aboutsummaryrefslogtreecommitdiff
path: root/sys/cddl/compat/opensolaris
diff options
context:
space:
mode:
authorKonstantin Belousov <kib@FreeBSD.org>2009-06-21 13:41:32 +0000
committerKonstantin Belousov <kib@FreeBSD.org>2009-06-21 13:41:32 +0000
commite0c161b89c868d8917efdc1af877ef50da7b8c0d (patch)
tree548a61c5fc4bd14c03a515783550b0e6868c9c0b /sys/cddl/compat/opensolaris
parentc61860f8a69d4b724b33c08e09a870076da4cace (diff)
downloadsrc-e0c161b89c868d8917efdc1af877ef50da7b8c0d.tar.gz
src-e0c161b89c868d8917efdc1af877ef50da7b8c0d.zip
Add another flags argument to vn_open_cred. Use it to specify that some
vn_open_cred invocations shall not audit namei path. In particular, specify VN_OPEN_NOAUDIT for dotdot lookup performed by default implementation of vop_vptocnp, and for the open done for core file. vn_fullpath is called from the audit code, and vn_open there need to disable audit to avoid infinite recursion. Core file is created on return to user mode, that, in particular, happens during syscall return. The creation of the core file is audited by direct calls, and we do not want to overwrite audit information for syscall. Reported, reviewed and tested by: rwatson
Notes
Notes: svn path=/head/; revision=194586
Diffstat (limited to 'sys/cddl/compat/opensolaris')
-rw-r--r--sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c3
-rw-r--r--sys/cddl/compat/opensolaris/sys/vnode.h2
2 files changed, 3 insertions, 2 deletions
diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c b/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c
index 21b2f233e0d9..328bba117f7f 100644
--- a/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c
+++ b/sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c
@@ -85,7 +85,8 @@ kobj_open_file_vnode(const char *file)
flags = FREAD;
NDINIT(&nd, LOOKUP, MPSAFE, UIO_SYSSPACE, file, td);
- error = vn_open_cred(&nd, &flags, O_NOFOLLOW, curthread->td_ucred, NULL);
+ error = vn_open_cred(&nd, &flags, O_NOFOLLOW, 0, curthread->td_ucred,
+ NULL);
NDFREE(&nd, NDF_ONLY_PNBUF);
if (error != 0)
return (NULL);
diff --git a/sys/cddl/compat/opensolaris/sys/vnode.h b/sys/cddl/compat/opensolaris/sys/vnode.h
index 44741d2250bb..bf11e674ea67 100644
--- a/sys/cddl/compat/opensolaris/sys/vnode.h
+++ b/sys/cddl/compat/opensolaris/sys/vnode.h
@@ -182,7 +182,7 @@ vn_openat(char *pnamep, enum uio_seg seg, int filemode, int createmode,
vref(startvp);
NDINIT_ATVP(&nd, operation, MPSAFE, UIO_SYSSPACE, pnamep, startvp, td);
filemode |= O_NOFOLLOW;
- error = vn_open_cred(&nd, &filemode, createmode, td->td_ucred, NULL);
+ error = vn_open_cred(&nd, &filemode, createmode, 0, td->td_ucred, NULL);
NDFREE(&nd, NDF_ONLY_PNBUF);
if (error == 0) {
/* We just unlock so we hold a reference. */