PERFORCE change 167145 for review

Robert Watson rwatson at FreeBSD.org
Sun Aug 9 22:11:58 UTC 2009 

http://perforce.freebsd.org/chv.cgi?CH=167145

Change 167145 by rwatson at rwatson_freebsd_capabilities on 2009/08/09 22:11:44

	Some fcntl's need to operate on capabilities, others on the
	underlying objects.  Refine kern_fcntl() so that the following
	operations are on capabilities:
	
	  F_DUPFD, F_DUP2FD, F_GETFD, F_SETFD
	
	The following operations require CAP_FCNTL and affect the
	underlying file descriptor:
	
	  F_GETFL, F_SETFL, F_GETOWN, F_SETOWN
	
	The following operations require CAP_FLOCK and affect the
	underlying file descriptor:
	
	  F_SETLK_REMOTE, F_SETLKW, F_SETLK, F_GETLK

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#28 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#28 (text+ko) ====

@@ -404,7 +404,7 @@
 }
 
 static inline struct file *
-fdtofp(int fd, cap_rights_t rights, struct filedesc *fdp)
+fdtofp(int fd, struct filedesc *fdp)
 {
 	struct file *fp;
 
@@ -412,13 +412,23 @@
 	if ((unsigned)fd >= fdp->fd_nfiles ||
 	    (fp = fdp->fd_ofiles[fd]) == NULL)
 		return (NULL);
+	return (fp);
+}
+
+static inline struct file *
+fdtofp_cap(int fd, cap_rights_t rights, struct filedesc *fdp)
+{
+	struct file *fp;
 
+	FILEDESC_LOCK_ASSERT(fdp);
+	if ((unsigned)fd >= fdp->fd_nfiles ||
+	    (fp = fdp->fd_ofiles[fd]) == NULL)
+		return (NULL);
 #ifdef CAPABILITIES
 	if (fp->f_type == DTYPE_CAPABILITY)
-		if(cap_fextract(fp, rights, &fp))
+		if (cap_fextract(fp, rights, &fp))
 			return (NULL);
 #endif /* CAPABILITIES */
-
 	return (fp);
 }
 
@@ -453,7 +463,7 @@
 
 	case F_GETFD:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_READ, fdp)) == NULL) {
+		if ((fp = fdtofp(fd, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -465,7 +475,7 @@
 
 	case F_SETFD:
 		FILEDESC_XLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_WRITE, fdp)) == NULL) {
+		if ((fp = fdtofp(fd, fdp)) == NULL) {
 			FILEDESC_XUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -478,7 +488,7 @@
 
 	case F_GETFL:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_READ, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FCNTL, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -489,7 +499,7 @@
 
 	case F_SETFL:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_FCHFLAGS, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FCNTL, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -521,7 +531,7 @@
 
 	case F_GETOWN:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_READ, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FCNTL, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -536,7 +546,7 @@
 
 	case F_SETOWN:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_FCHOWN, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FCNTL, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -562,7 +572,7 @@
 	case F_SETLK:
 	do_setlk:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_FLOCK, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FLOCK, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;
@@ -657,7 +667,7 @@
 
 	case F_GETLK:
 		FILEDESC_SLOCK(fdp);
-		if ((fp = fdtofp(fd, CAP_FLOCK, fdp)) == NULL) {
+		if ((fp = fdtofp_cap(fd, CAP_FLOCK, fdp)) == NULL) {
 			FILEDESC_SUNLOCK(fdp);
 			error = EBADF;
 			break;

More information about the p4-projects mailing list