mirror of
https://github.com/SerenityOS/serenity.git
synced 2025-01-22 17:31:58 -05:00
Kernel: Ignore dirfd if absolute path is given in VFS-related syscalls
To be able to do this, we add a new class called CustodyBase, which can be resolved on-demand internally in the VirtualFileSystem resolving path code. When being resolved, CustodyBase will return a known custody if it was constructed with such, if that's not the case it will provide the root custody if the original path is absolute. Lastly, if that's not the case as well, it will resolve the given dirfd to provide a Custody object.
This commit is contained in:
Liav A.
Tim Schumacher
parent
1e4a78ee04
commit
ecc9c5409d
23 changed files with 157 additions and 71 deletions
|
|
@ -135,6 +135,7 @@ set(KERNEL_SOURCES
|
|||
FileSystem/AnonymousFile.cpp
|
||||
FileSystem/BlockBasedFileSystem.cpp
|
||||
FileSystem/Custody.cpp
|
||||
FileSystem/CustodyBase.cpp
|
||||
FileSystem/DevLoopFS/FileSystem.cpp
|
||||
FileSystem/DevLoopFS/Inode.cpp
|
||||
FileSystem/DevPtsFS/FileSystem.cpp
|
||||
|
|
|
|||
23
Kernel/FileSystem/CustodyBase.cpp
Normal file
23
Kernel/FileSystem/CustodyBase.cpp
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
/*
|
||||
* Copyright (c) 2024, Liav A. <liavalb@hotmail.co.il>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#include <Kernel/FileSystem/CustodyBase.h>
|
||||
#include <Kernel/FileSystem/VirtualFileSystem.h>
|
||||
#include <Kernel/Library/KLexicalPath.h>
|
||||
#include <Kernel/Tasks/Process.h>
|
||||
|
||||
namespace Kernel {
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> CustodyBase::resolve() const
|
||||
{
|
||||
if (m_base)
|
||||
return *m_base;
|
||||
if (KLexicalPath::is_absolute(m_path))
|
||||
return VirtualFileSystem::the().root_custody();
|
||||
return Process::current().custody_for_dirfd({}, m_dirfd);
|
||||
}
|
||||
|
||||
}
|
||||
47
Kernel/FileSystem/CustodyBase.h
Normal file
47
Kernel/FileSystem/CustodyBase.h
Normal file
|
|
@ -0,0 +1,47 @@
|
|||
/*
|
||||
* Copyright (c) 2024, Liav A. <liavalb@hotmail.co.il>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include <AK/Error.h>
|
||||
#include <AK/RefPtr.h>
|
||||
#include <AK/StringView.h>
|
||||
#include <Kernel/FileSystem/Custody.h>
|
||||
|
||||
namespace Kernel {
|
||||
|
||||
class CustodyBase {
|
||||
public:
|
||||
CustodyBase(int dirfd, StringView path)
|
||||
: m_path(path)
|
||||
, m_dirfd(dirfd)
|
||||
{
|
||||
}
|
||||
|
||||
CustodyBase(NonnullRefPtr<Custody> base)
|
||||
: m_base(base)
|
||||
{
|
||||
}
|
||||
|
||||
CustodyBase(Custody& base)
|
||||
: m_base(base)
|
||||
{
|
||||
}
|
||||
|
||||
CustodyBase(Custody const& base)
|
||||
: m_base(base)
|
||||
{
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve() const;
|
||||
|
||||
private:
|
||||
RefPtr<Custody> const m_base;
|
||||
StringView m_path;
|
||||
int m_dirfd { -1 };
|
||||
};
|
||||
|
||||
}
|
||||
|
|
@ -52,7 +52,7 @@ void Inode::sync()
|
|||
}
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> Inode::resolve_as_link(Credentials const& credentials, Custody& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level) const
|
||||
ErrorOr<NonnullRefPtr<Custody>> Inode::resolve_as_link(Credentials const& credentials, CustodyBase const& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level) const
|
||||
{
|
||||
// The default implementation simply treats the stored
|
||||
// contents as a path and resolves that. That is, it
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
#include <AK/Function.h>
|
||||
#include <AK/HashTable.h>
|
||||
#include <AK/IntrusiveList.h>
|
||||
#include <Kernel/FileSystem/CustodyBase.h>
|
||||
#include <Kernel/FileSystem/FIFO.h>
|
||||
#include <Kernel/FileSystem/FileSystem.h>
|
||||
#include <Kernel/FileSystem/InodeIdentifier.h>
|
||||
|
|
@ -72,7 +73,7 @@ public:
|
|||
virtual ErrorOr<void> chmod(mode_t) = 0;
|
||||
virtual ErrorOr<void> chown(UserID, GroupID) = 0;
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_as_link(Credentials const&, Custody& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level) const;
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_as_link(Credentials const&, CustodyBase const& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level) const;
