: /proc/1: Is a directory
alsvid:/data/fbsd-commit/src/sys/miscfs/procfs> kdump
...
260 touch CALL stat(0xbfbffc42,0xbfbffaa0)
260 touch NAMI "/proc/1"
260 touch RET stat -1 errno 2 No such file or directory
260 touch CALL open(0xbfbffc42,0x201,0x1b6)
260 touch NAMI "/proc/1"
260 touch RET open -1 errno 21 Is a directory
So open() is returning EISDIR.
It looks like vn_open looks directory at vp->v_type to determine if it's a
directory, not relying on the results of VOP_GETATTR:
if ((fmode & O_CREAT) == 0) {
mode = 0;
if (fmode & (FWRITE | O_TRUNC)) {
if (vp->v_type == VDIR) {
error = EISDIR;
goto bad;
}
So the check is still happening above the VFS layer.
I'll look at the code further this evening.
Robert N M Watson
robert@fledge.watson.org http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000828130132.84062L-100000>