From: deraadt Date: Mon, 13 Aug 2018 23:11:44 +0000 (+0000) Subject: More clear version of previous namei/pledge/chroot solution. namei flag X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=afae1c7709ed0f69e51d2ee6be7feb75fea1005b;p=openbsd More clear version of previous namei/pledge/chroot solution. namei flag KERNELPATH indicates this operation is being done on behalf of the kernel, not a process, so ignore chroot of the current process context, start at /, and skip unveil and pledge checks. Discussed with beck and semarie --- diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 5a93a8bf48c..eaac8a09935 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_lookup.c,v 1.73 2018/08/02 04:41:47 beck Exp $ */ +/* $OpenBSD: vfs_lookup.c,v 1.74 2018/08/13 23:11:44 deraadt Exp $ */ /* $NetBSD: vfs_lookup.c,v 1.17 1996/02/09 19:00:59 christos Exp $ */ /* @@ -171,12 +171,17 @@ fail: /* * Get starting point for the translation. */ - if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL) + if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL || + (ndp->ni_cnd.cn_flags & KERNELPATH)) ndp->ni_rootdir = rootvnode; - error = pledge_namei(p, ndp, cnp->cn_pnbuf); - if (error) - goto fail; + if (ndp->ni_cnd.cn_flags & KERNELPATH) { + ndp->ni_cnd.cn_flags |= BYPASSUNVEIL; + } else { + error = pledge_namei(p, ndp, cnp->cn_pnbuf); + if (error) + goto fail; + } /* * Check if starting from root directory or current directory. diff --git a/sys/sys/namei.h b/sys/sys/namei.h index 6a25840319e..c57dcb8a3c5 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -1,4 +1,4 @@ -/* $OpenBSD: namei.h,v 1.37 2018/08/11 16:16:07 beck Exp $ */ +/* $OpenBSD: namei.h,v 1.38 2018/08/13 23:11:44 deraadt Exp $ */ /* $NetBSD: namei.h,v 1.11 1996/02/09 18:25:20 christos Exp $ */ /* @@ -146,6 +146,7 @@ struct nameidata { #define STRIPSLASHES 0x100000 /* strip trailing slashes */ #define PDIRUNLOCK 0x200000 /* vfs_lookup() unlocked parent dir */ #define BYPASSUNVEIL 0x400000 /* bypass pledgepath check */ +#define KERNELPATH 0x800000 /* access file as kernel, not process */ /* * Initialization of an nameidata structure.