From fe14b452399ffc80b871a21002c5f7a1e438e966 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Mon, 13 Aug 2018 23:11:45 +0000 Subject: More clear version of previous namei/pledge/chroot solution. namei flag KERNELPATH indicates this operation is being done on behalf of the kernel, not a process, so ignore chroot of the current process context, start at /, and skip unveil and pledge checks. Discussed with beck and semarie --- sys/kern/vfs_lookup.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'sys/kern/vfs_lookup.c') diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 5a93a8bf48c..eaac8a09935 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_lookup.c,v 1.73 2018/08/02 04:41:47 beck Exp $ */ +/* $OpenBSD: vfs_lookup.c,v 1.74 2018/08/13 23:11:44 deraadt Exp $ */ /* $NetBSD: vfs_lookup.c,v 1.17 1996/02/09 19:00:59 christos Exp $ */ /* @@ -171,12 +171,17 @@ fail: /* * Get starting point for the translation. */ - if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL) + if ((ndp->ni_rootdir = fdp->fd_rdir) == NULL || + (ndp->ni_cnd.cn_flags & KERNELPATH)) ndp->ni_rootdir = rootvnode; - error = pledge_namei(p, ndp, cnp->cn_pnbuf); - if (error) - goto fail; + if (ndp->ni_cnd.cn_flags & KERNELPATH) { + ndp->ni_cnd.cn_flags |= BYPASSUNVEIL; + } else { + error = pledge_namei(p, ndp, cnp->cn_pnbuf); + if (error) + goto fail; + } /* * Check if starting from root directory or current directory. -- cgit v1.2.3