[Midnightbsd-cvs] src [9941] trunk/sys/kern/vfs_acl.c: sync with freebsd 10-stable
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Fri May 25 16:33:03 EDT 2018
Revision: 9941
http://svnweb.midnightbsd.org/src/?rev=9941
Author: laffer1
Date: 2018-05-25 16:33:02 -0400 (Fri, 25 May 2018)
Log Message:
-----------
sync with freebsd 10-stable
Modified Paths:
--------------
trunk/sys/kern/vfs_acl.c
Modified: trunk/sys/kern/vfs_acl.c
===================================================================
--- trunk/sys/kern/vfs_acl.c 2018-05-25 20:32:26 UTC (rev 9940)
+++ trunk/sys/kern/vfs_acl.c 2018-05-25 20:33:02 UTC (rev 9941)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 1999-2006 Robert N. M. Watson
* All rights reserved.
@@ -33,12 +34,12 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/kern/vfs_acl.c 280258 2015-03-19 13:37:36Z rwatson $");
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/sysproto.h>
-#include <sys/capability.h>
+#include <sys/capsicum.h>
#include <sys/fcntl.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
@@ -148,6 +149,7 @@
static int
acl_copyout(struct acl *kernel_acl, void *user_acl, acl_type_t type)
{
+ uint32_t am;
int error;
struct oldacl old;
@@ -162,8 +164,11 @@
break;
default:
- if (fuword32((char *)user_acl +
- offsetof(struct acl, acl_maxcnt)) != ACL_MAX_ENTRIES)
+ error = fueword32((char *)user_acl +
+ offsetof(struct acl, acl_maxcnt), &am);
+ if (error == -1)
+ return (EFAULT);
+ if (am != ACL_MAX_ENTRIES)
return (EINVAL);
error = copyout(kernel_acl, user_acl, sizeof(*kernel_acl));
@@ -327,16 +332,14 @@
sys___acl_get_file(struct thread *td, struct __acl_get_file_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|FOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -347,16 +350,14 @@
sys___acl_get_link(struct thread *td, struct __acl_get_link_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -367,16 +368,14 @@
sys___acl_set_file(struct thread *td, struct __acl_set_file_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|FOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -387,16 +386,14 @@
sys___acl_set_link(struct thread *td, struct __acl_set_link_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -407,14 +404,14 @@
sys___acl_get_fd(struct thread *td, struct __acl_get_fd_args *uap)
{
struct file *fp;
- int vfslocked, error;
+ cap_rights_t rights;
+ int error;
- error = getvnode(td->td_proc->p_fd, uap->filedes, CAP_ACL_GET, &fp);
+ error = getvnode(td->td_proc->p_fd, uap->filedes,
+ cap_rights_init(&rights, CAP_ACL_GET), &fp);
if (error == 0) {
- vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
error = vacl_get_acl(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
- VFS_UNLOCK_GIANT(vfslocked);
}
return (error);
}
@@ -426,14 +423,14 @@
sys___acl_set_fd(struct thread *td, struct __acl_set_fd_args *uap)
{
struct file *fp;
- int vfslocked, error;
+ cap_rights_t rights;
+ int error;
- error = getvnode(td->td_proc->p_fd, uap->filedes, CAP_ACL_SET, &fp);
+ error = getvnode(td->td_proc->p_fd, uap->filedes,
+ cap_rights_init(&rights, CAP_ACL_SET), &fp);
if (error == 0) {
- vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
error = vacl_set_acl(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
- VFS_UNLOCK_GIANT(vfslocked);
}
return (error);
}
@@ -445,16 +442,14 @@
sys___acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|FOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_delete(td, nd.ni_vp, uap->type);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -465,16 +460,14 @@
sys___acl_delete_link(struct thread *td, struct __acl_delete_link_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_delete(td, nd.ni_vp, uap->type);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -485,15 +478,14 @@
sys___acl_delete_fd(struct thread *td, struct __acl_delete_fd_args *uap)
{
struct file *fp;
- int vfslocked, error;
+ cap_rights_t rights;
+ int error;
- error = getvnode(td->td_proc->p_fd, uap->filedes, CAP_ACL_DELETE,
- &fp);
+ error = getvnode(td->td_proc->p_fd, uap->filedes,
+ cap_rights_init(&rights, CAP_ACL_DELETE), &fp);
if (error == 0) {
- vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
error = vacl_delete(td, fp->f_vnode, uap->type);
fdrop(fp, td);
- VFS_UNLOCK_GIANT(vfslocked);
}
return (error);
}
@@ -505,16 +497,14 @@
sys___acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|FOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -525,16 +515,14 @@
sys___acl_aclcheck_link(struct thread *td, struct __acl_aclcheck_link_args *uap)
{
struct nameidata nd;
- int vfslocked, error;
+ int error;
- NDINIT(&nd, LOOKUP, MPSAFE|NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
- vfslocked = NDHASGIANT(&nd);
if (error == 0) {
error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
- VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
@@ -545,15 +533,14 @@
sys___acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap)
{
struct file *fp;
- int vfslocked, error;
+ cap_rights_t rights;
+ int error;
- error = getvnode(td->td_proc->p_fd, uap->filedes, CAP_ACL_CHECK,
- &fp);
+ error = getvnode(td->td_proc->p_fd, uap->filedes,
+ cap_rights_init(&rights, CAP_ACL_CHECK), &fp);
if (error == 0) {
- vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
error = vacl_aclcheck(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
- VFS_UNLOCK_GIANT(vfslocked);
}
return (error);
}
@@ -564,6 +551,9 @@
struct acl *aclp;
aclp = malloc(sizeof(*aclp), M_ACL, flags);
+ if (aclp == NULL)
+ return (NULL);
+
aclp->acl_maxcnt = ACL_MAX_ENTRIES;
return (aclp);
More information about the Midnightbsd-cvs
mailing list