Author: jhb Date: Sat Aug 3 01:02:52 2019 New Revision: 350549 URL: https://svnweb.freebsd.org/changeset/base/350549
Log: Set ISOPEN in namei flags when opening executable interpreters. These vnodes are explicitly opened via VOP_OPEN via exec_check_permissions identical to the main exectuable image. Setting ISOPEN allows filesystems to perform suitable checks in VOP_LOOKUP (e.g. close-to-open consistency in the NFS client). Reviewed by: kib MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D21129 Modified: head/sys/kern/imgact_elf.c head/sys/kern/kern_exec.c Modified: head/sys/kern/imgact_elf.c ============================================================================== --- head/sys/kern/imgact_elf.c Fri Aug 2 22:58:45 2019 (r350548) +++ head/sys/kern/imgact_elf.c Sat Aug 3 01:02:52 2019 (r350549) @@ -748,8 +748,8 @@ __elfN(load_file)(struct proc *p, const char *file, u_ imgp->object = NULL; imgp->execlabel = NULL; - NDINIT(nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF, UIO_SYSSPACE, file, - curthread); + NDINIT(nd, LOOKUP, ISOPEN | FOLLOW | LOCKSHARED | LOCKLEAF, + UIO_SYSSPACE, file, curthread); if ((error = namei(nd)) != 0) { nd->ni_vp = NULL; goto fail; Modified: head/sys/kern/kern_exec.c ============================================================================== --- head/sys/kern/kern_exec.c Fri Aug 2 22:58:45 2019 (r350548) +++ head/sys/kern/kern_exec.c Sat Aug 3 01:02:52 2019 (r350549) @@ -639,7 +639,7 @@ interpret: free(imgp->freepath, M_TEMP); imgp->freepath = NULL; /* set new name to that of the interpreter */ - NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW | SAVENAME, + NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | FOLLOW | SAVENAME, UIO_SYSSPACE, imgp->interpreter_name, td); args->fname = imgp->interpreter_name; goto interpret; _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