|
||||
|
||||
virtual ErrorOr<int> get_block_address(int) { return ENOTSUP; }
|
||||
|
||||
|
|
|
|||
|
|
@ -418,7 +418,7 @@ ErrorOr<void> VirtualFileSystem::traverse_directory_inode(Inode& dir_inode, Func
|
|||
});
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::utime(Credentials const& credentials, StringView path, Custody& base, time_t atime, time_t mtime)
|
||||
ErrorOr<void> VirtualFileSystem::utime(Credentials const& credentials, StringView path, CustodyBase const& base, time_t atime, time_t mtime)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base));
|
||||
auto& inode = custody->inode();
|
||||
|
|
@ -431,7 +431,7 @@ ErrorOr<void> VirtualFileSystem::utime(Credentials const& credentials, StringVie
|
|||
return {};
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::utimensat(Credentials const& credentials, StringView path, Custody& base, timespec const& atime, timespec const& mtime, int options)
|
||||
ErrorOr<void> VirtualFileSystem::utimensat(Credentials const& credentials, StringView path, CustodyBase const& base, timespec const& atime, timespec const& mtime, int options)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base, nullptr, options));
|
||||
return do_utimens(credentials, custody, atime, mtime);
|
||||
|
|
@ -454,18 +454,18 @@ ErrorOr<void> VirtualFileSystem::do_utimens(Credentials const& credentials, Cust
|
|||
return {};
|
||||
}
|
||||
|
||||
ErrorOr<InodeMetadata> VirtualFileSystem::lookup_metadata(Credentials const& credentials, StringView path, Custody& base, int options)
|
||||
ErrorOr<InodeMetadata> VirtualFileSystem::lookup_metadata(Credentials const& credentials, StringView path, CustodyBase const& base, int options)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base, nullptr, options));
|
||||
return custody->inode().metadata();
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::open(Credentials const& credentials, StringView path, int options, mode_t mode, Custody& base, Optional<UidAndGid> owner)
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::open(Credentials const& credentials, StringView path, int options, mode_t mode, CustodyBase const& base, Optional<UidAndGid> owner)
|
||||
{
|
||||
return open(Process::current(), credentials, path, options, mode, base, owner);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::open(Process const& process, Credentials const& credentials, StringView path, int options, mode_t mode, Custody& base, Optional<UidAndGid> owner)
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::open(Process const& process, Credentials const& credentials, StringView path, int options, mode_t mode, CustodyBase const& base, Optional<UidAndGid> owner)
|
||||
{
|
||||
if ((options & O_CREAT) && (options & O_DIRECTORY))
|
||||
return EINVAL;
|
||||
|
|
@ -555,7 +555,7 @@ ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::open(Process cons
|
|||
return description;
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::mknod(Credentials const& credentials, StringView path, mode_t mode, dev_t dev, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::mknod(Credentials const& credentials, StringView path, mode_t mode, dev_t dev, CustodyBase const& base)
|
||||
{
|
||||
if (!is_regular_file(mode) && !is_block_device(mode) && !is_character_device(mode) && !is_fifo(mode) && !is_socket(mode))
|
||||
return EINVAL;
|
||||
|
|
@ -618,7 +618,7 @@ ErrorOr<NonnullRefPtr<OpenFileDescription>> VirtualFileSystem::create(Process co
|
|||
return description;
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringView path, mode_t mode, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringView path, mode_t mode, CustodyBase const& base)
|
||||
{
|
||||
// Unlike in basically every other case, where it's only the last
|
||||
// path component (the one being created) that is allowed not to
|
||||
|
|
@ -633,7 +633,8 @@ ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringVie
|
|||
RefPtr<Custody> parent_custody;
|
||||
// FIXME: The errors returned by resolve_path_without_veil can leak information about paths that are not unveiled,
|
||||
// e.g. when the error is EACCESS or similar.
