diff options
| author | Brent Paulson <Brent.Paulson@Oracle.COM> | 2010-06-24 22:54:18 +0100 |
|---|---|---|
| committer | Brent Paulson <Brent.Paulson@Oracle.COM> | 2010-06-24 22:54:18 +0100 |
| commit | c4d3e299d9d0295322679b4d484560411b6822d5 (patch) | |
| tree | 59fb086579ad33b76a413cafcd1e0d005fead40d /usr/src/uts/common/syscall/open.c | |
| parent | 13cc0a0b8d667c14344b4ff49cc47350cd9ef182 (diff) | |
| download | illumos-joyent-c4d3e299d9d0295322679b4d484560411b6822d5.tar.gz | |
6949768 fsattr(5) auditing can incorrectly record some open(2) paths as extended attribute paths
6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later
6951840 openat(2) doesn't ignore the fd argument when path argument is absolute
6952651 pathnames can be excluded from audit records for extended attribute syscalls in some scenarios
6958299 getattrat(3C) and setattrat(3C) generate audit records with duplicate pathnames
6959020 auditing of getattrat(3C) and setattrat(3C) doesn't handle absolute pathnames correctly
Diffstat (limited to 'usr/src/uts/common/syscall/open.c')
| -rw-r--r-- | usr/src/uts/common/syscall/open.c | 60 |
1 files changed, 34 insertions, 26 deletions
diff --git a/usr/src/uts/common/syscall/open.c b/usr/src/uts/common/syscall/open.c index 695cda863c..154c1a6953 100644 --- a/usr/src/uts/common/syscall/open.c +++ b/usr/src/uts/common/syscall/open.c @@ -67,6 +67,7 @@ copen(int startfd, char *fname, int filemode, int createmode) uio_seg_t seg = UIO_USERSPACE; char *open_filename = fname; uint32_t auditing = AU_AUDITING(); + char startchar; if (startfd == AT_FDCWD) { /* @@ -77,8 +78,6 @@ copen(int startfd, char *fname, int filemode, int createmode) /* * We're here via openat() */ - char startchar; - if (copyin(fname, &startchar, sizeof (char))) return (set_errno(EFAULT)); @@ -97,19 +96,17 @@ copen(int startfd, char *fname, int filemode, int createmode) } /* - * Handle openattrdirat request + * Handle __openattrdirat() requests */ if (filemode & FXATTRDIROPEN) { - if (auditing) + if (auditing && (startvp != NULL)) audit_setfsat_path(1); if (error = lookupnameat(fname, seg, FOLLOW, NULLVPP, &vp, startvp)) return (set_errno(error)); - if (startvp) { + if (startvp != NULL) VN_RELE(startvp); - startvp = NULL; - } startvp = vp; } @@ -117,35 +114,46 @@ copen(int startfd, char *fname, int filemode, int createmode) /* * Do we need to go into extended attribute space? */ - if (filemode & (FXATTR|FXATTRDIROPEN)) { - vattr_t vattr; + if (filemode & FXATTR) { + if (startfd == AT_FDCWD) { + if (copyin(fname, &startchar, sizeof (char))) + return (set_errno(EFAULT)); + + /* + * If startchar == '/' then no extended attributes + * are looked up. + */ + if (startchar == '/') { + startvp = NULL; + } else { + mutex_enter(&p->p_lock); + startvp = PTOU(p)->u_cdir; + VN_HOLD(startvp); + mutex_exit(&p->p_lock); + } + } /* - * Make sure we have a valid request. - * We must either have a real fd or AT_FDCWD + * Make sure we have a valid extended attribute request. + * We must either have a real fd or AT_FDCWD and a relative + * pathname. */ - - if (startfd != AT_FDCWD && startvp == NULL) { - error = EINVAL; - goto out; + if (startvp == NULL) { + goto noxattr; } + } + + if (filemode & (FXATTR|FXATTRDIROPEN)) { + vattr_t vattr; if (error = pn_get(fname, UIO_USERSPACE, &pn)) { goto out; } - if (startfd == AT_FDCWD && !(filemode & FXATTRDIROPEN)) { - mutex_enter(&p->p_lock); - startvp = PTOU(p)->u_cdir; - VN_HOLD(startvp); - mutex_exit(&p->p_lock); - } - /* * In order to access hidden attribute directory the * user must be able to stat() the file */ - vattr.va_mask = AT_ALL; if (error = VOP_GETATTR(startvp, &vattr, 0, CRED(), NULL)) { pn_free(&pn); @@ -163,7 +171,7 @@ copen(int startfd, char *fname, int filemode, int createmode) } /* - * For openattrdirat use "." as filename to open + * For __openattrdirat() use "." as filename to open * as part of vn_openat() */ if (error == 0 && (filemode & FXATTRDIROPEN)) { @@ -179,18 +187,18 @@ copen(int startfd, char *fname, int filemode, int createmode) startvp = sdvp; } +noxattr: if ((filemode & (FREAD|FWRITE|FXATTRDIROPEN)) != 0) { if ((filemode & (FNONBLOCK|FNDELAY)) == (FNONBLOCK|FNDELAY)) filemode &= ~FNDELAY; error = falloc((vnode_t *)NULL, filemode, &fp, &fd); if (error == 0) { - if (auditing) + if (auditing && (startvp != NULL)) audit_setfsat_path(1); /* * Last arg is a don't-care term if * !(filemode & FCREAT). */ - error = vn_openat(open_filename, seg, filemode, (int)(createmode & MODEMASK), &vp, CRCREAT, PTOU(curproc)->u_cmask, |