On Fri, Aug 03, 2018 at 06:31:00AM +0200, Sebastien Marie wrote:
> On Thu, Aug 02, 2018 at 03:42:03PM +0200, Sebastien Marie wrote:
> > On Mon, Jul 30, 2018 at 07:55:35AM -0600, Bob Beck wrote:
> > > yeah the latter will be the way to go
> > >
> >
> > new diff with direct lookup using an indirection table.
> >
>
> new (emergency) version with PLEDGE_CHOWN consideration for unveil(2).
>
> sorry for having missed it.
>
All good because you gave me inspiration, after I ran your diff.
I tied unveil to the pledge flags when I first did it because it was
convenient - I think this thig with chmod (and the awkwardness of
PLEDGE_STAT, etc. etc.) just shows that this was a decision of
convienience in the short term that is going to bite us in the long
term.
The lookup table is clever, but is frankly, voodoo :) I don't like
trying to follow the logic of what maps to what and be concerned
about what flags are where just for the sake of this, and it
makes things ugly to read.
I think I would rather add my own char to the namei structure,
and set it appropriately in the same places that pledge does. IMO
this makes looking at the source code for system calls much clearer
int the kernel - rather than trying to fathom in your head how a
combination of pledge flags will turn into unveil.
So this is a somewhat "minimal" diff tha puts the flags in
namei.h, and checks them as per your change, but rather
than using a lookup table just expressly sets them
for each system call appropriately.. it passes regress
as is.
I think after doing this I can probably go in an get rid of
the awkward PLEDGE_STAT and simplify BYPASS considerably
as well, but I will do that separately.
ok?
Index: dev/diskmap.c
===================================================================
RCS file: /cvs/src/sys/dev/diskmap.c,v
retrieving revision 1.22
diff -u -p -u -p -r1.22 diskmap.c
--- dev/diskmap.c 4 Jul 2018 12:42:30 -0000 1.22
+++ dev/diskmap.c 3 Aug 2018 02:38:26 -0000
@@ -85,6 +85,7 @@ diskmapioctl(dev_t dev, u_long cmd, cadd
NDINIT(&ndp, 0, 0, UIO_SYSSPACE, devname, p);
ndp.ni_pledge = PLEDGE_RPATH;
+ ndp.ni_unveil = UNVEIL_READ;
if ((error = vn_open(&ndp, fp0->f_flag, 0)) != 0)
goto invalid;
Index: kern/exec_elf.c
===================================================================
RCS file: /cvs/src/sys/kern/exec_elf.c,v
retrieving revision 1.145
diff -u -p -u -p -r1.145 exec_elf.c
--- kern/exec_elf.c 20 Jul 2018 21:57:26 -0000 1.145
+++ kern/exec_elf.c 3 Aug 2018 02:38:26 -0000
@@ -332,6 +332,7 @@ elf_load_file(struct proc *p, char *path
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, path, p);
nd.ni_pledge = PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = namei(&nd)) != 0) {
return (error);
}
Index: kern/kern_exec.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_exec.c,v
retrieving revision 1.200
diff -u -p -u -p -r1.200 kern_exec.c
--- kern/kern_exec.c 20 Jul 2018 21:57:26 -0000 1.200
+++ kern/kern_exec.c 3 Aug 2018 02:38:26 -0000
@@ -275,6 +275,7 @@ sys_execve(struct proc *p, void *v, regi
NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
nid.ni_pledge = PLEDGE_EXEC;
+ nid.ni_unveil = UNVEIL_EXEC;
/*
* initialize the fields of the exec package.
