originally from cb@openbsd.org, adapted by provos

itojun@ ok

fix a race condition between path resolution in userland
and the subsequent namei(): inform the kernel portion of
valid filenames and then disallow symlink lookups for
those filenames by means of a hook in namei().
with suggestions from provos@

also, add (currently unused) seqnr field to struct
systrace_replace, from provos@

1 files changed, 9 insertions, 5 deletions

diff --git a/bin/systrace/intercept.h b/bin/systrace/intercept.h
index 805d4e5083d..a1ccf6919b1 100644
--- a/bin/systrace/intercept.h
+++ b/bin/systrace/intercept.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: intercept.h,v 1.18 2003/08/04 18:15:11 sturm Exp $	*/
+/*	$OpenBSD: intercept.h,v 1.19 2003/10/08 16:32:44 sturm Exp $	*/
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * All rights reserved.
@@ -56,7 +56,7 @@ struct intercept_system {
 	int (*newpolicy)(int);
 	int (*assignpolicy)(int, pid_t, int);
 	int (*policy)(int, int, int, short);
-	int (*replace)(int, pid_t, struct intercept_replace *);
+	int (*replace)(int, pid_t, u_int16_t, struct intercept_replace *);
 	void (*clonepid)(struct intercept_pid *, struct intercept_pid *);
 	void (*freepid)(struct intercept_pid *);
 };
@@ -75,6 +75,8 @@ struct intercept_system {
 
 #define ICFLAGS_RESULT	1
 
+#define	ICTRANS_NOLINKS	1	/* translation should have no symlinks */
+
 /* Privilege elevation */
 struct elevate {
 #define ELEVATE_UID	0x01
@@ -121,6 +123,7 @@ struct intercept_translate {
 	void *trans_data;
 	size_t trans_size;
 	char *trans_print;
+	u_int trans_flags;
 	TAILQ_ENTRY(intercept_translate) next;
 };
 
@@ -129,6 +132,7 @@ struct intercept_replace {
 	int ind[INTERCEPT_MAXSYSCALLARGS];
 	u_char *address[INTERCEPT_MAXSYSCALLARGS];
 	size_t len[INTERCEPT_MAXSYSCALLARGS];
+	u_int flags[INTERCEPT_MAXSYSCALLARGS];
 };
 
 TAILQ_HEAD(intercept_tlq, intercept_translate);
@@ -147,12 +151,12 @@ void intercept_child_info(pid_t, pid_t);
 void intercept_policy_free(int);
 
 int intercept_replace_init(struct intercept_replace *);
-int intercept_replace_add(struct intercept_replace *, int, u_char *, size_t);
-int intercept_replace(int, pid_t, struct intercept_replace *);
+int intercept_replace_add(struct intercept_replace *, int, u_char *, size_t, u_int);
+int intercept_replace(int, pid_t, u_int16_t, struct intercept_replace *);
 
 int intercept_register_sccb(char *, char *,
     short (*)(int, pid_t, int, const char *, int, const char *, void *, int,
-	struct intercept_tlq *, void *),
+	struct intercept_replace *, struct intercept_tlq *, void *),
     void *);
 void *intercept_sccb_cbarg(char *, char *);