PERFORCE change 166626 for review
Jonathan Anderson
jona at FreeBSD.org
Mon Jul 27 15:39:48 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=166626
Change 166626 by jona at jona-trustedbsd-belle-vmware on 2009/07/27 15:38:53
Handling passing of umasks for open() calls which create files (rather than using a default 0666)
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel-powerbox.h#3 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#12 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/TextEditor.cpp#2 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#4 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/powerbox.c#9 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#18 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel-powerbox.h#3 (text+ko) ====
@@ -60,6 +60,7 @@
int filterlen; /* length of filter expression */
int flags; /* open() flags, e.g. O_RDONLY */
cap_rights_t rights; /* capabilities, e.g. CAP_SEEK */
+ int umask; /* umask, for open() with O_CREAT */
};
==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#12 (text+ko) ====
@@ -199,7 +199,7 @@
-int ua_open(const char *path, int flags)
+int ua_open(const char *path, int flags, ...)
{
cap_rights_t rights = CAP_FSTAT | CAP_SEEK | CAP_FSYNC;
@@ -209,12 +209,21 @@
if(flags & O_DIRECTORY) rights |= CAP_FSTATFS | CAP_FEXECVE;
- return ua_ropen(path, flags, rights);
+ int mask = 0;
+ if(flags & O_CREAT)
+ {
+ va_list args;
+ va_start(args, flags);
+ mask = va_arg(args, int);
+ va_end(args);
+ }
+
+ return ua_ropen(path, flags, rights, mask);
}
-int ua_ropen(const char *path, int flags, cap_rights_t rights)
+int ua_ropen(const char *path, int flags, cap_rights_t rights, int mask)
{
if(angel < 0) angel = ua_find();
if(angel < 0) return -1;
@@ -224,14 +233,14 @@
data[1] = ua_marshall_string(path, strlen(path));
data[2] = ua_marshall_int(flags);
data[3] = ua_marshall_int(rights);
+ data[4] = ua_marshall_int(mask);
- for(int i = 0; i < 4; i++) if(ua_send(angel, data[i], NULL, 0) < 0) return -1;
-
- free(data[0]);
- free(data[1]);
- free(data[2]);
- free(data[3]);
+ for(int i = 0; i <= 4; i++)
+ {
+ if(ua_send(angel, data[i], NULL, 0) < 0) return -1;
+ free(data[i]);
+ }
@@ -639,7 +648,7 @@
datum* ua_marshall_powerbox(const struct ua_powerbox_options *options)
{
- datum *data[8];
+ datum *data[9];
data[0] = ua_marshall_int(options->ui);
data[1] = ua_marshall_int(options->operation);
data[2] = ua_marshall_int(options->parent_window);
@@ -648,9 +657,10 @@
data[5] = ua_marshall_string(options->filter, options->filterlen);
data[6] = ua_marshall_int(options->flags);
data[7] = ua_marshall_int(options->rights);
+ data[8] = ua_marshall_int(options->umask);
int total_size = 0;
- for(int i = 0; i < 8; i++)
+ for(int i = 0; i <= 8; i++)
if(data[i] == NULL)
{
errno = EINVAL;
@@ -664,7 +674,7 @@
char *buffer = ((char*) d) + sizeof(datum);
char *head = buffer;
- for(int i = 0; i < 8; i++)
+ for(int i = 0; i <= 8; i++)
{
memcpy(head, data[i], sizeof(datum) + data[i]->length);
head += sizeof(datum) + data[i]->length;
@@ -736,6 +746,10 @@
if(ua_unmarshall_int(head, &tmp_int) < 0) return -1;
options->rights = tmp_int;
+ head = (const datum*) (((const char*) head) + sizeof(datum) + head->length);
+
+ if(ua_unmarshall_int(head, &tmp_int) < 0) return -1;
+ options->umask = tmp_int;
return sizeof(datum) + d->length;
==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#12 (text+ko) ====
@@ -63,10 +63,10 @@
int ua_stat(const char *path, struct stat *s);
/** Open a file via the User Angel */
-int ua_open(const char *path, int flags);
+int ua_open(const char *path, int flags, ...);
/** Open a file via the User Angel, specifying rights the capability should have */
-int ua_ropen(const char *path, int flags, cap_rights_t rights);
+int ua_ropen(const char *path, int flags, cap_rights_t rights, int umask);
/** Open a file stream via the User Angel */
FILE* ua_fopen(const char *path, const char *mode);
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/TextEditor.cpp#2 (text+ko) ====
@@ -139,6 +139,7 @@
options.filterlen = 0;
options.flags = O_WRONLY | O_CREAT | O_TRUNC;
options.rights = CAP_FSTAT | CAP_SEEK | CAP_FSYNC | CAP_WRITE | CAP_FTRUNCATE;
+ options.umask = 0666;
int fdcount = 1;
int fd;
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#7 (text+ko) ====
@@ -45,9 +45,9 @@
const char *cap_error() { return errstr; }
-int cap_open(const char *path, int flags, cap_rights_t rights)
+int cap_open(const char *path, int flags, cap_rights_t rights, int umask)
{
- int fd = open(path, flags);
+ int fd = open(path, flags, umask);
if(fd < 0)
{
if(strlen(path) > 256) path = "<very long path>";
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#4 (text+ko) ====
@@ -46,5 +46,5 @@
/** Open a file in capability mode with specified rights */
-int cap_open(const char *path, int flags, cap_rights_t rights);
+int cap_open(const char *path, int flags, cap_rights_t rights, int umask);
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/powerbox.c#9 (text+ko) ====
@@ -70,7 +70,8 @@
// open the files using the requested flags and rights
for(int i = 0; i < *len; i++)
{
- fds[i] = cap_open(names[i], options->flags, options->rights);
+ fds[i] = cap_open(names[i], options->flags, options->rights,
+ options->umask);
if(fds[i] < 0)
{
perror("Error opening file capability");
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#18 (text+ko) ====
@@ -429,12 +429,13 @@
if(ua_unmarshall_string(d, path, &pathlen) < 0) return -1;
printf(": '%s'\n", path);
- int32_t flags, rights;
+ int32_t flags, rights, umask;
if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &flags) < 0) return -1;
if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &rights) < 0) return -1;
+ if(ua_unmarshall_int(ua_recv(sock, NULL, NULL), &umask) < 0) return -1;
- int cap = cap_open(path, flags, rights);
+ int cap = cap_open(path, flags, rights, umask);
if(cap < 0) return 1;
d = ua_marshall_int(1);
More information about the p4-projects
mailing list