Index: kern/kern_ktrace.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_ktrace.c,v
retrieving revision 1.98
diff -u -p -u -p -r1.98 kern_ktrace.c
--- kern/kern_ktrace.c 20 Jun 2018 10:48:55 -0000 1.98
+++ kern/kern_ktrace.c 3 Aug 2018 02:38:26 -0000
@@ -513,6 +513,7 @@ sys_ktrace(struct proc *p, void *v, regi
cred = p->p_ucred;
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fname, p);
nd.ni_pledge = PLEDGE_CPATH | PLEDGE_WPATH;
+ nd.ni_unveil = UNVEIL_CREATE | UNVEIL_WRITE;
if ((error = vn_open(&nd, FWRITE|O_NOFOLLOW, 0)) != 0)
return error;
vp = nd.ni_vp;
Index: kern/kern_unveil.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_unveil.c,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 kern_unveil.c
--- kern/kern_unveil.c 30 Jul 2018 15:16:27 -0000 1.9
+++ kern/kern_unveil.c 4 Aug 2018 16:13:07 -0000
@@ -40,6 +40,11 @@
#define UNVEIL_MAX_VNODES 128
#define UNVEIL_MAX_NAMES 128
+#define UNVEIL_READ 0x01
+#define UNVEIL_WRITE 0x02
+#define UNVEIL_CREATE 0x04
+#define UNVEIL_EXEC 0x08
+
static inline int
unvname_compare(const struct unvname *n1, const struct unvname *n2)
{
@@ -50,7 +55,7 @@ unvname_compare(const struct unvname *n1
}
struct unvname *
-unvname_new(const char *name, size_t size, uint64_t flags)
+unvname_new(const char *name, size_t size, u_char flags)
{
struct unvname *ret = malloc(sizeof(struct unvname), M_PROC, M_WAITOK);
ret->un_name = malloc(size, M_PROC, M_WAITOK);
@@ -118,7 +123,7 @@ unveil_delete_names(struct unveil *uv)
}
void
-unveil_add_name(struct unveil *uv, char *name, uint64_t flags)
+unveil_add_name(struct unveil *uv, char *name, u_char flags)
{
struct unvname *unvn;
@@ -310,7 +315,7 @@ unveil_lookup(struct vnode *vp, struct p
}
int
-unveil_parsepermissions(const char *permissions, uint64_t *perms)
+unveil_parsepermissions(const char *permissions, u_char *perms)
{
size_t i = 0;
char c;
@@ -319,16 +324,16 @@ unveil_parsepermissions(const char *perm
while ((c = permissions[i++]) != '\0') {
switch (c) {
case 'r':
- *perms |= PLEDGE_RPATH;
+ *perms |= UNVEIL_READ;
break;
case 'w':
- *perms |= PLEDGE_WPATH;
+ *perms |= UNVEIL_WRITE;
break;
case 'x':
- *perms |= PLEDGE_EXEC;
+ *perms |= UNVEIL_EXEC;
break;
case 'c':
- *perms |= PLEDGE_CPATH;
+ *perms |= UNVEIL_CREATE;
break;
default:
return -1;
@@ -338,7 +343,7 @@ unveil_parsepermissions(const char *perm
}
int
-unveil_setflags(uint64_t *flags, uint64_t nflags)
+unveil_setflags(u_char *flags, u_char nflags)
{
#if 0
if (((~(*flags)) & nflags) != 0) {
@@ -403,7 +408,7 @@ unveil_add(struct proc *p, struct nameid
struct unveil *uv;
int directory_add;
int ret = EINVAL;
- u_int64_t flags;
+ u_char flags;
KASSERT(ISSET(ndp->ni_cnd.cn_flags, HASBUF)); /* must have SAVENAME */
@@ -530,9 +535,10 @@ unveil_add(struct proc *p, struct nameid
* XXX collapse down later once debug surely unneded
*/
int
-unveil_flagmatch(struct nameidata *ni, uint64_t flags)
+unveil_flagmatch(struct nameidata *ni, u_char flags)
{
if (flags == 0) {
+ /* XXX Fix this, you can do it better */
if (ni->ni_pledge & PLEDGE_STAT) {
#ifdef DEBUG_UNVEIL
printf("allowing stat/accesss for 0 flags");
@@ -552,32 +558,32 @@ unveil_flagmatch(struct nameidata *ni, u
CLR(ni->ni_pledge, PLEDGE_STATLIE);
return 1;
}
- if (ni->ni_pledge & PLEDGE_RPATH) {
- if ((flags & PLEDGE_RPATH) == 0) {
+ if (ni->ni_unveil & UNVEIL_READ) {
+ if ((flags & UNVEIL_READ) == 0) {
#ifdef DEBUG_UNVEIL
