PERFORCE change 231268 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jul 18 22:19:01 UTC 2013
http://p4web.freebsd.org/@@231268?ac=10
Change 231268 by rwatson at rwatson_cinnamon on 2013/07/18 22:18:45
When checking previous MAC checks from ffs_read(), let a successful
call to mac_vnode_check_readdir() authorise, not just a successful
call to mac_vnode_check_read(), as UFS readdir() falls through to
VOP_READ(). This silences TESLA false positives spotted in readdir().
Affected files ...
.. //depot/projects/ctsrd/tesla/src/sys/ufs/ffs/ffs_vnops.c#10 edit
Differences ...
==== //depot/projects/ctsrd/tesla/src/sys/ufs/ffs/ffs_vnops.c#10 (text+ko) ====
@@ -439,9 +439,11 @@
vp = ap->a_vp;
TESLA_SYSCALL(previously(mac_vnode_check_read(ANY(ptr), ANY(ptr), vp)
- == 0));
+ == 0) ||
+ previously(mac_vnode_check_readdir(ANY(ptr), vp) == 0));
TESLA_PAGE_FAULT(previously(mac_vnode_check_read(ANY(ptr), ANY(ptr),
- vp) == 0));
+ vp) == 0) ||
+ previously(mac_vnode_check_readdir(ANY(ptr), vp) == 0));
uio = ap->a_uio;
ioflag = ap->a_ioflag;
More information about the p4-projects
mailing list