Page MenuHomeFreeBSD
Differential D19096

Fix renameat(2) for CAPABILITIES kernels.
ClosedPublic
Actions

Authored by kib on Feb 7 2019, 3:53 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Nov 16, 4:18 AM
Unknown Object (File)
Fri, Nov 15, 8:21 PM
Unknown Object (File)
Mon, Nov 11, 5:14 PM
Unknown Object (File)
Mon, Nov 11, 4:45 PM
Unknown Object (File)
Mon, Nov 11, 12:07 PM
Unknown Object (File)
Mon, Nov 11, 9:06 AM
Unknown Object (File)
Sun, Nov 10, 2:14 PM
Unknown Object (File)
Sun, Nov 10, 8:45 AM
View All 66 Files
Subscribers
imp
ngie

Details

Reviewers
jilles
emaste
mjg
ngie
Commits
rS343891: Fix renameat(2) for CAPABILITIES kernels.
Summary

When renameat(2) is used with:

  • absolute path for to;
  • tofd not set to AT_FDCWD
  • the target exists

kern_renameat() requires CAP_UNLINK capability on tofd, but corresponding namei ni_filecap is not initialized at all because the lookup is absolute. As result the check was done against empty filecap and syscall fails erronously.

Fix it by creating a return flags namei member and reporting if the lookup was absolute, then do not touch to.ni_filecaps at all.

PR: 222258
MFC note: this breaks struct namei layout. Do we want the merge ?

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Feb 7 2019, 3:53 AM
Herald added a subscriber: imp. · View Herald TranscriptFeb 7 2019, 3:53 AM
Harbormaster completed remote builds in B22370: Diff 53638.Feb 7 2019, 3:53 AM
emaste added a subscriber: ngie.Feb 7 2019, 4:07 AM
jilles accepted this revision.Feb 7 2019, 9:23 PM
This revision is now accepted and ready to land.Feb 7 2019, 9:23 PM
ngie added a comment.Feb 8 2019, 12:54 AM

Thanks so much!

@emaste: MFC note: this breaks struct namei layout. Do we want the merge ?

Should this field be at the end of the struct to avoid breaking ABI?

ngie accepted this revision.Feb 8 2019, 12:55 AM
kib added a comment.Feb 8 2019, 4:17 AM
In D19096#408759, @ngie wrote:

Thanks so much!

@emaste: MFC note: this breaks struct namei layout. Do we want the merge ?

Should this field be at the end of the struct to avoid breaking ABI?

Moving the new field around would not preserve the KBI. struct namei is typically allocated by the callers on stack.

Still, we do have the tradition of breaking VFS KBI between x.0 and x.1, so I do not see why 12.0 should be an exempt.

Closed by commit rS343891: Fix renameat(2) for CAPABILITIES kernels. (authored by kib). · Explain WhyFeb 8 2019, 4:18 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
2 lines
4 lines
sys/
9 lines

Diff 53678

View Options

head/sys/kern/vfs_lookup.c

Loading...
View Options

head/sys/kern/vfs_syscalls.c

Loading...
View Options

head/sys/sys/namei.h

Loading...