From nobody Sun Oct 17 21:15:55 2021 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 00EA017F0313; Sun, 17 Oct 2021 21:15:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HXXqH3cZxz4cVm; Sun, 17 Oct 2021 21:15:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5BE73145D5; Sun, 17 Oct 2021 21:15:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 19HLFtpB009387; Sun, 17 Oct 2021 21:15:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 19HLFtbq009386; Sun, 17 Oct 2021 21:15:55 GMT (envelope-from git) Date: Sun, 17 Oct 2021 21:15:55 GMT Message-Id: <202110172115.19HLFtbq009386@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 54a01b5326b9 - stable/13 - vfs: Permit unix sockets to be opened with O_PATH List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 54a01b5326b9b73c4fbccb5bc085b5884eebe814 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=54a01b5326b9b73c4fbccb5bc085b5884eebe814 commit 54a01b5326b9b73c4fbccb5bc085b5884eebe814 Author: Mark Johnston AuthorDate: 2021-09-17 16:34:21 +0000 Commit: Mark Johnston CommitDate: 2021-10-17 21:15:44 +0000 vfs: Permit unix sockets to be opened with O_PATH As with FIFOs, a path descriptor for a unix socket cannot be used with kevent(). In principle connectat(2) and bindat(2) could be modified to support an AT_EMPTY_PATH-like mode which operates on the socket referenced by an O_PATH fd referencing a unix socket. That would eliminate the path length limit imposed by sockaddr_un. Update O_PATH tests. Reviewed by: kib Sponsored by: The FreeBSD Foundation (cherry picked from commit 2bd9826995ca6b23f8b088cfa035c0ad1c578ac3) --- sys/kern/vfs_vnops.c | 11 ++++------- tests/sys/file/path_test.c | 32 ++++++++++++++++++++++++++++---- 2 files changed, 32 insertions(+), 11 deletions(-) diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c index e8d6df5c4193..b78c24e3e313 100644 --- a/sys/kern/vfs_vnops.c +++ b/sys/kern/vfs_vnops.c @@ -393,13 +393,13 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred, if ((fmode & O_PATH) == 0 || (fmode & FEXEC) != 0) return (EMLINK); } - if (vp->v_type == VSOCK) - return (EOPNOTSUPP); if (vp->v_type != VDIR && fmode & O_DIRECTORY) return (ENOTDIR); accmode = 0; if ((fmode & O_PATH) == 0) { + if (vp->v_type == VSOCK) + return (EOPNOTSUPP); if ((fmode & (FWRITE | O_TRUNC)) != 0) { if (vp->v_type == VDIR) return (EISDIR); @@ -431,11 +431,8 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred, return (error); } if ((fmode & O_PATH) != 0) { - if (vp->v_type == VFIFO) - error = EPIPE; - else - error = VOP_ACCESS(vp, VREAD, cred, td); - if (error == 0) + if (vp->v_type != VFIFO && vp->v_type != VSOCK && + VOP_ACCESS(vp, VREAD, cred, td) == 0) fp->f_flag |= FKQALLOWED; return (0); } diff --git a/tests/sys/file/path_test.c b/tests/sys/file/path_test.c index ad88c691a914..a39862cc78d6 100644 --- a/tests/sys/file/path_test.c +++ b/tests/sys/file/path_test.c @@ -845,13 +845,15 @@ ATF_TC_BODY(path_rights, tc) CHECKED_CLOSE(sd[1]); } -/* Verify that a local socket can't be opened with O_PATH. */ +/* Verify that a local socket can be opened with O_PATH. */ ATF_TC_WITHOUT_HEAD(path_unix); ATF_TC_BODY(path_unix, tc) { - char path[PATH_MAX]; + char buf[BUFSIZ], path[PATH_MAX]; + struct kevent ev; struct sockaddr_un sun; - int pathfd, sd; + struct stat sb; + int kq, pathfd, sd; snprintf(path, sizeof(path), "path_unix.XXXXXX"); ATF_REQUIRE_MSG(mktemp(path) == path, FMT_ERR("mktemp")); @@ -866,9 +868,31 @@ ATF_TC_BODY(path_unix, tc) FMT_ERR("bind")); pathfd = open(path, O_PATH); - ATF_REQUIRE_ERRNO(EOPNOTSUPP, pathfd < 0); + ATF_REQUIRE_MSG(pathfd >= 0, FMT_ERR("open")); + + ATF_REQUIRE_MSG(fstatat(pathfd, "", &sb, AT_EMPTY_PATH) == 0, + FMT_ERR("fstatat")); + ATF_REQUIRE_MSG(sb.st_mode & S_IFSOCK, "socket mode %#x", sb.st_mode); + ATF_REQUIRE_MSG(sb.st_ino != 0, "socket has inode number 0"); + + memset(buf, 0, sizeof(buf)); + ATF_REQUIRE_ERRNO(EBADF, write(pathfd, buf, sizeof(buf))); + ATF_REQUIRE_ERRNO(EBADF, read(pathfd, buf, sizeof(buf))); + + /* kevent() is disallowed with sockets. */ + kq = kqueue(); + ATF_REQUIRE_MSG(kq >= 0, FMT_ERR("kqueue")); + EV_SET(&ev, pathfd, EVFILT_READ, EV_ADD | EV_ENABLE, 0, 0, 0); + ATF_REQUIRE_ERRNO(EBADF, kevent(kq, &ev, 1, NULL, 0, NULL) == -1); + + /* Should not be able to open a socket without O_PATH. */ + ATF_REQUIRE_ERRNO(EOPNOTSUPP, openat(pathfd, "", O_EMPTY_PATH) == -1); + + ATF_REQUIRE_MSG(funlinkat(AT_FDCWD, path, pathfd, 0) == 0, + FMT_ERR("funlinkat")); CHECKED_CLOSE(sd); + CHECKED_CLOSE(pathfd); } ATF_TP_ADD_TCS(tp)