svn commit: r357951 - head/sys/kern
Mateusz Guzik
mjg at FreeBSD.org
Sat Feb 15 01:28:43 UTC 2020
Author: mjg
Date: Sat Feb 15 01:28:42 2020
New Revision: 357951
URL: https://svnweb.freebsd.org/changeset/base/357951
Log:
vfs: use new capsicum helpers
Modified:
head/sys/kern/vfs_acl.c
head/sys/kern/vfs_extattr.c
head/sys/kern/vfs_lookup.c
head/sys/kern/vfs_syscalls.c
Modified: head/sys/kern/vfs_acl.c
==============================================================================
--- head/sys/kern/vfs_acl.c Sat Feb 15 01:28:06 2020 (r357950)
+++ head/sys/kern/vfs_acl.c Sat Feb 15 01:28:42 2020 (r357951)
@@ -436,7 +436,7 @@ sys___acl_get_fd(struct thread *td, struct __acl_get_f
AUDIT_ARG_FD(uap->filedes);
error = getvnode(td, uap->filedes,
- cap_rights_init(&rights, CAP_ACL_GET), &fp);
+ cap_rights_init_one(&rights, CAP_ACL_GET), &fp);
if (error == 0) {
error = vacl_get_acl(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
@@ -456,7 +456,7 @@ sys___acl_set_fd(struct thread *td, struct __acl_set_f
AUDIT_ARG_FD(uap->filedes);
error = getvnode(td, uap->filedes,
- cap_rights_init(&rights, CAP_ACL_SET), &fp);
+ cap_rights_init_one(&rights, CAP_ACL_SET), &fp);
if (error == 0) {
error = vacl_set_acl(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
@@ -512,7 +512,7 @@ sys___acl_delete_fd(struct thread *td, struct __acl_de
AUDIT_ARG_FD(uap->filedes);
error = getvnode(td, uap->filedes,
- cap_rights_init(&rights, CAP_ACL_DELETE), &fp);
+ cap_rights_init_one(&rights, CAP_ACL_DELETE), &fp);
if (error == 0) {
error = vacl_delete(td, fp->f_vnode, uap->type);
fdrop(fp, td);
@@ -569,7 +569,7 @@ sys___acl_aclcheck_fd(struct thread *td, struct __acl_
AUDIT_ARG_FD(uap->filedes);
error = getvnode(td, uap->filedes,
- cap_rights_init(&rights, CAP_ACL_CHECK), &fp);
+ cap_rights_init_one(&rights, CAP_ACL_CHECK), &fp);
if (error == 0) {
error = vacl_aclcheck(td, fp->f_vnode, uap->type, uap->aclp);
fdrop(fp, td);
Modified: head/sys/kern/vfs_extattr.c
==============================================================================
--- head/sys/kern/vfs_extattr.c Sat Feb 15 01:28:06 2020 (r357950)
+++ head/sys/kern/vfs_extattr.c Sat Feb 15 01:28:42 2020 (r357951)
@@ -243,7 +243,7 @@ sys_extattr_set_fd(struct thread *td, struct extattr_s
AUDIT_ARG_TEXT(attrname);
error = getvnode(td, uap->fd,
- cap_rights_init(&rights, CAP_EXTATTR_SET), &fp);
+ cap_rights_init_one(&rights, CAP_EXTATTR_SET), &fp);
if (error)
return (error);
@@ -410,7 +410,7 @@ sys_extattr_get_fd(struct thread *td, struct extattr_g
AUDIT_ARG_TEXT(attrname);
error = getvnode(td, uap->fd,
- cap_rights_init(&rights, CAP_EXTATTR_GET), &fp);
+ cap_rights_init_one(&rights, CAP_EXTATTR_GET), &fp);
if (error)
return (error);
@@ -545,7 +545,7 @@ sys_extattr_delete_fd(struct thread *td, struct extatt
AUDIT_ARG_TEXT(attrname);
error = getvnode(td, uap->fd,
- cap_rights_init(&rights, CAP_EXTATTR_DELETE), &fp);
+ cap_rights_init_one(&rights, CAP_EXTATTR_DELETE), &fp);
if (error)
return (error);
@@ -691,7 +691,7 @@ sys_extattr_list_fd(struct thread *td, struct extattr_
AUDIT_ARG_FD(uap->fd);
AUDIT_ARG_VALUE(uap->attrnamespace);
error = getvnode(td, uap->fd,