printf("Pledge wants read but disallowed\n");
#endif
return 0;
}
}
- if (ni->ni_pledge & PLEDGE_WPATH) {
- if ((flags & PLEDGE_WPATH) == 0) {
+ if (ni->ni_unveil & UNVEIL_WRITE) {
+ if ((flags & UNVEIL_WRITE) == 0) {
#ifdef DEBUG_UNVEIL
printf("Pledge wants write but disallowed\n");
#endif
return 0;
}
}
- if (ni->ni_pledge & PLEDGE_EXEC) {
- if ((flags & PLEDGE_EXEC) == 0) {
+ if (ni->ni_unveil & UNVEIL_EXEC) {
+ if ((flags & UNVEIL_EXEC) == 0) {
#ifdef DEBUG_UNVEIL
printf("Pledge wants exec but disallowed\n");
#endif
return 0;
}
}
- if (ni->ni_pledge & PLEDGE_CPATH) {
- if ((flags & PLEDGE_CPATH) == 0) {
+ if (ni->ni_unveil & UNVEIL_CREATE) {
+ if ((flags & UNVEIL_CREATE) == 0) {
#ifdef DEBUG_UNVEIL
printf("Pledge wants cpath but disallowed\n");
#endif
Index: kern/tty.c
===================================================================
RCS file: /cvs/src/sys/kern/tty.c,v
retrieving revision 1.141
diff -u -p -u -p -r1.141 tty.c
--- kern/tty.c 16 Jun 2018 13:55:03 -0000 1.141
+++ kern/tty.c 3 Aug 2018 02:38:26 -0000
@@ -792,6 +792,7 @@ ttioctl(struct tty *tp, u_long cmd, cadd
/* ensure user can open the real console */
NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE,
"/dev/console", p);
nid.ni_pledge = PLEDGE_RPATH | PLEDGE_WPATH;
+ nid.ni_unveil = UNVEIL_READ | UNVEIL_WRITE;
error = namei(&nid);
if (error)
return (error);
Index: kern/tty_pty.c
===================================================================
RCS file: /cvs/src/sys/kern/tty_pty.c,v
retrieving revision 1.87
diff -u -p -u -p -r1.87 tty_pty.c
--- kern/tty_pty.c 18 Jun 2018 09:15:05 -0000 1.87
+++ kern/tty_pty.c 3 Aug 2018 02:38:26 -0000
@@ -1117,6 +1117,7 @@ retry:
NDINIT(&snd, LOOKUP, NOFOLLOW|LOCKLEAF, UIO_SYSSPACE,
pti->pty_sn, p);
snd.ni_pledge = PLEDGE_RPATH | PLEDGE_WPATH;
+ snd.ni_unveil = UNVEIL_READ | UNVEIL_WRITE;
if ((error = namei(&snd)) != 0)
goto bad;
if ((snd.ni_vp->v_mount->mnt_flag & MNT_RDONLY) == 0) {
@@ -1151,6 +1152,7 @@ retry:
NDINIT(&snd, LOOKUP, NOFOLLOW|LOCKLEAF, UIO_SYSSPACE,
pti->pty_sn, p);
snd.ni_pledge = PLEDGE_RPATH | PLEDGE_WPATH;
+ snd.ni_unveil= UNVEIL_READ | UNVEIL_WRITE;
/* now open it */
if ((error = ptm_vn_open(&snd)) != 0)
goto bad;
Index: kern/vfs_syscalls.c
===================================================================
RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v
retrieving revision 1.300
diff -u -p -u -p -r1.300 vfs_syscalls.c
--- kern/vfs_syscalls.c 3 Aug 2018 02:36:11 -0000 1.300
+++ kern/vfs_syscalls.c 4 Aug 2018 15:55:25 -0000
@@ -638,6 +638,7 @@ sys_statfs(struct proc *p, void *v, regi
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_READ;
nd.ni_cnd.cn_flags |= BYPASSUNVEIL;
if ((error = namei(&nd)) != 0)
return (error);
@@ -809,6 +810,7 @@ sys_chdir(struct proc *p, void *v, regis
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = change_dir(&nd, p)) != 0)
return (error);
p->p_p->ps_uvpcwd = nd.ni_unveil_match;
@@ -992,6 +994,7 @@ doopenat(struct proc *p, int fd, const c
struct flock lf;
struct nameidata nd;
uint64_t ni_pledge = 0;
+ u_char ni_unveil = 0;
if (oflags & (O_EXLOCK | O_SHLOCK)) {
error = pledge_flock(p);
@@ -1007,18 +1010,25 @@ doopenat(struct proc *p, int fd, const c
fdpunlock(fdp);
flags = FFLAGS(oflags);
- if (flags & FREAD)
+ if (flags & FREAD) {
ni_pledge |= PLEDGE_RPATH;
- if (flags & FWRITE)
+ ni_unveil |= UNVEIL_READ;
+ }
+ if (flags & FWRITE) {
