svn commit: r234103 - in head: lib/libc/sys sys/ufs/ufs
Jaakko Heinonen
jh at FreeBSD.org
Tue Apr 10 15:59:38 UTC 2012
Author: jh
Date: Tue Apr 10 15:59:37 2012
New Revision: 234103
URL: http://svn.freebsd.org/changeset/base/234103
Log:
- Return EPERM from ufs_setattr() when an user without PRIV_VFS_SYSFLAGS
privilege attempts to toggle SF_SETTABLE flags.
- Use the '^' operator in the SF_SNAPSHOT anti-toggling check.
Flags are now stored to ip->i_flags in one place after all checks.
Submitted by: bde
Modified:
head/lib/libc/sys/chflags.2
head/sys/ufs/ufs/ufs_vnops.c
Modified: head/lib/libc/sys/chflags.2
==============================================================================
--- head/lib/libc/sys/chflags.2 Tue Apr 10 15:58:22 2012 (r234102)
+++ head/lib/libc/sys/chflags.2 Tue Apr 10 15:59:37 2012 (r234103)
@@ -28,7 +28,7 @@
.\" @(#)chflags.2 8.3 (Berkeley) 5/2/95
.\" $FreeBSD$
.\"
-.Dd Oct 29, 2010
+.Dd Apr 10, 2012
.Dt CHFLAGS 2
.Os
.Sh NAME
@@ -114,8 +114,7 @@ The
and
.Dv SF_ARCHIVED
flags may only be set or unset by the super-user.
-Attempts to set these flags by non-super-users are rejected, attempts by
-non-superusers to clear flags that are already unset are silently ignored.
+Attempts to toggle these flags by non-super-users are rejected.
These flags may be set at any time, but normally may only be unset when
the system is in single-user mode.
(See
Modified: head/sys/ufs/ufs/ufs_vnops.c
==============================================================================
--- head/sys/ufs/ufs/ufs_vnops.c Tue Apr 10 15:58:22 2012 (r234102)
+++ head/sys/ufs/ufs/ufs_vnops.c Tue Apr 10 15:59:37 2012 (r234103)
@@ -555,23 +555,17 @@ ufs_setattr(ap)
if (error)
return (error);
}
- /* Snapshot flag cannot be set or cleared */
- if (((vap->va_flags & SF_SNAPSHOT) != 0 &&
- (ip->i_flags & SF_SNAPSHOT) == 0) ||
- ((vap->va_flags & SF_SNAPSHOT) == 0 &&
- (ip->i_flags & SF_SNAPSHOT) != 0))
+ /* The snapshot flag cannot be toggled. */
+ if ((vap->va_flags ^ ip->i_flags) & SF_SNAPSHOT)
return (EPERM);
- ip->i_flags = vap->va_flags;
- DIP_SET(ip, i_flags, vap->va_flags);
} else {
if (ip->i_flags &
(SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
- (vap->va_flags & UF_SETTABLE) != vap->va_flags)
+ ((vap->va_flags ^ ip->i_flags) & SF_SETTABLE))
return (EPERM);
- ip->i_flags &= SF_SETTABLE;
- ip->i_flags |= (vap->va_flags & UF_SETTABLE);
- DIP_SET(ip, i_flags, ip->i_flags);
}
+ ip->i_flags = vap->va_flags;
+ DIP_SET(ip, i_flags, vap->va_flags);
ip->i_flag |= IN_CHANGE;
error = UFS_UPDATE(vp, 0);
if (ip->i_flags & (IMMUTABLE | APPEND))
More information about the svn-src-all
mailing list