/*
* Duplicate the current processes' credentials. Since we are called only
* as the result of a SET ioctl and only root can do that, any future access
* to this "disk" is essentially as root. Note that credentials may change
* if some other uid can write directly to the mapped file (NFS).
*/
static int
vndsetcred(struct vnd_softc *vnd, kauth_cred_t cred)
{
struct uio auio;
struct iovec aiov;
char *tmpbuf;
int error;
vnd->sc_cred = kauth_cred_dup(cred);
tmpbuf = malloc(DEV_BSIZE, M_TEMP, M_WAITOK);
/* XXX: Horrible kludge to establish credentials for NFS */
aiov.iov_base = tmpbuf;
aiov.iov_len = min(DEV_BSIZE, dbtob(vnd->sc_size));
auio.uio_iov = &aiov;
auio.uio_iovcnt = 1;
auio.uio_offset = 0;
auio.uio_rw = UIO_READ;
auio.uio_resid = aiov.iov_len;
UIO_SETUP_SYSSPACE(&auio);
vn_lock(vnd->sc_vp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_READ(vnd->sc_vp, &auio, 0, vnd->sc_cred);
if (error == 0) {
/*
* Because vnd does all IO directly through the vnode
* we need to flush (at least) the buffer from the above
* VOP_READ from the buffer cache to prevent cache
* incoherencies. Also, be careful to write dirty
* buffers back to stable storage.
*/
error = vinvalbuf(vnd->sc_vp, V_SAVE, vnd->sc_cred,
curlwp, 0, 0);
}
VOP_UNLOCK(vnd->sc_vp);
free(tmpbuf, M_TEMP);
return error;
}
int
do_sys_accept(struct lwp *l, int sock, struct mbuf **name,
register_t *new_sock, const sigset_t *mask, int flags, int clrflags)
{
file_t *fp, *fp2;
struct mbuf *nam;
int error, fd;
struct socket *so, *so2;
short wakeup_state = 0;
if ((fp = fd_getfile(sock)) == NULL)
return EBADF;
if (fp->f_type != DTYPE_SOCKET) {
fd_putfile(sock);
return ENOTSOCK;
}
if ((error = fd_allocfile(&fp2, &fd)) != 0) {
fd_putfile(sock);
return error;
}
nam = m_get(M_WAIT, MT_SONAME);
*new_sock = fd;
so = fp->f_socket;
solock(so);
if (__predict_false(mask))
sigsuspendsetup(l, mask);
if (!(so->so_proto->pr_flags & PR_LISTEN)) {
error = EOPNOTSUPP;
goto bad;
}
if ((so->so_options & SO_ACCEPTCONN) == 0) {
error = EINVAL;
goto bad;
}
if ((so->so_state & SS_NBIO) && so->so_qlen == 0) {
error = EWOULDBLOCK;
goto bad;
}
while (so->so_qlen == 0 && so->so_error == 0) {
if (so->so_state & SS_CANTRCVMORE) {
so->so_error = ECONNABORTED;
break;
}
if (wakeup_state & SS_RESTARTSYS) {
error = ERESTART;
goto bad;
}
error = sowait(so, true, 0);
if (error) {
goto bad;
}
wakeup_state = so->so_state;
}
if (so->so_error) {
error = so->so_error;
so->so_error = 0;
goto bad;
}
/* connection has been removed from the listen queue */
KNOTE(&so->so_rcv.sb_sel.sel_klist, NOTE_SUBMIT);
so2 = TAILQ_FIRST(&so->so_q);
if (soqremque(so2, 1) == 0)
panic("accept");
fp2->f_type = DTYPE_SOCKET;
fp2->f_flag = (fp->f_flag & ~clrflags) |
((flags & SOCK_NONBLOCK) ? FNONBLOCK : 0)|
((flags & SOCK_NOSIGPIPE) ? FNOSIGPIPE : 0);
fp2->f_ops = &socketops;
fp2->f_socket = so2;
if (fp2->f_flag & FNONBLOCK)
so2->so_state |= SS_NBIO;
else
so2->so_state &= ~SS_NBIO;
error = soaccept(so2, nam);
so2->so_cred = kauth_cred_dup(so->so_cred);
sounlock(so);
if (error) {
/* an error occurred, free the file descriptor and mbuf */
m_freem(nam);
mutex_enter(&fp2->f_lock);
fp2->f_count++;
mutex_exit(&fp2->f_lock);
closef(fp2);
fd_abort(curproc, NULL, fd);
} else {
fd_set_exclose(l, fd, (flags & SOCK_CLOEXEC) != 0);
fd_affix(curproc, fp2, fd);
*name = nam;
}
fd_putfile(sock);
if (__predict_false(mask))
sigsuspendteardown(l);
return error;
bad:
sounlock(so);
m_freem(nam);
fd_putfile(sock);
fd_abort(curproc, fp2, fd);
if (__predict_false(mask))
sigsuspendteardown(l);
return error;
}
/*
* This is the 08-June-1999 bypass routine.