ni_pledge |= PLEDGE_WPATH;
- if (oflags & O_CREAT)
+ ni_unveil |= UNVEIL_WRITE;
+ }
+ if (oflags & O_CREAT) {
ni_pledge |= PLEDGE_CPATH;
+ ni_unveil |= UNVEIL_CREATE;
+ }
cmode = ((mode &~ fdp->fd_cmask) & ALLPERMS) &~ S_ISTXT;
if ((p->p_p->ps_flags & PS_PLEDGE))
cmode &= ACCESSPERMS;
NDINITAT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = ni_pledge;
+ nd.ni_unveil = ni_unveil;
p->p_dupfd = -1; /* XXX check for fdopen */
if ((flags & O_TRUNC) && (flags & (O_EXLOCK | O_SHLOCK))) {
localtrunc = 1;
@@ -1383,6 +1393,7 @@ domknodat(struct proc *p, int fd, const
return (EINVAL);
NDINITAT(&nd, CREATE, LOCKPARENT, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_DPATH;
+ nd.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -1519,6 +1530,7 @@ dolinkat(struct proc *p, int fd1, const
follow = (flag & AT_SYMLINK_FOLLOW) ? FOLLOW : NOFOLLOW;
NDINITAT(&nd, LOOKUP, follow, UIO_USERSPACE, fd1, path1, p);
nd.ni_pledge = PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -1530,6 +1542,7 @@ dolinkat(struct proc *p, int fd1, const
NDINITAT(&nd, CREATE, flags, UIO_USERSPACE, fd2, path2, p);
nd.ni_pledge = PLEDGE_CPATH;
+ nd.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&nd)) != 0)
goto out;
if (nd.ni_vp) {
@@ -1589,6 +1602,7 @@ dosymlinkat(struct proc *p, const char *
goto out;
NDINITAT(&nd, CREATE, LOCKPARENT, UIO_USERSPACE, fd, link, p);
nd.ni_pledge = PLEDGE_CPATH;
+ nd.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&nd)) != 0)
goto out;
if (nd.ni_vp) {
@@ -1648,6 +1662,7 @@ dounlinkat(struct proc *p, int fd, const
NDINITAT(&nd, DELETE, LOCKPARENT | LOCKLEAF, UIO_USERSPACE,
fd, path, p);
nd.ni_pledge = PLEDGE_CPATH;
+ nd.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -1795,6 +1810,7 @@ dofaccessat(struct proc *p, int fd, cons
NDINITAT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_RPATH | PLEDGE_STAT;
+ nd.ni_unveil = 0; /* XXX No flags == allow it */
if ((error = namei(&nd)) != 0)
goto out;
vp = nd.ni_vp;
@@ -1865,6 +1881,7 @@ dofstatat(struct proc *p, int fd, const
follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
NDINITAT(&nd, LOOKUP, follow | LOCKLEAF, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_RPATH | PLEDGE_STAT;
+ nd.ni_unveil = 0;
if ((error = namei(&nd)) != 0)
return (error);
error = vn_stat(nd.ni_vp, &sb, p);
@@ -1923,6 +1940,7 @@ sys_pathconf(struct proc *p, void *v, re
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = namei(&nd)) != 0)
return (error);
error = VOP_PATHCONF(nd.ni_vp, SCARG(uap, name), retval);
@@ -1972,6 +1990,7 @@ doreadlinkat(struct proc *p, int fd, con
NDINITAT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_RPATH | PLEDGE_STAT;
+ nd.ni_unveil = 0;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2035,6 +2054,7 @@ dochflagsat(struct proc *p, int fd, cons
follow = (atflags & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
NDINITAT(&nd, LOOKUP, follow, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_FATTR | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
return (dovchflags(p, nd.ni_vp, flags));
@@ -2138,6 +2158,7 @@ dofchmodat(struct proc *p, int fd, const
follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
NDINITAT(&nd, LOOKUP, follow, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_FATTR | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2237,6 +2258,7 @@ dofchownat(struct proc *p, int fd, const
follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
NDINITAT(&nd, LOOKUP, follow, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_CHOWN | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2289,6 +2311,7 @@ sys_lchown(struct proc *p, void *v, regi
NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_CHOWN | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2441,6 +2464,7 @@ doutimensat(struct proc *p, int fd, cons
follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
NDINITAT(&nd, LOOKUP, follow, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_FATTR | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2588,6 +2612,7 @@ sys_truncate(struct proc *p, void *v, re
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_FATTR | PLEDGE_RPATH;
+ nd.ni_unveil = UNVEIL_WRITE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2713,6 +2738,7 @@ dorenameat(struct proc *p, int fromfd, c
NDINITAT(&fromnd, DELETE, WANTPARENT | SAVESTART, UIO_USERSPACE,
fromfd, from, p);
fromnd.ni_pledge = PLEDGE_RPATH | PLEDGE_CPATH;
+ fromnd.ni_unveil = UNVEIL_READ | UNVEIL_WRITE;
if ((error = namei(&fromnd)) != 0)
return (error);
fvp = fromnd.ni_vp;
@@ -2726,6 +2752,7 @@ dorenameat(struct proc *p, int fromfd, c
NDINITAT(&tond, RENAME, flags, UIO_USERSPACE, tofd, to, p);
tond.ni_pledge = PLEDGE_CPATH;
+ tond.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&tond)) != 0) {
VOP_ABORTOP(fromnd.ni_dvp, &fromnd.ni_cnd);
vrele(fromnd.ni_dvp);
@@ -2819,6 +2846,7 @@ domkdirat(struct proc *p, int fd, const
NDINITAT(&nd, CREATE, LOCKPARENT | STRIPSLASHES, UIO_USERSPACE,
fd, path, p);
nd.ni_pledge = PLEDGE_CPATH;
+ nd.ni_unveil = UNVEIL_CREATE;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
@@ -2945,6 +2973,7 @@ sys_revoke(struct proc *p, void *v, regi
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
nd.ni_pledge = PLEDGE_RPATH | PLEDGE_TTY;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
Index: sys/namei.h
===================================================================
RCS file: /cvs/src/sys/sys/namei.h,v
retrieving revision 1.35
diff -u -p -u -p -r1.35 namei.h
--- sys/namei.h 13 Jul 2018 09:25:23 -0000 1.35
+++ sys/namei.h 4 Aug 2018 15:53:12 -0000
@@ -59,6 +59,7 @@ struct nameidata {
struct vnode *ni_startdir; /* starting directory */
struct vnode *ni_rootdir; /* logical root directory */
uint64_t ni_pledge; /* expected pledge for namei */
+ u_char ni_unveil; /* required unveil flags for namei */
/*
* Results: returned from/manipulated by lookup
*/
@@ -250,4 +251,11 @@ struct nchstats {
{ "ncs_dothits", CTLTYPE_QUAD }, \
{ "nch_dotdothits", CTLTYPE_QUAD }, \
}
+
+/* Unveil flags for namei */
+#define UNVEIL_READ 0x01
+#define UNVEIL_WRITE 0x02
+#define UNVEIL_CREATE 0x04
+#define UNVEIL_EXEC 0x08
+
#endif /* !_SYS_NAMEI_H_ */
Index: sys/proc.h
===================================================================
RCS file: /cvs/src/sys/sys/proc.h,v
retrieving revision 1.254
diff -u -p -u -p -r1.254 proc.h
--- sys/proc.h 28 Jul 2018 18:07:26 -0000 1.254
+++ sys/proc.h 3 Aug 2018 02:38:26 -0000
@@ -130,7 +130,7 @@ struct tusage {
struct unvname {
char *un_name;
size_t un_namesize;
- uint64_t un_flags;
+ u_char un_flags;
RBT_ENTRY(unvnmae) un_rbt;
};
@@ -424,7 +424,7 @@ struct unveil {
struct vnode *uv_vp;
struct unvname_rbt uv_names;
struct rwlock uv_lock;
- u_int64_t uv_flags;
+ u_char uv_flags;
};
struct uidinfo {
