svn commit: r281845 - in head: lib/libc/stdio libexec/rtld-elf sys/kern sys/sys
Craig Rodrigues
rodrigc at FreeBSD.org
Wed Apr 22 01:54:27 UTC 2015
Author: rodrigc
Date: Wed Apr 22 01:54:25 2015
New Revision: 281845
URL: https://svnweb.freebsd.org/changeset/base/281845
Log:
Support file verification in MAC.
* Add VCREAT flag to indicate when a new file is being created
* Add VVERIFY to indicate verification is required
* Both VCREAT and VVERIFY are only passed on the MAC method vnode_check_open
and are removed from the accmode after
* Add O_VERIFY flag to rtld open of objects
* Add 'v' flag to __sflags to set O_VERIFY flag.
Submitted by: Steve Kiernan <stevek at juniper.net>
Obtained from: Juniper Networks, Inc.
GitHub Pull Request: https://github.com/freebsd/freebsd/pull/27
Relnotes: yes
Modified:
head/lib/libc/stdio/flags.c
head/libexec/rtld-elf/rtld.c
head/sys/kern/vfs_vnops.c
head/sys/sys/fcntl.h
head/sys/sys/vnode.h
Modified: head/lib/libc/stdio/flags.c
==============================================================================
--- head/lib/libc/stdio/flags.c Wed Apr 22 01:35:29 2015 (r281844)
+++ head/lib/libc/stdio/flags.c Wed Apr 22 01:54:25 2015 (r281845)
@@ -97,6 +97,10 @@ __sflags(const char *mode, int *optr)
/* set close-on-exec */
o |= O_CLOEXEC;
break;
+ case 'v':
+ /* verify */
+ o |= O_VERIFY;
+ break;
default:
known = 0;
break;
Modified: head/libexec/rtld-elf/rtld.c
==============================================================================
--- head/libexec/rtld-elf/rtld.c Wed Apr 22 01:35:29 2015 (r281844)
+++ head/libexec/rtld-elf/rtld.c Wed Apr 22 01:54:25 2015 (r281845)
@@ -2165,7 +2165,7 @@ load_object(const char *name, int fd_u,
* To avoid a race, we open the file and use fstat() rather than
* using stat().
*/
- if ((fd = open(path, O_RDONLY | O_CLOEXEC)) == -1) {
+ if ((fd = open(path, O_RDONLY | O_CLOEXEC | O_VERIFY)) == -1) {
_rtld_error("Cannot open \"%s\"", path);
free(path);
return (NULL);
@@ -2855,7 +2855,7 @@ search_library_pathfds(const char *name,
dirfd = parse_libdir(fdstr);
if (dirfd < 0)
break;
- fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC);
+ fd = __sys_openat(dirfd, name, O_RDONLY | O_CLOEXEC | O_VERIFY);
if (fd >= 0) {
*fdp = fd;
len = strlen(fdstr) + strlen(name) + 3;
Modified: head/sys/kern/vfs_vnops.c
==============================================================================
--- head/sys/kern/vfs_vnops.c Wed Apr 22 01:35:29 2015 (r281844)
+++ head/sys/kern/vfs_vnops.c Wed Apr 22 01:54:25 2015 (r281845)
@@ -306,9 +306,15 @@ vn_open_vnode(struct vnode *vp, int fmod
if ((fmode & O_APPEND) && (fmode & FWRITE))
accmode |= VAPPEND;
#ifdef MAC
+ if (fmode & O_CREAT)
+ accmode |= VCREAT;
+ if (fmode & O_VERIFY)
+ accmode |= VVERIFY;
error = mac_vnode_check_open(cred, vp, accmode);
if (error)
return (error);
+
+ accmode &= ~(VCREAT | VVERIFY);
#endif
if ((fmode & O_CREAT) == 0) {
if (accmode & VWRITE) {
Modified: head/sys/sys/fcntl.h
==============================================================================
--- head/sys/sys/fcntl.h Wed Apr 22 01:35:29 2015 (r281844)
+++ head/sys/sys/fcntl.h Wed Apr 22 01:54:25 2015 (r281845)
@@ -129,6 +129,10 @@ typedef __pid_t pid_t;
#define O_CLOEXEC 0x00100000
#endif
+#if __BSD_VISIBLE
+#define O_VERIFY 0x00200000 /* open only after verification */
+#endif
+
/*
* XXX missing O_DSYNC, O_RSYNC.
*/
Modified: head/sys/sys/vnode.h
==============================================================================
--- head/sys/sys/vnode.h Wed Apr 22 01:35:29 2015 (r281844)
+++ head/sys/sys/vnode.h Wed Apr 22 01:54:25 2015 (r281845)
@@ -336,6 +336,8 @@ struct vattr {
#define VWRITE_ACL 000040000000 /* change ACL and/or file mode */
#define VWRITE_OWNER 000100000000 /* change file owner */
#define VSYNCHRONIZE 000200000000 /* not used */
+#define VCREAT 000400000000 /* creating new file */
+#define VVERIFY 001000000000 /* verification required */
/*
* Permissions that were traditionally granted only to the file owner.
More information about the svn-src-all
mailing list