- cap_rights_init(&rights, CAP_EXTATTR_LIST), &fp);
+ cap_rights_init_one(&rights, CAP_EXTATTR_LIST), &fp);
if (error)
return (error);
Modified: head/sys/kern/vfs_lookup.c
==============================================================================
--- head/sys/kern/vfs_lookup.c Sat Feb 15 01:28:06 2020 (r357950)
+++ head/sys/kern/vfs_lookup.c Sat Feb 15 01:28:42 2020 (r357951)
@@ -440,7 +440,7 @@ namei(struct nameidata *ndp)
} else {
vrefact(ndp->ni_rootdir);
rights = ndp->ni_rightsneeded;
- cap_rights_set(&rights, CAP_LOOKUP);
+ cap_rights_set_one(&rights, CAP_LOOKUP);
if (cnp->cn_flags & AUDITVNODE1)
AUDIT_ARG_ATFD1(ndp->ni_dirfd);
@@ -493,7 +493,7 @@ namei(struct nameidata *ndp)
vrefact(ndp->ni_beneath_latch);
} else {
rights = ndp->ni_rightsneeded;
- cap_rights_set(&rights, CAP_LOOKUP);
+ cap_rights_set_one(&rights, CAP_LOOKUP);
error = fgetvp_rights(td, ndp->ni_dirfd, &rights,
&dirfd_caps, &ndp->ni_beneath_latch);
if (error == 0 && dp->v_type != VDIR) {
@@ -1344,7 +1344,7 @@ NDINIT_ALL(struct nameidata *ndp, u_long op, u_long fl
if (rightsp != NULL)
ndp->ni_rightsneeded = *rightsp;
else
- cap_rights_init(&ndp->ni_rightsneeded);
+ cap_rights_init_zero(&ndp->ni_rightsneeded);
}
/*
Modified: head/sys/kern/vfs_syscalls.c
==============================================================================
--- head/sys/kern/vfs_syscalls.c Sat Feb 15 01:28:06 2020 (r357950)
+++ head/sys/kern/vfs_syscalls.c Sat Feb 15 01:28:42 2020 (r357951)
@@ -966,34 +966,34 @@ flags_to_rights(int flags, cap_rights_t *rightsp)
{
if (flags & O_EXEC) {
- cap_rights_set(rightsp, CAP_FEXECVE);
+ cap_rights_set_one(rightsp, CAP_FEXECVE);
} else {
switch ((flags & O_ACCMODE)) {
case O_RDONLY:
- cap_rights_set(rightsp, CAP_READ);
+ cap_rights_set_one(rightsp, CAP_READ);
break;
case O_RDWR:
- cap_rights_set(rightsp, CAP_READ);
+ cap_rights_set_one(rightsp, CAP_READ);
/* FALLTHROUGH */
case O_WRONLY:
- cap_rights_set(rightsp, CAP_WRITE);
+ cap_rights_set_one(rightsp, CAP_WRITE);
if (!(flags & (O_APPEND | O_TRUNC)))
- cap_rights_set(rightsp, CAP_SEEK);
+ cap_rights_set_one(rightsp, CAP_SEEK);
break;
}
}
if (flags & O_CREAT)
- cap_rights_set(rightsp, CAP_CREATE);
+ cap_rights_set_one(rightsp, CAP_CREATE);
if (flags & O_TRUNC)
- cap_rights_set(rightsp, CAP_FTRUNCATE);
+ cap_rights_set_one(rightsp, CAP_FTRUNCATE);
if (flags & (O_SYNC | O_FSYNC))
- cap_rights_set(rightsp, CAP_FSYNC);
+ cap_rights_set_one(rightsp, CAP_FSYNC);
if (flags & (O_EXLOCK | O_SHLOCK))
- cap_rights_set(rightsp, CAP_FLOCK);
+ cap_rights_set_one(rightsp, CAP_FLOCK);
}
/*
@@ -1048,7 +1048,7 @@ kern_openat(struct thread *td, int fd, const char *pat
AUDIT_ARG_FFLAGS(flags);
AUDIT_ARG_MODE(mode);
- cap_rights_init(&rights, CAP_LOOKUP);
+ cap_rights_init_one(&rights, CAP_LOOKUP);
flags_to_rights(flags, &rights);
/*
* Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags
@@ -3752,7 +3752,7 @@ kern_frmdirat(struct thread *td, int dfd, const char *
fp = NULL;
if (fd != FD_NONE) {
- error = getvnode(td, fd, cap_rights_init(&rights, CAP_LOOKUP),
+ error = getvnode(td, fd, cap_rights_init_one(&rights, CAP_LOOKUP),
&fp);
if (error != 0)
return (error);
More information about the svn-src-all
mailing list