Re: vfs_syscalls / fhstatfs / suser()

From: Pawel Jakub Dawidek (pjd_at_FreeBSD.org)
Date: 06/07/04

  • Next message: Alexander Leidinger: "Re: Project Evil & ACX100-based cards (D-Link DWL-520+)" 
    Date: Mon, 7 Jun 2004 13:45:05 +0200
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>

    On Sun, Jun 06, 2004 at 07:38:14PM +0000, Bjoern A. Zeeb wrote:
    +> Hi,
    +>
    +> if I am not wrong the part removed by the atatched diff is not
    +> needed because at the very beginning of the function there is a
    +>
    +> error = suser(td);
    +> if (error)
    +> return (error);
    +>
    +> so a second check should never become true again (if threads cannot be
    +> move in and out of jails).
    +>
    +> please correct me if I am wrong.
    +>
    +>
    +> --- ./vfs_syscalls.c.orig Sun Jun 6 19:32:23 2004
    +> +++ ./vfs_syscalls.c Sun Jun 6 19:33:12 2004
    +> @@ -4128,11 +4128,6 @@ fhstatfs(td, uap)
    +> sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
    +> if ((error = VFS_STATFS(mp, sp, td)) != 0)
    +> return (error);
    +> - if (suser(td)) {
    +> - bcopy(sp, &sb, sizeof(sb));
    +> - sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
    +> - sp = &sb;
    +> - }
    +> return (copyout(sp, uap->buf, sizeof(*sp)));
    +> }

    I'm not sure what the intention was, but I think we should probably
    change first suser() to suser_cred(td->td_ucred, PRISON_ROOT) as leave
    second one.

    PS. I'm CCing this to alfred@ who bring it from NetBSD. 

    -- 
Pawel Jakub Dawidek                       http://www.FreeBSD.org
pjd@FreeBSD.org                           http://garage.freebsd.pl
FreeBSD committer                         Am I Evil? Yes, I Am!

  • Next message: Alexander Leidinger: "Re: Project Evil & ACX100-based cards (D-Link DWL-520+)"