Dariusz Sendkowski wrote: > Yes, it does. > > I extracted 'unveilcommands' function from doas.c and put it into a > standalone program to run it. > It turned out the result was the same as in doas command. When I disable > unveil, then it works fine.
This diff should fix the problem. Index: kern_unveil.c =================================================================== RCS file: /cvs/src/sys/kern/kern_unveil.c,v retrieving revision 1.22 diff -u -p -r1.22 kern_unveil.c --- kern_unveil.c 17 Jan 2019 03:26:19 -0000 1.22 +++ kern_unveil.c 21 Jan 2019 01:31:23 -0000 @@ -630,8 +630,6 @@ unveil_add(struct proc *p, struct nameid done: if (ret == 0) unveil_add_traversed_vnodes(p, ndp); - unveil_free_traversed_vnodes(ndp); - pool_put(&namei_pool, ndp->ni_cnd.cn_pnbuf); return ret; } Index: vfs_syscalls.c =================================================================== RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v retrieving revision 1.310 diff -u -p -r1.310 vfs_syscalls.c --- vfs_syscalls.c 3 Jan 2019 21:52:31 -0000 1.310 +++ vfs_syscalls.c 21 Jan 2019 01:29:38 -0000 @@ -92,6 +92,7 @@ int dofutimens(struct proc *, int, struc int dounmount_leaf(struct mount *, int, struct proc *); int unveil_add(struct proc *, struct nameidata *, const char *); void unveil_removevnode(struct vnode *vp); +void unveil_free_traversed_vnodes(struct nameidata *); ssize_t unveil_find_cover(struct vnode *, struct proc *); struct unveil *unveil_lookup(struct vnode *, struct proc *, ssize_t *); @@ -948,6 +949,8 @@ sys_unveil(struct proc *p, void *v, regi vrele(nd.ni_vp); if (nd.ni_dvp && nd.ni_dvp != nd.ni_vp) vrele(nd.ni_dvp); + unveil_free_traversed_vnodes(&nd); + pool_put(&namei_pool, nd.ni_cnd.cn_pnbuf); return (error); }