On 04/06/18(Mon) 14:26, Helg wrote:
> Hi Ports,
>
> I have an upcoming patch to FUSE that passes the current process tid,
> uid, gid and umask to the file system. This has highlighted a bug in the
> port where the groupmember() function in libntfs-3g/security.c assumes
> it's runing on Linux where thread information is available in /proc.
>
> This diff adds an OpenBSD specific implementation of this function.
We should refrain linking to libkvm. In this particular case you should
be able to call the KERN_PROC sysctl(2) directly.
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/sysutils/ntfs-3g/Makefile,v
> retrieving revision 1.9
> diff -u -p -r1.9 Makefile
> --- Makefile 22 Jun 2016 09:51:33 -0000 1.9
> +++ Makefile 4 Jun 2018 06:20:59 -0000
> @@ -15,7 +15,7 @@ MAINTAINER = Paul Irofti <pirofti@openbs
> # GPLv2
> PERMIT_PACKAGE_CDROM = Yes
>
> -WANTLIB += c uuid fuse
> +WANTLIB += c uuid fuse kvm
>
> MASTER_SITES = ${HOMEPAGE}/opensource/
> EXTRACT_SUFX = .tgz
> @@ -24,7 +24,7 @@ LIB_DEPENDS = sysutils/e2fsprogs
>
> CONFIGURE_STYLE = gnu
> CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \
> - LDFLAGS="-L${LOCALBASE}/lib"
> + LDFLAGS="-L${LOCALBASE}/lib -lkvm"
> CONFIGURE_ARGS = --disable-ldconfig \
> --disable-mtab \
> --enable-extras \
> Index: patches/patch-libntfs-3g_security_c
> ===================================================================
> RCS file: patches/patch-libntfs-3g_security_c
> diff -N patches/patch-libntfs-3g_security_c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-libntfs-3g_security_c 4 Jun 2018 06:20:59 -0000
> @@ -0,0 +1,78 @@
> +$OpenBSD$
> +
> +Index: libntfs-3g/security.c
> +--- libntfs-3g/security.c.orig
> ++++ libntfs-3g/security.c
> +@@ -47,6 +47,11 @@
> + #ifdef HAVE_SYS_STAT_H
> + #include <sys/stat.h>
> + #endif
> ++#ifdef __OpenBSD__
> ++#include <sys/sysctl.h>
> ++#include <kvm.h>
> ++#include <limits.h>
> ++#endif
> +
> + #include <unistd.h>
> + #include <pwd.h>
> +@@ -1228,6 +1233,60 @@ static BOOL groupmember(struct SECURITY_CONTEXT *scx,
> + close(fd);
> + }
> + }
> ++ return (ismember);
> ++}
> ++
> ++#elif defined(__OpenBSD__)
> ++
> ++static BOOL groupmember(struct SECURITY_CONTEXT *scx, uid_t uid, gid_t gid)
> ++{
> ++ kvm_t *kd;
> ++ int k;
> ++ int pcnt;
> ++ gid_t *p;
> ++ BOOL ismember;
> ++ pid_t tid;
> ++ static char errbuf[_POSIX2_LINE_MAX];
> ++ struct kinfo_proc *kp;
> ++
> ++ if (scx->vol->secure_flags & (1 << SECURITY_STATICGRPS))
> ++ ismember = staticgroupmember(scx, uid, gid);
> ++ else {
> ++ ismember = FALSE; /* default return */
> ++ tid = scx->tid;
> ++ kd = kvm_openfiles(NULL, NULL, NULL, KVM_NO_FILES, errbuf);
> ++ if (kd == NULL)
> ++ ntfs_log_error("%s\n", errbuf);
> ++ else {
> ++ kp = kvm_getprocs(kd, KERN_PROC_ALL |
> ++ KERN_PROC_SHOW_THREADS, NULL, sizeof(*kp), &pcnt);
> ++ if (kp == NULL)
> ++ ntfs_log_error("%s\n", kvm_geterr(kd));
> ++ else if (pcnt > 0) {
> ++ k = 0;
> ++ while ((kp->p_tid != tid) && (k < pcnt)) {
> ++ k++;
> ++ kp++;
> ++ }
> ++ if (k < pcnt) {
> ++ if (kp->p_gid == gid)
> ++ ismember = TRUE;
> ++ p = kp->p_groups;
> ++ k = 0;
> ++ while (!ismember
> ++ && (k < kp->p_ngroups)
> ++ && (*p != gid)) {
> ++ k++;
> ++ p++;
> ++ }
> ++ if (k < kp->p_ngroups)
> ++ ismember = TRUE;
> ++ }
> ++ }
> ++ kvm_close(kd);
> ++ }
> ++ }
> ++
> + return (ismember);
> + }
> +
>
