git: 792ebbb1557e - stable/13 - vfs: fixup WANTIOCTLCAPS on open

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Mateusz Guzik <mjg_at_FreeBSD.org>
Date: Mon, 04 Apr 2022 19:19:15 UTC
The branch stable/13 has been updated by mjg:

URL: https://cgit.FreeBSD.org/src/commit/?id=792ebbb1557e290805d84b87653110681c7338a0

commit 792ebbb1557e290805d84b87653110681c7338a0
Author:     Mateusz Guzik <mjg@FreeBSD.org>
AuthorDate: 2022-04-02 18:35:58 +0000
Commit:     Mateusz Guzik <mjg@FreeBSD.org>
CommitDate: 2022-04-04 19:17:05 +0000

    vfs: fixup WANTIOCTLCAPS on open
    
    In some cases vn_open_cred overwrites cn_flags, effectively nullifying
    initialisation done in NDINIT. This will have to be fixed.
    
    In the meantime make sure the flag is passed.
    
    Reported by:    jenkins
    Noted by:       Mathieu <sigsys@gmail.com>
    
    (cherry picked from commit b7262756e2f471f6481070e2473af7853506b150)
---
 sys/kern/kern_descrip.c | 5 +++++
 sys/kern/vfs_syscalls.c | 3 ++-
 sys/kern/vfs_vnops.c    | 2 ++
 sys/sys/vnode.h         | 1 +
 4 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index 8eb83ea44159..b4bb74e02c4e 100644
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -1846,9 +1846,14 @@ filecaps_validate(const struct filecaps *fcaps, const char *func)
 	KASSERT(fcaps->fc_fcntls == 0 ||
 	    cap_rights_is_set(&fcaps->fc_rights, CAP_FCNTL),
 	    ("%s: fcntls without CAP_FCNTL", func));
+	/*
+	 * open calls without WANTIOCTLCAPS free caps but leave the counter
+	 */
+#if 0
 	KASSERT(fcaps->fc_ioctls != NULL ? fcaps->fc_nioctls > 0 :
 	    (fcaps->fc_nioctls == -1 || fcaps->fc_nioctls == 0),
 	    ("%s: invalid ioctls", func));
+#endif
 	KASSERT(fcaps->fc_nioctls == 0 ||
 	    cap_rights_is_set(&fcaps->fc_rights, CAP_IOCTL),
 	    ("%s: ioctls without CAP_IOCTL", func));
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index ed75316f8add..32868eb7a4d5 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1156,7 +1156,8 @@ kern_openat(struct thread *td, int fd, const char *path, enum uio_seg pathseg,
 	NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1 | WANTIOCTLCAPS,
 	    pathseg, path, fd, &rights, td);
 	td->td_dupfd = -1;		/* XXX check for fdopen */
-	error = vn_open(&nd, &flags, cmode, fp);
+	error = vn_open_cred(&nd, &flags, cmode, VN_OPEN_WANTIOCTLCAPS,
+	    td->td_ucred, fp);
 	if (error != 0) {
 		/*
 		 * If the vn_open replaced the method vector, something
diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c
index bde0403b2a51..b82db887b241 100644
--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@@ -207,6 +207,8 @@ open2nameif(int fmode, u_int vn_open_flags)
 		res |= AUDITVNODE1;
 	if ((vn_open_flags & VN_OPEN_NOCAPCHECK) != 0)
 		res |= NOCAPCHECK;
+	if ((vn_open_flags & VN_OPEN_WANTIOCTLCAPS) != 0)
+		res |= WANTIOCTLCAPS;
 	return (res);
 }
 
diff --git a/sys/sys/vnode.h b/sys/sys/vnode.h
index 66e8a7c0a87e..92978eae8846 100644
--- a/sys/sys/vnode.h
+++ b/sys/sys/vnode.h
@@ -612,6 +612,7 @@ typedef void vop_getpages_iodone_t(void *, vm_page_t *, int, int);
 #define	VN_OPEN_NOCAPCHECK	0x00000002
 #define	VN_OPEN_NAMECACHE	0x00000004
 #define	VN_OPEN_INVFS		0x00000008
+#define	VN_OPEN_WANTIOCTLCAPS	0x00000010
 
 /* copy_file_range kernel flags */
 #define	COPY_FILE_RANGE_KFLAGS		0xff000000