git: 7a292504bad8 - main - __acl_get_fd(2), __acl_aclcheck_fd(2): enable for O_PATH filedescriptors
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 30 May 2023 06:02:49 UTC
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=7a292504bad8467915f072f0576b2a07c76de1f5 commit 7a292504bad8467915f072f0576b2a07c76de1f5 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-05-29 15:07:18 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-05-30 05:53:56 +0000 __acl_get_fd(2), __acl_aclcheck_fd(2): enable for O_PATH filedescriptors PR: 271704 Reported by: Peter Eriksson <pen@lysator.liu.se> Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D40318 --- lib/libc/sys/open.2 | 3 ++- sys/kern/vfs_acl.c | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/libc/sys/open.2 b/lib/libc/sys/open.2 index 574b6b136d39..232226a00ae6 100644 --- a/lib/libc/sys/open.2 +++ b/lib/libc/sys/open.2 @@ -28,7 +28,7 @@ .\" @(#)open.2 8.2 (Berkeley) 11/16/93 .\" $FreeBSD$ .\" -.Dd March 2, 2023 +.Dd May 29, 2023 .Dt OPEN 2 .Os .Sh NAME @@ -344,6 +344,7 @@ message using for .Dv EVFILT_VNODE .It Xr readlinkat 2 +.It Xr __acl_get_fd 2 , Xr __alc_aclcheck_fd 2 .El But operations like .Xr read 2 , diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c index 927005e6d452..1e8122cb68c1 100644 --- a/sys/kern/vfs_acl.c +++ b/sys/kern/vfs_acl.c @@ -436,7 +436,7 @@ sys___acl_get_fd(struct thread *td, struct __acl_get_fd_args *uap) int error; AUDIT_ARG_FD(uap->filedes); - error = getvnode(td, uap->filedes, + error = getvnode_path(td, uap->filedes, cap_rights_init_one(&rights, CAP_ACL_GET), &fp); if (error == 0) { error = vacl_get_acl(td, fp->f_vnode, uap->type, uap->aclp); @@ -570,7 +570,7 @@ sys___acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap) int error; AUDIT_ARG_FD(uap->filedes); - error = getvnode(td, uap->filedes, + error = getvnode_path(td, uap->filedes, cap_rights_init_one(&rights, CAP_ACL_CHECK), &fp); if (error == 0) { error = vacl_aclcheck(td, fp->f_vnode, uap->type, uap->aclp);