|
||||
auto result = resolve_path_without_veil(credentials, path, base, &parent_custody);
|
||||
auto base_custody = TRY(base.resolve());
|
||||
auto result = resolve_path_without_veil(credentials, path, base_custody, &parent_custody);
|
||||
if (!result.is_error())
|
||||
return EEXIST;
|
||||
else if (!parent_custody)
|
||||
|
|
@ -654,7 +655,7 @@ ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringVie
|
|||
return {};
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, Custody& base, AccessFlags access_flags)
|
||||
ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, CustodyBase const& base, AccessFlags access_flags)
|
||||
{
|
||||
auto should_follow_symlinks = !has_flag(access_flags, AccessFlags::DoNotFollowSymlinks);
|
||||
auto custody = TRY(resolve_path(credentials, path, base, nullptr, should_follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
|
|
@ -679,7 +680,7 @@ ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringVi
|
|||
return {};
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::open_directory(Credentials const& credentials, StringView path, Custody& base)
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::open_directory(Credentials const& credentials, StringView path, CustodyBase const& base)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base));
|
||||
auto& inode = custody->inode();
|
||||
|
|
@ -704,13 +705,13 @@ ErrorOr<void> VirtualFileSystem::chmod(Credentials const& credentials, Custody&
|
|||
return inode.chmod(mode);
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::chmod(Credentials const& credentials, StringView path, mode_t mode, Custody& base, int options)
|
||||
ErrorOr<void> VirtualFileSystem::chmod(Credentials const& credentials, StringView path, mode_t mode, CustodyBase const& base, int options)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base, nullptr, options));
|
||||
return chmod(credentials, custody, mode);
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::rename(Credentials const& credentials, Custody& old_base, StringView old_path, Custody& new_base, StringView new_path)
|
||||
ErrorOr<void> VirtualFileSystem::rename(Credentials const& credentials, CustodyBase const& old_base, StringView old_path, CustodyBase const& new_base, StringView new_path)
|
||||
{
|
||||
RefPtr<Custody> old_parent_custody;
|
||||
auto old_custody = TRY(resolve_path(credentials, old_path, old_base, &old_parent_custody, O_NOFOLLOW_NOERROR));
|
||||
|
|
@ -844,7 +845,7 @@ ErrorOr<void> VirtualFileSystem::chown(Credentials const& credentials, Custody&
|
|||
return inode.chown(new_uid, new_gid);
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::chown(Credentials const& credentials, StringView path, UserID a_uid, GroupID a_gid, Custody& base, int options)
|
||||
ErrorOr<void> VirtualFileSystem::chown(Credentials const& credentials, StringView path, UserID a_uid, GroupID a_gid, CustodyBase const& base, int options)
|
||||
{
|
||||
auto custody = TRY(resolve_path(credentials, path, base, nullptr, options));
|
||||
return chown(credentials, custody, a_uid, a_gid);
|
||||
|
|
@ -867,7 +868,7 @@ static bool hard_link_allowed(Credentials const& credentials, Inode const& inode
|
|||
return false;
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::link(Credentials const& credentials, StringView old_path, StringView new_path, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::link(Credentials const& credentials, StringView old_path, StringView new_path, CustodyBase const& base)
|
||||
{
|
||||
// NOTE: To prevent unveil bypass by creating an hardlink after unveiling a path as read-only,
|
||||
// check that if write permission is allowed by the veil info on the old_path.
|
||||
|
|
@ -902,7 +903,7 @@ ErrorOr<void> VirtualFileSystem::link(Credentials const& credentials, StringView
|
|||
return parent_inode.add_child(old_inode, KLexicalPath::basename(new_path), old_inode.mode());
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::unlink(Credentials const& credentials, StringView path, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::unlink(Credentials const& credentials, StringView path, CustodyBase const& base)
|
||||
{
|
||||
RefPtr<Custody> parent_custody;
|
||||
auto custody = TRY(resolve_path(credentials, path, base, &parent_custody, O_WRONLY | O_NOFOLLOW_NOERROR | O_UNLINK_INTERNAL));
|
||||
|
|
@ -931,10 +932,11 @@ ErrorOr<void> VirtualFileSystem::unlink(Credentials const& credentials, StringVi
|
|||
return parent_inode.remove_child(KLexicalPath::basename(path));
|
||||
}
|
||||
|
||||
ErrorOr<void> VirtualFileSystem::symlink(Credentials const& credentials, StringView target, StringView linkpath, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::symlink(Credentials const& credentials, StringView target, StringView linkpath, CustodyBase const& base)
|
||||
{
|
||||
auto base_custody = TRY(base.resolve());
|
||||
// NOTE: Check that the actual target (if it exists right now) is unveiled and prevent creating symlinks on veiled paths!
