diff options
| -rw-r--r-- | regress/sys/kern/unveil/syscalls.c | 22 | ||||
| -rw-r--r-- | sys/kern/kern_unveil.c | 9 | ||||
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 6 |
3 files changed, 21 insertions, 16 deletions
diff --git a/regress/sys/kern/unveil/syscalls.c b/regress/sys/kern/unveil/syscalls.c index 8a744b006e8..16561500b31 100644 --- a/regress/sys/kern/unveil/syscalls.c +++ b/regress/sys/kern/unveil/syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: syscalls.c,v 1.21 2019/02/10 16:42:35 phessler Exp $ */ +/* $OpenBSD: syscalls.c,v 1.22 2019/03/24 18:14:20 beck Exp $ */ /* * Copyright (c) 2017-2019 Bob Beck <beck@openbsd.org> @@ -248,7 +248,7 @@ test_opendir(int do_uv) (void) snprintf(filename, sizeof(filename), "/%s/.", uv_dir1); UV_SHOULD_SUCCEED((opendir(filename) == NULL), "opendir"); (void) snprintf(filename, sizeof(filename), "/%s/..", uv_dir1); - UV_SHOULD_EACCES((opendir(filename) == NULL), "opendir"); + UV_SHOULD_ENOENT((opendir(filename) == NULL), "opendir"); (void) snprintf(filename, sizeof(filename), "/%s/subdir", uv_dir1); UV_SHOULD_SUCCEED((opendir(filename) == NULL), "opendir"); (void) snprintf(filename, sizeof(filename), "/%s/subdir/../subdir", uv_dir1); @@ -318,7 +318,7 @@ test_x(int do_uv) if (unveil("/", "") == -1) err(1, "%s:%d - unveil", __FILE__, __LINE__); } - UV_SHOULD_SUCCEED((lstat(uv_file1, &sb) == -1), "lstat"); + UV_SHOULD_EACCES((lstat(uv_file1, &sb) == -1), "lstat"); UV_SHOULD_EACCES((open(uv_file1, O_RDONLY) == -1), "open"); UV_SHOULD_EACCES((open(uv_file1, O_RDONLY) == -1), "open"); UV_SHOULD_ENOENT((open(uv_file2, O_RDWR) == -1), "open"); @@ -488,7 +488,7 @@ test_parent_dir(int do_uv) UV_SHOULD_SUCCEED((chdir("../../doof/subdir1") == -1), "chdir"); UV_SHOULD_SUCCEED((access("poop", R_OK) == -1), "access"); UV_SHOULD_SUCCEED((access("../subdir1/poop", R_OK) == -1), "access"); - UV_SHOULD_EACCES((chdir("../../../") == -1), "chdir"); + UV_SHOULD_ENOENT((chdir("../../../") == -1), "chdir"); UV_SHOULD_ENOENT((chdir(uv_dir2) == -1), "chdir"); return(0); } @@ -553,7 +553,7 @@ test_access(int do_uv) UV_SHOULD_ENOENT((access("/etc/passwd", R_OK) == -1), "access"); UV_SHOULD_SUCCEED((access(uv_dir1, R_OK) == -1), "access"); UV_SHOULD_ENOENT((access(uv_dir2, R_OK) == -1), "access"); - UV_SHOULD_SUCCEED((access("/", R_OK) == -1), "access"); + UV_SHOULD_ENOENT((access("/", R_OK) == -1), "access"); UV_SHOULD_ENOENT((access("/home", F_OK) == -1), "access"); UV_SHOULD_SUCCEED((pledge("stdio fattr rpath", NULL) == -1), "pledge"); @@ -561,7 +561,7 @@ test_access(int do_uv) UV_SHOULD_ENOENT((access(uv_file2, R_OK) == -1), "access"); UV_SHOULD_SUCCEED((access(uv_dir1, R_OK) == -1), "access"); UV_SHOULD_ENOENT((access(uv_dir2, R_OK) == -1), "access"); - UV_SHOULD_SUCCEED((access("/", R_OK) == -1), "access"); + UV_SHOULD_ENOENT((access("/", R_OK) == -1), "access"); UV_SHOULD_ENOENT((access("/home", F_OK) == -1), "access"); return 0; @@ -596,7 +596,7 @@ test_stat(int