ソースを参照

HBSD: Security checks and tmpfs extattr insertion lock

We need to ensure that only those who can perform the extended attribute
routines have proper permission to do so. Additionally, lock the node on
extended attribute insertion.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
hardened/current/safestack
Shawn Webb 3ヶ月前
コミット
fe220f3218
1個のファイルの変更25行の追加6行の削除
  1. +25
    -6
      sys/fs/tmpfs/tmpfs_vnops.c

+ 25
- 6
sys/fs/tmpfs/tmpfs_vnops.c ファイルの表示

@@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/dirent.h>
#include <sys/extattr.h>
#include <sys/fcntl.h>
#include <sys/limits.h>
#include <sys/lockf.h>
@@ -1630,6 +1631,9 @@ tmpfs_node_has_extattr(struct tmpfs_node *node, int attrnamespace,
{
struct tmpfs_extattr_list_entry *entry, *tentry;

entry = NULL;

TMPFS_NODE_LOCK(node);
LIST_FOREACH_SAFE(entry, &(node->tn_reg.tn_extattr_list),
tele_entries, tentry) {
if (attrnamespace != entry->tele_attrnamespace) {
@@ -1637,11 +1641,12 @@ tmpfs_node_has_extattr(struct tmpfs_node *node, int attrnamespace,
}

if (!strcmp(name, entry->tele_attrname)) {
return (entry);
break;
}
}
TMPFS_NODE_UNLOCK(node);

return (NULL);
return (entry);
}

static int
@@ -1661,12 +1666,15 @@ tmpfs_extattr_get(struct vnode *vp, int attrnamespace, const char *name,
size_t len;
int error;

error = 0;

if (vp->v_type != VREG) {
return (EOPNOTSUPP);
}

error = extattr_check_cred(vp, attrnamespace, cred, td, VREAD);
if (error) {
return (error);
}

node = VP_TO_TMPFS_NODE(vp);

attr = tmpfs_node_has_extattr(node, attrnamespace, name);
@@ -1703,11 +1711,17 @@ tmpfs_extattr_set(struct vnode *vp, int attrnamespace, const char *name,
struct tmpfs_extattr_list_entry *attr;
struct tmpfs_node *node;
size_t sz;
int error;

if (vp->v_type != VREG) {
return (EOPNOTSUPP);
}

error = extattr_check_cred(vp, attrnamespace, cred, td, VWRITE);
if (error) {
return (error);
}

if (uio->uio_resid > TMPFS_EXTATTR_MAXVALUESIZE) {
return (EINVAL);
}
@@ -1735,8 +1749,10 @@ tmpfs_extattr_set(struct vnode *vp, int attrnamespace, const char *name,

uiomove(attr->tele_value, sz, uio);

TMPFS_NODE_LOCK(node);
LIST_INSERT_HEAD(&(node->tn_reg.tn_extattr_list),
attr, tele_entries);
TMPFS_NODE_UNLOCK(node);
}

return (0);
@@ -1760,12 +1776,15 @@ tmpfs_extattr_list(struct vnode *vp, int attrnamespace, struct uio *uio,
uint8_t namelen8;
int error;

error = 0;

if (vp->v_type != VREG) {
return (EOPNOTSUPP);
}

error = extattr_check_cred(vp, attrnamespace, cred, td, VREAD);
if (error) {
return (error);
}

node = VP_TO_TMPFS_NODE(vp);

if (size) {


読み込み中…
キャンセル
保存