|
||||
if (auto target_custody_or_error = resolve_path_without_veil(credentials, target, base, nullptr, O_RDWR, 0); !target_custody_or_error.is_error()) {
|
||||
if (auto target_custody_or_error = resolve_path_without_veil(credentials, target, base_custody, nullptr, O_RDWR, 0); !target_custody_or_error.is_error()) {
|
||||
auto target_custody = target_custody_or_error.release_value();
|
||||
TRY(validate_path_against_process_veil(*target_custody, O_RDWR));
|
||||
}
|
||||
|
|
@ -971,7 +973,7 @@ ErrorOr<void> VirtualFileSystem::symlink(Credentials const& credentials, StringV
|
|||
}
|
||||
|
||||
// https://pubs.opengroup.org/onlinepubs/9699919799/functions/rmdir.html
|
||||
ErrorOr<void> VirtualFileSystem::rmdir(Credentials const& credentials, StringView path, Custody& base)
|
||||
ErrorOr<void> VirtualFileSystem::rmdir(Credentials const& credentials, StringView path, CustodyBase const& base)
|
||||
{
|
||||
RefPtr<Custody> parent_custody;
|
||||
auto custody = TRY(resolve_path(credentials, path, base, &parent_custody, O_CREAT));
|
||||
|
|
@ -1151,16 +1153,17 @@ ErrorOr<void> VirtualFileSystem::validate_path_against_process_veil(StringView p
|
|||
return validate_path_against_process_veil(Process::current(), path, options);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::resolve_path(Credentials const& credentials, StringView path, NonnullRefPtr<Custody> base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level)
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::resolve_path(Credentials const& credentials, StringView path, CustodyBase const& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level)
|
||||
{
|
||||
return resolve_path(Process::current(), credentials, path, base, out_parent, options, symlink_recursion_level);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::resolve_path(Process const& process, Credentials const& credentials, StringView path, NonnullRefPtr<Custody> base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level)
|
||||
ErrorOr<NonnullRefPtr<Custody>> VirtualFileSystem::resolve_path(Process const& process, Credentials const& credentials, StringView path, CustodyBase const& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level)
|
||||
{
|
||||
auto base_custody = TRY(base.resolve());
|
||||
// FIXME: The errors returned by resolve_path_without_veil can leak information about paths that are not unveiled,
|
||||
// e.g. when the error is EACCESS or similar.
|
||||
auto custody = TRY(resolve_path_without_veil(credentials, path, base, out_parent, options, symlink_recursion_level));
|
||||
auto custody = TRY(resolve_path_without_veil(credentials, path, base_custody, out_parent, options, symlink_recursion_level));
|
||||
if (auto result = validate_path_against_process_veil(process, *custody, options); result.is_error()) {
|
||||
if (out_parent)
|
||||
out_parent->clear();
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@
|
|||
#include <AK/HashMap.h>
|
||||
#include <AK/OwnPtr.h>
|
||||
#include <AK/RefPtr.h>
|
||||
#include <Kernel/FileSystem/CustodyBase.h>
|
||||
#include <Kernel/FileSystem/FileBackedFileSystem.h>
|
||||
#include <Kernel/FileSystem/FileSystem.h>
|
||||
#include <Kernel/FileSystem/Initializer.h>
|
||||
|
|
@ -64,27 +65,27 @@ public:
|
|||
ErrorOr<void> unmount(Custody& mount_point);
|
||||
ErrorOr<void> unmount(Inode& guest_inode, StringView custody_path);
|
||||
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> open(Credentials const&, StringView path, int options, mode_t mode, Custody& base, Optional<UidAndGid> = {});
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> open(Process const&, Credentials const&, StringView path, int options, mode_t mode, Custody& base, Optional<UidAndGid> = {});
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> open(Credentials const&, StringView path, int options, mode_t mode, CustodyBase const& base, Optional<UidAndGid> = {});
