[src/trunk]: src Add missing access check for setting va_Xtime into zfs_netbs...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src Add missing access check for setting va_Xtime into zfs_netbs...
From: hannken <hannken%NetBSD.org@localhost>
Date: Wed, 28 Nov 2018 12:58:09 +0000

details:   https://anonhg.NetBSD.org/src/rev/b77c2c42a684
branches:  trunk
changeset: 446233:b77c2c42a684
user:      hannken <hannken%NetBSD.org@localhost>
date:      Wed Nov 28 09:57:59 2018 +0000

description:
Add missing access check for setting va_Xtime into zfs_netbsd_setattr().

PR kern/47656 test zfs_times.

diffstat:

 external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c |  13 ++++++++++++-
 tests/fs/vfs/t_unpriv.c                                |   4 +---
 2 files changed, 13 insertions(+), 4 deletions(-)

diffs (51 lines):

diff -r 5833e470b312 -r b77c2c42a684 external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c
--- a/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c    Wed Nov 28 09:57:16 2018 +0000
+++ b/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c    Wed Nov 28 09:57:59 2018 +0000
@@ -5336,10 +5336,11 @@
        vnode_t *vp = ap->a_vp;
        vattr_t *vap = ap->a_vap;
        cred_t *cred = ap->a_cred;
+       znode_t *zp = VTOZ(vp);
        xvattr_t xvap;
        u_long fflags;
        uint64_t zflags;
-       int flags = 0;
+       int error, flags = 0;
 
        vattr_init_mask(vap);
        vap->va_mask &= ~AT_NOSET;
@@ -5405,6 +5406,16 @@
                    xvap.xva_xoptattrs.xoa_nodump);
 #undef FLAG_CHANGE
        }
+
+       if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL ||
+           vap->va_birthtime.tv_sec != VNOVAL) {
+               error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
+                    NULL, genfs_can_chtimes(vp, vap->va_vaflags, zp->z_uid,
+                    cred));
+               if (error)
+                       return error;
+       }
+
        return (zfs_setattr(vp, (vattr_t *)&xvap, flags, cred, NULL));
 }
 
diff -r 5833e470b312 -r b77c2c42a684 tests/fs/vfs/t_unpriv.c
--- a/tests/fs/vfs/t_unpriv.c   Wed Nov 28 09:57:16 2018 +0000
+++ b/tests/fs/vfs/t_unpriv.c   Wed Nov 28 09:57:59 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: t_unpriv.c,v 1.13 2017/01/13 21:30:40 christos Exp $   */
+/*     $NetBSD: t_unpriv.c,v 1.14 2018/11/28 09:57:59 hannken Exp $    */
 
 /*-
  * Copyright (c) 2011 The NetBSD Foundation, Inc.
@@ -144,8 +144,6 @@
        rump_pub_lwproc_rfork(RUMP_RFCFDG);
        if (rump_sys_setuid(1) == -1)
                atf_tc_fail_errno("setuid");
-       if (FSTYPE_ZFS(tc))
-               atf_tc_expect_fail("PR kern/47656: Test known to be broken");
        if (rump_sys_utimes(name, NULL) != -1 || errno != EACCES)
                atf_tc_fail_errno("utimes");
        rump_pub_lwproc_releaselwp();

Prev by Date: [src/trunk]: src/external/cddl/osnet/dist/uts/common/fs/zfs We expect VOP_ACC...
Next by Date: [src/trunk]: src Add missing access check for REMOVE into zfs_netbsd_lookup().
Previous by Thread: [src/trunk]: src/external/cddl/osnet/dist/uts/common/fs/zfs We expect VOP_ACC...
Next by Thread: [src/trunk]: src Add missing access check for REMOVE into zfs_netbsd_lookup().
Indexes:

Home | Main Index | Thread Index | Old Index