git: 1e26f443cd2b - stable/13 - __acl_get_fd(2), __acl_aclcheck_fd(2): enable for O_PATH filedescriptors

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Mon, 05 Jun 2023 08:36:12 UTC 
The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=1e26f443cd2b8775ba50207aa9645ec12ead9e8a

commit 1e26f443cd2b8775ba50207aa9645ec12ead9e8a
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-05-29 15:07:18 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-06-05 08:35:01 +0000

    __acl_get_fd(2), __acl_aclcheck_fd(2): enable for O_PATH filedescriptors
    
    PR:     271704
    
    (cherry picked from commit 7a292504bad8467915f072f0576b2a07c76de1f5)
---
 lib/libc/sys/open.2 | 3 ++-
 sys/kern/vfs_acl.c  | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/libc/sys/open.2 b/lib/libc/sys/open.2
index 876a4ce1e57d..db3e8f373ad7 100644
--- a/lib/libc/sys/open.2
+++ b/lib/libc/sys/open.2
@@ -28,7 +28,7 @@
 .\"     @(#)open.2	8.2 (Berkeley) 11/16/93
 .\" $FreeBSD$
 .\"
-.Dd April 22, 2022
+.Dd May 29, 2023
 .Dt OPEN 2
 .Os
 .Sh NAME
@@ -344,6 +344,7 @@ message
 using for
 .Dv EVFILT_VNODE
 .It Xr readlinkat 2
+.It Xr __acl_get_fd 2 , Xr __alc_aclcheck_fd 2
 .El
 But operations like
 .Xr read 2 ,
diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c
index 596a26f8acea..dff1d9368f40 100644
--- a/sys/kern/vfs_acl.c
+++ b/sys/kern/vfs_acl.c
@@ -434,7 +434,7 @@ sys___acl_get_fd(struct thread *td, struct __acl_get_fd_args *uap)
 	int error;
 
 	AUDIT_ARG_FD(uap->filedes);
-	error = getvnode(td, uap->filedes,
+	error = getvnode_path(td, uap->filedes,
 	    cap_rights_init_one(&rights, CAP_ACL_GET), &fp);
 	if (error == 0) {
 		error = vacl_get_acl(td, fp->f_vnode, uap->type, uap->aclp);
@@ -567,7 +567,7 @@ sys___acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap)
 	int error;
 
 	AUDIT_ARG_FD(uap->filedes);
-	error = getvnode(td, uap->filedes,
+	error = getvnode_path(td, uap->filedes,
 	    cap_rights_init_one(&rights, CAP_ACL_CHECK), &fp);
 	if (error == 0) {
 		error = vacl_aclcheck(td, fp->f_vnode, uap->type, uap->aclp);