More clear version of previous namei/pledge/chroot solution. namei flag

KERNELPATH indicates this operation is being done on behalf of the kernel,
not a process, so ignore chroot of the current process context, start at /,
and skip unveil and pledge checks.  Discussed with beck and semarie

1 files changed, 10 insertions, 5 deletions

diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c
index 5a93a8bf48c..eaac8a09935 100644
--- a/sys/kern/vfs_lookup.c
+++ b/sys/kern/vfs_lookup.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vfs_lookup.c,v 1.73 2018/08/02 04:41:47 beck Exp $	*/
+/*	$OpenBSD: vfs_lookup.c,v 1.74 2018/08/13 23:11:44 deraadt Exp $	*/
 /*	$NetBSD: vfs_lookup.c,v 1.17 1996/02/09 19:00:59 christos Exp $	*/
 
 /*
@@ -171,12 +171,17 @@ fail:
 	/*
 	 * Get starting point for the translation.
 	 */
-	if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL)
+	if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL ||
+	    (ndp->ni_cnd.cn_flags & KERNELPATH))
 		ndp->ni_rootdir = rootvnode;
 
-	error = pledge_namei(p, ndp, cnp->cn_pnbuf);
-	if (error)
-		goto fail;
+	if (ndp->ni_cnd.cn_flags & KERNELPATH) {
+		ndp->ni_cnd.cn_flags |= BYPASSUNVEIL;
+	} else {
+		error = pledge_namei(p, ndp, cnp->cn_pnbuf);
+		if (error)
+			goto fail;
+	}
 
 	/*
 	 * Check if starting from root directory or current directory.