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> open(Process const&, Credentials const&, StringView path, int options, mode_t mode, CustodyBase const& base, Optional<UidAndGid> = {});
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> create(Credentials const&, StringView path, int options, mode_t mode, Custody& parent_custody, Optional<UidAndGid> = {});
|
||||
ErrorOr<NonnullRefPtr<OpenFileDescription>> create(Process const&, Credentials const&, StringView path, int options, mode_t mode, Custody& parent_custody, Optional<UidAndGid> = {});
|
||||
ErrorOr<void> mkdir(Credentials const&, StringView path, mode_t mode, Custody& base);
|
||||
ErrorOr<void> link(Credentials const&, StringView old_path, StringView new_path, Custody& base);
|
||||
ErrorOr<void> unlink(Credentials const&, StringView path, Custody& base);
|
||||
ErrorOr<void> symlink(Credentials const&, StringView target, StringView linkpath, Custody& base);
|
||||
ErrorOr<void> rmdir(Credentials const&, StringView path, Custody& base);
|
||||
ErrorOr<void> chmod(Credentials const&, StringView path, mode_t, Custody& base, int options = 0);
|
||||
ErrorOr<void> mkdir(Credentials const&, StringView path, mode_t mode, CustodyBase const& base);
|
||||
ErrorOr<void> link(Credentials const&, StringView old_path, StringView new_path, CustodyBase const& base);
|
||||
ErrorOr<void> unlink(Credentials const&, StringView path, CustodyBase const& base);
|
||||
ErrorOr<void> symlink(Credentials const&, StringView target, StringView linkpath, CustodyBase const& base);
|
||||
ErrorOr<void> rmdir(Credentials const&, StringView path, CustodyBase const& base);
|
||||
ErrorOr<void> chmod(Credentials const&, StringView path, mode_t, CustodyBase const& base, int options = 0);
|
||||
ErrorOr<void> chmod(Credentials const&, Custody&, mode_t);
|
||||
ErrorOr<void> chown(Credentials const&, StringView path, UserID, GroupID, Custody& base, int options);
|
||||
ErrorOr<void> chown(Credentials const&, StringView path, UserID, GroupID, CustodyBase const& base, int options);
|
||||
ErrorOr<void> chown(Credentials const&, Custody&, UserID, GroupID);
|
||||
ErrorOr<void> access(Credentials const&, StringView path, int mode, Custody& base, AccessFlags);
|
||||
ErrorOr<InodeMetadata> lookup_metadata(Credentials const&, StringView path, Custody& base, int options = 0);
|
||||
ErrorOr<void> utime(Credentials const&, StringView path, Custody& base, time_t atime, time_t mtime);
|
||||
ErrorOr<void> utimensat(Credentials const&, StringView path, Custody& base, timespec const& atime, timespec const& mtime, int options = 0);
|
||||
ErrorOr<void> access(Credentials const&, StringView path, int mode, CustodyBase const& base, AccessFlags);
|
||||
ErrorOr<InodeMetadata> lookup_metadata(Credentials const&, StringView path, CustodyBase const& base, int options = 0);
|
||||
ErrorOr<void> utime(Credentials const&, StringView path, CustodyBase const& base, time_t atime, time_t mtime);
|
||||
ErrorOr<void> utimensat(Credentials const&, StringView path, CustodyBase const& base, timespec const& atime, timespec const& mtime, int options = 0);
|
||||
ErrorOr<void> do_utimens(Credentials const& credentials, Custody& custody, timespec const& atime, timespec const& mtime);
|
||||
ErrorOr<void> rename(Credentials const&, Custody& old_base, StringView oldpath, Custody& new_base, StringView newpath);
|
||||
ErrorOr<void> mknod(Credentials const&, StringView path, mode_t, dev_t, Custody& base);
|
||||
ErrorOr<NonnullRefPtr<Custody>> open_directory(Credentials const&, StringView path, Custody& base);
|
||||
ErrorOr<void> rename(Credentials const&, CustodyBase const& old_base, StringView oldpath, CustodyBase const& new_base, StringView newpath);
|
||||
ErrorOr<void> mknod(Credentials const&, StringView path, mode_t, dev_t, CustodyBase const& base);
|
||||
ErrorOr<NonnullRefPtr<Custody>> open_directory(Credentials const&, StringView path, CustodyBase const& base);
|
