system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-03 07:04:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

vfs: Permit unix sockets to be opened with O_PATH

Browse source 
As with FIFOs, a path descriptor for a unix socket cannot be used with
kevent().

In principle connectat(2) and bindat(2) could be modified to support an
AT_EMPTY_PATH-like mode which operates on the socket referenced by an
O_PATH fd referencing a unix socket.  That would eliminate the path
length limit imposed by sockaddr_un.

Update O_PATH tests.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation

(cherry picked from commit 2bd9826995)
This commit is contained in:
Mark Johnston 2021-09-17 12:34:21 -04:00
parent 9b918d1761
commit 54a01b5326
2 changed files with 32 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
sys/kern/vfs_vnops.c
View file

@ -393,13 +393,13 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred,
if ((fmode & O_PATH) == 0 || (fmode & FEXEC) != 0)
return (EMLINK);
}
if (vp->v_type == VSOCK)
return (EOPNOTSUPP);
if (vp->v_type != VDIR && fmode & O_DIRECTORY)
return (ENOTDIR);
accmode = 0;
if ((fmode & O_PATH) == 0) {
if (vp->v_type == VSOCK)
return (EOPNOTSUPP);
if ((fmode & (FWRITE | O_TRUNC)) != 0) {
if (vp->v_type == VDIR)
return (EISDIR);
@ -431,11 +431,8 @@ vn_open_vnode(struct vnode *vp, int fmode, struct ucred *cred,
return (error);
}
if ((fmode & O_PATH) != 0) {
if (vp->v_type == VFIFO)
error = EPIPE;
else
error = VOP_ACCESS(vp, VREAD, cred, td);
if (error == 0)
if (vp->v_type != VFIFO && vp->v_type != VSOCK &&
VOP_ACCESS(vp, VREAD, cred, td) == 0)
fp->f_flag |= FKQALLOWED;
return (0);
}

32
tests/sys/file/path_test.c
View file

@ -845,13 +845,15 @@ ATF_TC_BODY(path_rights, tc)
CHECKED_CLOSE(sd[1]);
}
/* Verify that a local socket can't be opened with O_PATH. */
/* Verify that a local socket can be opened with O_PATH. */
ATF_TC_WITHOUT_HEAD(path_unix);
ATF_TC_BODY(path_unix, tc)
{
char path[PATH_MAX];
char buf[BUFSIZ], path[PATH_MAX];
struct kevent ev;
struct sockaddr_un sun;
int pathfd, sd;
struct stat sb;
int kq, pathfd, sd;
snprintf(path, sizeof(path), "path_unix.XXXXXX");
ATF_REQUIRE_MSG(mktemp(path) == path, FMT_ERR("mktemp"));
@ -866,9 +868,31 @@ ATF_TC_BODY(path_unix, tc)
FMT_ERR("bind"));
pathfd = open(path, O_PATH);
ATF_REQUIRE_ERRNO(EOPNOTSUPP, pathfd < 0);
ATF_REQUIRE_MSG(pathfd >= 0, FMT_ERR("open"));
ATF_REQUIRE_MSG(fstatat(pathfd, "", &sb, AT_EMPTY_PATH) == 0,
FMT_ERR("fstatat"));
ATF_REQUIRE_MSG(sb.st_mode & S_IFSOCK, "socket mode %#x", sb.st_mode);
ATF_REQUIRE_MSG(sb.st_ino != 0, "socket has inode number 0");
memset(buf, 0, sizeof(buf));
ATF_REQUIRE_ERRNO(EBADF, write(pathfd, buf, sizeof(buf)));
ATF_REQUIRE_ERRNO(EBADF, read(pathfd, buf, sizeof(buf)));
/* kevent() is disallowed with sockets. */
kq = kqueue();
ATF_REQUIRE_MSG(kq >= 0, FMT_ERR("kqueue"));
EV_SET(&ev, pathfd, EVFILT_READ, EV_ADD | EV_ENABLE, 0, 0, 0);
ATF_REQUIRE_ERRNO(EBADF, kevent(kq, &ev, 1, NULL, 0, NULL) == -1);
/* Should not be able to open a socket without O_PATH. */
ATF_REQUIRE_ERRNO(EOPNOTSUPP, openat(pathfd, "", O_EMPTY_PATH) == -1);
ATF_REQUIRE_MSG(funlinkat(AT_FDCWD, path, pathfd, 0) == 0,
FMT_ERR("funlinkat"));
CHECKED_CLOSE(sd);
CHECKED_CLOSE(pathfd);
}
ATF_TP_ADD_TCS(tp)