do_uv) UV_SHOULD_ENOENT((stat(uv_file2, &sb) == -1), "stat"); UV_SHOULD_SUCCEED((stat(uv_dir1, &sb) == -1), "stat"); UV_SHOULD_ENOENT((stat(uv_dir2, &sb) == -1), "stat"); - UV_SHOULD_SUCCEED((stat("/", &sb) == -1), "stat"); + UV_SHOULD_ENOENT((stat("/", &sb) == -1), "stat"); return 0; } @@ -612,10 +612,10 @@ test_stat2(int do_uv) struct stat sb; UV_SHOULD_SUCCEED((pledge("stdio fattr rpath", NULL) == -1), "pledge"); - UV_SHOULD_SUCCEED((stat("/", &sb) == -1), "stat"); - UV_SHOULD_SUCCEED((stat("/usr", &sb) == -1), "stat"); - UV_SHOULD_SUCCEED((stat("/usr/share", &sb) == -1), "stat"); - UV_SHOULD_SUCCEED((stat("/usr/share/man", &sb) == -1), "stat"); + UV_SHOULD_ENOENT((stat("/", &sb) == -1), "stat"); + UV_SHOULD_ENOENT((stat("/usr", &sb) == -1), "stat"); + UV_SHOULD_ENOENT((stat("/usr/share", &sb) == -1), "stat"); + UV_SHOULD_ENOENT((stat("/usr/share/man", &sb) == -1), "stat"); UV_SHOULD_ENOENT((stat("/usr/share/man/nonexistent", &sb) == -1), "stat"); return 0; } diff --git a/sys/kern/kern_unveil.c b/sys/kern/kern_unveil.c index e90d23e652a..ae994673694 100644 --- a/sys/kern/kern_unveil.c +++ b/sys/kern/kern_unveil.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_unveil.c,v 1.23 2019/01/21 20:46:52 tedu Exp $ */ +/* $OpenBSD: kern_unveil.c,v 1.24 2019/03/24 18:14:20 beck Exp $ */ /* * Copyright (c) 2017-2019 Bob Beck <beck@openbsd.org> @@ -818,7 +818,11 @@ unveil_check_final(struct proc *p, struct nameidata *ni) " vnode %p\n", p->p_p->ps_comm, p->p_p->ps_pid, ni->ni_vp); #endif - return EACCES; + if (uv->uv_flags & UNVEIL_USERSET) + return EACCES; + else + return ENOENT; + } /* directry and flags match, update match */ ni->ni_unveil_match = uv; @@ -872,6 +876,7 @@ unveil_check_final(struct proc *p, struct nameidata *ni) printf("unveil: %s(%d) flag mismatch for terminal '%s'\n", p->p_p->ps_comm, p->p_p->ps_pid, tname->un_name); #endif + KASSERT(tname->un_flags & UNVEIL_USERSET); return EACCES; } /* name and flags match in this dir. update match*/ diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 4d18d1dbef1..be31bc6229c 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.313 2019/01/23 00:37:51 cheloha Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.314 2019/03/24 18:14:20 beck Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -1817,7 +1817,7 @@ dofaccessat(struct proc *p, int fd, const char *path, int amode, int flag) NDINITAT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, fd, path, p); nd.ni_pledge = PLEDGE_RPATH; - nd.ni_unveil = UNVEIL_INSPECT; + nd.ni_unveil = UNVEIL_READ; if ((error = namei(&nd)) != 0) goto out; vp = nd.ni_vp; @@ -1888,7 +1888,7 @@ dofstatat(struct proc *p, int fd, const char *path, struct stat *buf, int flag) follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW; NDINITAT(&nd, LOOKUP, follow | LOCKLEAF, UIO_USERSPACE, fd, path, p); nd.ni_pledge = PLEDGE_RPATH; - nd.ni_unveil = UNVEIL_INSPECT; + nd.ni_unveil = UNVEIL_READ; if ((error = namei(&nd)) != 0) return (error); error = vn_stat(nd.ni_vp, &sb, p); |