||||
|
||||
ErrorOr<void> for_each_mount(Function<ErrorOr<void>(Mount const&)>) const;
|
||||
|
||||
|
|
@ -94,8 +95,8 @@ public:
|
|||
static void sync();
|
||||
|
||||
NonnullRefPtr<Custody> root_custody();
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_path(Credentials const&, StringView path, NonnullRefPtr<Custody> base, RefPtr<Custody>* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0);
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_path(Process const&, Credentials const&, StringView path, NonnullRefPtr<Custody> base, RefPtr<Custody>* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0);
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_path(Credentials const&, StringView path, CustodyBase const& base, RefPtr<Custody>* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0);
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_path(Process const&, Credentials const&, StringView path, CustodyBase const& base, RefPtr<Custody>* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0);
|
||||
ErrorOr<NonnullRefPtr<Custody>> resolve_path_without_veil(Credentials const&, StringView path, NonnullRefPtr<Custody> base, RefPtr<Custody>* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0);
|
||||
|
||||
private:
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ class BlockDevice;
|
|||
class CharacterDevice;
|
||||
class Coredump;
|
||||
class Credentials;
|
||||
class CustodyBase;
|
||||
class Custody;
|
||||
class Device;
|
||||
class DeviceControlDevice;
|
||||
|
|
|
|||
|
|
@ -16,10 +16,8 @@ ErrorOr<FlatPtr> Process::sys$chdir(Userspace<char const*> user_path, size_t pat
|
|||
VERIFY_NO_PROCESS_BIG_LOCK(this);
|
||||
TRY(require_promise(Pledge::rpath));
|
||||
auto path = TRY(get_syscall_path_argument(user_path, path_length));
|
||||
auto current_directory = m_current_directory.with([](auto& current_directory) -> NonnullRefPtr<Custody> {
|
||||
return *current_directory;
|
||||
});
|
||||
RefPtr<Custody> new_directory = TRY(VirtualFileSystem::the().open_directory(credentials(), path->view(), *current_directory));
|
||||
|
||||
RefPtr<Custody> new_directory = TRY(VirtualFileSystem::the().open_directory(credentials(), path->view(), current_directory()));
|
||||
m_current_directory.with([&](auto& current_directory) {
|
||||
// NOTE: We use swap() here to avoid manipulating the ref counts while holding the lock.
|
||||
swap(current_directory, new_directory);
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ ErrorOr<FlatPtr> Process::sys$chmod(Userspace<Syscall::SC_chmod_params const*> u
|
|||
TRY(require_promise(Pledge::fattr));
|
||||
auto params = TRY(copy_typed_from_user(user_params));
|
||||
auto path = TRY(get_syscall_path_argument(params.path));
|
||||
auto base = TRY(custody_for_dirfd(params.dirfd));
|
||||
TRY(VirtualFileSystem::the().chmod(credentials(), path->view(), params.mode, *base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
CustodyBase base(params.dirfd, path->view());
|
||||
TRY(VirtualFileSystem::the().chmod(credentials(), path->view(), params.mode, base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,8 +27,8 @@ ErrorOr<FlatPtr> Process::sys$chown(Userspace<Syscall::SC_chown_params const*> u
|
|||
TRY(require_promise(Pledge::chown));
|
||||
auto params = TRY(copy_typed_from_user(user_params));
|
||||
auto path = TRY(get_syscall_path_argument(params.path));
|
||||
auto base = TRY(custody_for_dirfd(params.dirfd));
|
||||
TRY(VirtualFileSystem::the().chown(credentials(), path->view(), params.uid, params.gid, *base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
CustodyBase base(params.dirfd, path->view());
|
||||
TRY(VirtualFileSystem::the().chown(credentials(), path->view(), params.uid, params.gid, base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,8 @@ ErrorOr<FlatPtr> Process::sys$faccessat(Userspace<Syscall::SC_faccessat_params c
|
|||
if (params.flags & AT_EACCESS)
|
||||