* See layer_vnops.c:layer_bypass for more details.
*/
int
umap_bypass(void *v)
{
struct vop_generic_args /* {
struct vnodeop_desc *a_desc;
<other random data follows, presumably>
} */ *ap = v;
int (**our_vnodeop_p)(void *);
kauth_cred_t *credpp = NULL, credp = 0;
kauth_cred_t savecredp = 0, savecompcredp = 0;
kauth_cred_t compcredp = 0;
struct vnode **this_vp_p;
int error;
struct vnode *old_vps[VDESC_MAX_VPS], *vp0;
struct vnode **vps_p[VDESC_MAX_VPS];
struct vnode ***vppp;
struct vnodeop_desc *descp = ap->a_desc;
int reles, i, flags;
struct componentname **compnamepp = 0;
#ifdef DIAGNOSTIC
/*
* We require at least one vp.
*/
if (descp->vdesc_vp_offsets == NULL ||
descp->vdesc_vp_offsets[0] == VDESC_NO_OFFSET)
panic("%s: no vp's in map.\n", __func__);
#endif
vps_p[0] =
VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[0], ap);
vp0 = *vps_p[0];
flags = MOUNTTOUMAPMOUNT(vp0->v_mount)->umapm_flags;
our_vnodeop_p = vp0->v_op;
if (flags & LAYERFS_MBYPASSDEBUG)
printf("%s: %s\n", __func__, descp->vdesc_name);
/*
* Map the vnodes going in.
* Later, we'll invoke the operation based on
* the first mapped vnode's operation vector.
*/
reles = descp->vdesc_flags;
for (i = 0; i < VDESC_MAX_VPS; reles >>= 1, i++) {
if (descp->vdesc_vp_offsets[i] == VDESC_NO_OFFSET)
break; /* bail out at end of list */
vps_p[i] = this_vp_p =
VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[i],
ap);
/*
* We're not guaranteed that any but the first vnode
* are of our type. Check for and don't map any
* that aren't. (We must always map first vp or vclean fails.)
*/
if (i && (*this_vp_p == NULL ||
(*this_vp_p)->v_op != our_vnodeop_p)) {
old_vps[i] = NULL;
} else {
old_vps[i] = *this_vp_p;
*(vps_p[i]) = UMAPVPTOLOWERVP(*this_vp_p);
/*
* XXX - Several operations have the side effect
* of vrele'ing their vp's. We must account for
* that. (This should go away in the future.)
*/
if (reles & VDESC_VP0_WILLRELE)
vref(*this_vp_p);
}
}
/*
* Fix the credentials. (That's the purpose of this layer.)
*/
if (descp->vdesc_cred_offset != VDESC_NO_OFFSET) {
credpp = VOPARG_OFFSETTO(kauth_cred_t*,
descp->vdesc_cred_offset, ap);
/* Save old values */
savecredp = *credpp;
if (savecredp != NOCRED && savecredp != FSCRED)
*credpp = kauth_cred_dup(savecredp);
credp = *credpp;
if ((flags & LAYERFS_MBYPASSDEBUG) &&
kauth_cred_geteuid(credp) != 0)
printf("umap_bypass: user was %d, group %d\n",
kauth_cred_geteuid(credp), kauth_cred_getegid(credp));
/* Map all ids in the credential structure. */
umap_mapids(vp0->v_mount, credp);
if ((flags & LAYERFS_MBYPASSDEBUG) &&
kauth_cred_geteuid(credp) != 0)
printf("umap_bypass: user now %d, group %d\n",
kauth_cred_geteuid(credp), kauth_cred_getegid(credp));
}
