svn commit: r341689 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys
John Baldwin
jhb at FreeBSD.org
Fri Dec 7 17:21:39 UTC 2018
On 12/7/18 7:17 AM, Konstantin Belousov wrote:
> Author: kib
> Date: Fri Dec 7 15:17:29 2018
> New Revision: 341689
> URL: https://svnweb.freebsd.org/changeset/base/341689
>
> Log:
> Add new file handle system calls.
>
> Namely, getfhat(2), fhlink(2), fhlinkat(2), fhreadlink(2). The
> syscalls are provided for a NFS userspace server (nfs-ganesha).
>
> Submitted by: Jack Halford <jack at gandi.net>
> Sponsored by: Gandi.net
> Tested by: pho
> Feedback from: brooks, markj
> MFC after: 1 week
> Differential revision: https://reviews.freebsd.org/D18359
Can this be used to implement 'flink' (create a link to an open file
descriptor)? Hmm, it appears so. It is limited to PRIV_VFS_GETFH at least.
The getfh(2) manpage notes this explicitly, but the new manpages don't
appear to. Even with the PRIV check, I'm still somewhat nervous about what
flink means for processes running as root that are using Capsicum. Maybe
it's ok, but I didn't see any discussion of this in the review.
--
John Baldwin
More information about the svn-src-head
mailing list