flags |= AccessFlags::EffectiveAccess;
|
||||
|
||||
TRY(VirtualFileSystem::the().access(credentials(), pathname->view(), params.mode, TRY(custody_for_dirfd(params.dirfd)), flags));
|
||||
CustodyBase base(params.dirfd, pathname->view());
|
||||
TRY(VirtualFileSystem::the().access(credentials(), pathname->view(), params.mode, base, flags));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ ErrorOr<FlatPtr> Process::sys$link(Userspace<Syscall::SC_link_params const*> use
|
|||
auto params = TRY(copy_typed_from_user(user_params));
|
||||
auto old_path = TRY(try_copy_kstring_from_user(params.old_path));
|
||||
auto new_path = TRY(try_copy_kstring_from_user(params.new_path));
|
||||
|
||||
TRY(VirtualFileSystem::the().link(credentials(), old_path->view(), new_path->view(), current_directory()));
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -29,7 +30,8 @@ ErrorOr<FlatPtr> Process::sys$symlink(Userspace<Syscall::SC_symlink_params const
|
|||
|
||||
auto target = TRY(get_syscall_path_argument(params.target));
|
||||
auto linkpath = TRY(get_syscall_path_argument(params.linkpath));
|
||||
TRY(VirtualFileSystem::the().symlink(credentials(), target->view(), linkpath->view(), TRY(custody_for_dirfd(params.dirfd))));
|
||||
CustodyBase base(params.dirfd, target->view());
|
||||
TRY(VirtualFileSystem::the().symlink(credentials(), target->view(), linkpath->view(), base));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,9 @@ ErrorOr<FlatPtr> Process::sys$mkdir(int dirfd, Userspace<char const*> user_path,
|
|||
VERIFY_NO_PROCESS_BIG_LOCK(this);
|
||||
TRY(require_promise(Pledge::cpath));
|
||||
auto path = TRY(get_syscall_path_argument(user_path, path_length));
|
||||
TRY(VirtualFileSystem::the().mkdir(credentials(), path->view(), mode & ~umask(), TRY(custody_for_dirfd(dirfd))));
|
||||
|
||||
CustodyBase base(dirfd, path->view());
|
||||
TRY(VirtualFileSystem::the().mkdir(credentials(), path->view(), mode & ~umask(), base));
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,7 +20,9 @@ ErrorOr<FlatPtr> Process::sys$mknod(Userspace<Syscall::SC_mknod_params const*> u
|
|||
if (!credentials->is_superuser() && !is_regular_file(params.mode) && !is_fifo(params.mode) && !is_socket(params.mode))
|
||||
return EPERM;
|
||||
auto path = TRY(get_syscall_path_argument(params.path));
|
||||
TRY(VirtualFileSystem::the().mknod(credentials, path->view(), params.mode & ~umask(), params.dev, TRY(custody_for_dirfd(params.dirfd))));
|
||||
|
||||
CustodyBase base(params.dirfd, path->view());
|
||||
TRY(VirtualFileSystem::the().mknod(credentials, path->view(), params.mode & ~umask(), params.dev, base));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -55,8 +55,8 @@ ErrorOr<FlatPtr> Process::open_impl(Userspace<Syscall::SC_open_params const*> us
|
|||
dbgln_if(IO_DEBUG, "sys$open(dirfd={}, path='{}', options={}, mode={})", dirfd, path->view(), options, mode);
|
||||
|
||||
auto fd_allocation = TRY(allocate_fd());
|
||||
auto base = TRY(custody_for_dirfd(dirfd));
|
||||
auto description = TRY(VirtualFileSystem::the().open(credentials(), path->view(), options, mode & ~umask(), *base));
|
||||
CustodyBase base(dirfd, path->view());
|
||||
auto description = TRY(VirtualFileSystem::the().open(credentials(), path->view(), options, mode & ~umask(), base));
|
||||
|
||||
if (description->inode() && description->inode()->bound_socket())
|
||||
return ENXIO;
|
||||
|
|
|
|||
|
|
@ -17,7 +17,9 @@ ErrorOr<FlatPtr> Process::sys$rename(Userspace<Syscall::SC_rename_params const*>
|
|||
auto params = TRY(copy_typed_from_user(user_params));
|
||||
auto old_path = TRY(get_syscall_path_argument(params.old_path));
|
||||
auto new_path = TRY(get_syscall_path_argument(params.new_path));
|
||||
TRY(VirtualFileSystem::the().rename(credentials(), TRY(custody_for_dirfd(params.olddirfd)), old_path->view(), TRY(custody_for_dirfd(params.newdirfd)), new_path->view()));
|
||||
CustodyBase old_base(params.olddirfd, old_path->view());
