-/* $OpenBSD: kern_unveil.c,v 1.8 2018/07/30 00:34:57 deraadt Exp $ */
+/* $OpenBSD: kern_unveil.c,v 1.9 2018/07/30 15:16:27 deraadt Exp $ */
/*
* Copyright (c) 2017-2018 Bob Beck <beck@openbsd.org>
}
int
-unveil_parseflags(const char *cflags, uint64_t *flags)
+unveil_parsepermissions(const char *permissions, uint64_t *perms)
{
size_t i = 0;
char c;
- *flags = 0;
- while ((c = cflags[i++]) != '\0') {
+ *perms = 0;
+ while ((c = permissions[i++]) != '\0') {
switch (c) {
case 'r':
- *flags |= PLEDGE_RPATH;
+ *perms |= PLEDGE_RPATH;
break;
case 'w':
- *flags |= PLEDGE_WPATH;
+ *perms |= PLEDGE_WPATH;
break;
case 'x':
- *flags |= PLEDGE_EXEC;
+ *perms |= PLEDGE_EXEC;
break;
case 'c':
- *flags |= PLEDGE_CPATH;
+ *perms |= PLEDGE_CPATH;
break;
default:
return -1;
}
int
-unveil_add(struct proc *p, struct nameidata *ndp, const char *cflags)
+unveil_add(struct proc *p, struct nameidata *ndp, const char *permissions)
{
struct process *pr = p->p_p;
struct vnode *vp;
KASSERT(ISSET(ndp->ni_cnd.cn_flags, HASBUF)); /* must have SAVENAME */
- if (unveil_parseflags(cflags, &flags) == -1)
+ if (unveil_parsepermissions(permissions, &flags) == -1)
goto done;
if (pr->ps_uvpaths == NULL) {
-; $OpenBSD: syscalls.master,v 1.186 2018/07/13 09:25:23 beck Exp $
+; $OpenBSD: syscalls.master,v 1.187 2018/07/30 15:16:27 deraadt Exp $
; $NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
; @(#)syscalls.master 8.2 (Berkeley) 1/13/94
int flags); }
113 UNIMPL fktrace
114 STD { int sys_unveil(const char *path, \
- const char *flags); }
+ const char *permissions); }
115 OBSOL vtrace
116 OBSOL t32_gettimeofday
117 OBSOL t32_getrusage
-/* $OpenBSD: vfs_syscalls.c,v 1.297 2018/07/30 00:11:04 deraadt Exp $ */
+/* $OpenBSD: vfs_syscalls.c,v 1.298 2018/07/30 15:16:27 deraadt Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */
/*
{
struct sys_unveil_args /* {
syscallarg(const char *) path;
- syscallarg(const char *) flags;
+ syscallarg(const char *) permissions;
} */ *uap = v;
char pathname[MAXPATHLEN];
struct nameidata nd;
size_t pathlen;
- char cflags[5];
+ char permissions[5];
int error;
- if (SCARG(uap, path) == NULL && SCARG(uap, flags) == NULL) {
+ if (SCARG(uap, path) == NULL && SCARG(uap, permissions) == NULL) {
p->p_p->ps_uvdone = 1;
return (0);
}
if (p->p_p->ps_uvdone != 0)
return EINVAL;
- error = copyinstr(SCARG(uap, flags), cflags, sizeof(cflags), NULL);
+ error = copyinstr(SCARG(uap, permissions), permissions,
+ sizeof(permissions), NULL);
if (error)
return(error);
error = copyinstr(SCARG(uap, path), pathname, sizeof(pathname), &pathlen);
#ifdef KTRACE
if (KTRPOINT(p, KTR_STRUCT))
- ktrstruct(p, "unveil", cflags, strlen(cflags));
+ ktrstruct(p, "unveil", permissions, strlen(permissions));
#endif
if (pathlen < 2)
return EINVAL;
VOP_ACCESS(nd.ni_dvp, VREAD, p->p_ucred, p) == 0 ||
VOP_ACCESS(nd.ni_dvp, VWRITE, p->p_ucred, p) == 0 ||
VOP_ACCESS(nd.ni_dvp, VEXEC, p->p_ucred, p) == 0)
- error = unveil_add(p, &nd, cflags);
+ error = unveil_add(p, &nd, permissions);
else
error = EPERM;
projects / openbsd / commitdiff