aboutsummaryrefslogtreecommitdiff
path: root/sys/sys/vnode.h
diff options
context:
space:
mode:
authorKyle Evans <kevans@FreeBSD.org>2020-02-02 16:34:57 +0000
committerKyle Evans <kevans@FreeBSD.org>2020-02-02 16:34:57 +0000
commit6a5abb1ee5351d36de3b8589f8bf23fd2dfbb6da (patch)
treedb300f6040643046bb920b04cfb37a8576cec10d /sys/sys/vnode.h
parentc887ac83245115c57c0b8df29ce5048122a88418 (diff)
downloadsrc-6a5abb1ee5351d36de3b8589f8bf23fd2dfbb6da.tar.gz
src-6a5abb1ee5351d36de3b8589f8bf23fd2dfbb6da.zip
Provide O_SEARCH
O_SEARCH is defined by POSIX [0] to open a directory for searching, skipping permissions checks on the directory itself after the initial open(). This is close to the semantics we've historically applied for O_EXEC on a directory, which is UB according to POSIX. Conveniently, O_SEARCH on a file is also explicitly undefined behavior according to POSIX, so O_EXEC would be a fine choice. The spec goes on to state that O_SEARCH and O_EXEC need not be distinct values, but they're not defined to be the same value. This was pointed out as an incompatibility with other systems that had made its way into libarchive, which had assumed that O_EXEC was an alias for O_SEARCH. This defines compatibility O_SEARCH/FSEARCH (equivalent to O_EXEC and FEXEC respectively) and expands our UB for O_EXEC on a directory. O_EXEC on a directory is checked in vn_open_vnode already, so for completeness we add a NOEXECCHECK when O_SEARCH has been specified on the top-level fd and do not re-check that when descending in namei. [0] https://pubs.opengroup.org/onlinepubs/9699919799/ Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D23247
Notes
Notes: svn path=/head/; revision=357412
Diffstat (limited to 'sys/sys/vnode.h')
-rw-r--r--sys/sys/vnode.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/sys/vnode.h b/sys/sys/vnode.h
index 809427d00d15..19c4930263db 100644
--- a/sys/sys/vnode.h
+++ b/sys/sys/vnode.h
@@ -953,6 +953,8 @@ int vn_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
void vn_fsid(struct vnode *vp, struct vattr *va);
+int vn_dir_check_exec(struct vnode *vp, struct componentname *cnp);
+
#define VOP_UNLOCK_FLAGS(vp, flags) ({ \
struct vnode *_vp = (vp); \
int _flags = (flags); \