|
||||
CustodyBase new_base(params.newdirfd, new_path->view());
|
||||
TRY(VirtualFileSystem::the().rename(credentials(), old_base, old_path->view(), new_base, new_path->view()));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,8 +28,9 @@ ErrorOr<FlatPtr> Process::sys$stat(Userspace<Syscall::SC_stat_params const*> use
|
|||
auto params = TRY(copy_typed_from_user(user_params));
|
||||
|
||||
auto path = TRY(get_syscall_path_argument(params.path));
|
||||
auto base = TRY(custody_for_dirfd(params.dirfd));
|
||||
auto metadata = TRY(VirtualFileSystem::the().lookup_metadata(credentials(), path->view(), *base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
|
||||
CustodyBase base(params.dirfd, path->view());
|
||||
auto metadata = TRY(VirtualFileSystem::the().lookup_metadata(credentials(), path->view(), base, params.follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
|
||||
auto statbuf = TRY(metadata.stat());
|
||||
TRY(copy_to_user(params.statbuf, &statbuf));
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -19,12 +19,12 @@ ErrorOr<FlatPtr> Process::sys$unlink(int dirfd, Userspace<char const*> user_path
|
|||
if (flags & ~AT_REMOVEDIR)
|
||||
return Error::from_errno(EINVAL);
|
||||
|
||||
auto base = TRY(custody_for_dirfd(dirfd));
|
||||
CustodyBase base(dirfd, path->view());
|
||||
|
||||
if (flags & AT_REMOVEDIR)
|
||||
TRY(VirtualFileSystem::the().rmdir(credentials(), path->view(), *base));
|
||||
TRY(VirtualFileSystem::the().rmdir(credentials(), path->view(), base));
|
||||
else
|
||||
TRY(VirtualFileSystem::the().unlink(credentials(), path->view(), *base));
|
||||
TRY(VirtualFileSystem::the().unlink(credentials(), path->view(), base));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -69,18 +69,12 @@ ErrorOr<FlatPtr> Process::sys$utimensat(Userspace<Syscall::SC_utimensat_params c
|
|||
times[1] = now;
|
||||
}
|
||||
|
||||
auto resolve_base = [&](StringView path) -> ErrorOr<NonnullRefPtr<Custody>> {
|
||||
if (!path.is_empty() && path[0] == '/')
|
||||
return VirtualFileSystem::the().root_custody();
|
||||
else
|
||||
return custody_for_dirfd(params.dirfd);
|
||||
};
|
||||
|
||||
auto path = TRY(get_syscall_path_argument(params.path));
|
||||
auto base = TRY(resolve_base(path->view()));
|
||||
auto& atime = times[0];
|
||||
auto& mtime = times[1];
|
||||
TRY(VirtualFileSystem::the().utimensat(credentials(), path->view(), *base, atime, mtime, follow_symlink));
|
||||
|
||||
CustodyBase base(params.dirfd, path->view());
|
||||
TRY(VirtualFileSystem::the().utimensat(credentials(), path->view(), base, atime, mtime, follow_symlink));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ ErrorOr<NonnullRefPtr<OpenFileDescription>> Coredump::try_create_target_file(Pro
|
|||
KLexicalPath::basename(output_path),
|
||||
O_CREAT | O_WRONLY | O_EXCL,
|
||||
S_IFREG, // We will enable reading from userspace when we finish generating the coredump file
|
||||
*dump_directory,
|
||||
dump_directory,
|
||||
UidAndGid { process_credentials->uid(), process_credentials->gid() }));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1195,6 +1195,11 @@ RefPtr<Custody const> Process::executable() const
|
|||
return m_executable.with([](auto& executable) { return executable; });
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> Process::custody_for_dirfd(Badge<CustodyBase>, int dirfd)
|
||||
{
|
||||
return custody_for_dirfd(dirfd);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> Process::custody_for_dirfd(int dirfd)
|
||||
{
|
||||
if (dirfd == AT_FDCWD)
|
||||
|
|
|
|||
|
|
@ -919,6 +919,8 @@ public:
|
|||
return m_fds.with_exclusive([](auto& fds) { return fds.allocate(); });
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Custody>> custody_for_dirfd(Badge<CustodyBase>, int dirfd);
|
||||
|
||||
private:
|
||||
ErrorOr<NonnullRefPtr<Custody>> custody_for_dirfd(int dirfd);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue