forked from SerenityOS/serenity
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Kernel: Allow unveiling subfolders regardless of parent's permissions
This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
- Loading branch information
1 parent
9d41dd2
commit e8a3170
Showing
3 changed files
with
8 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
/* | ||
* Copyright (c) 2018-2020, Andreas Kling <[email protected]> | ||
* Copyright (c) 2021, Max Wipfli <[email protected]> | ||
* | ||
* SPDX-License-Identifier: BSD-2-Clause | ||
*/ | ||
|
@@ -90,14 +91,12 @@ KResultOr<int> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*> u | |
auto it = lexical_path.parts().begin(); | ||
auto& matching_node = m_unveiled_paths.traverse_until_last_accessible_node(it, lexical_path.parts().end()); | ||
if (it.is_end()) { | ||
auto old_permissions = matching_node.permissions(); | ||
// Allow "elevating" the permissions when the permissions are inherited from root (/), | ||
// as that would be the first time this path is unveiled. | ||
if (old_permissions != UnveilAccess::None || !matching_node.permissions_inherited_from_root()) { | ||
if (new_permissions & ~old_permissions) | ||
// If the path has already been explicitly unveiled, do not allow elevating its permissions. | ||
if (matching_node.was_explicitly_unveiled()) { | ||
if (new_permissions & ~matching_node.permissions()) | ||
return EPERM; | ||
} | ||
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true, false }); | ||
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true }); | ||
return 0; | ||
} | ||
|
||
|
@@ -107,8 +106,9 @@ KResultOr<int> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*> u | |
{ new_unveiled_path, (UnveilAccess)new_permissions, true }, | ||
[](auto& parent, auto& it) -> Optional<UnveilMetadata> { | ||
auto path = LexicalPath::join(parent.path(), *it).string(); | ||
return UnveilMetadata { path, parent.permissions(), false, parent.permissions_inherited_from_root() }; | ||
return UnveilMetadata { path, parent.permissions(), false }; | ||
}); | ||
|
||
VERIFY(m_veil_state != VeilState::Locked); | ||
m_veil_state = VeilState::Dropped; | ||
return 0; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters