Subject: nfs optimization and veriexec
To: None <tech-kern@netbsd.org>
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
List: tech-security
Date: 10/29/2007 07:59:03
--NextPart-20071029075058-0110000
Content-Type: Text/Plain; charset=us-ascii
hi,
i'd like to make a change like the following, which optimize a RPC away
in some cases.
however, i think it breaks veriexec. (specifically, breaks assumptions
held by veriexec_openchk.)
can any veriexec people take a look and suggest how it should be solved?
thanks.
YAMAMOTO Takashi
--NextPart-20071029075058-0110000
Content-Type: Text/Plain; charset=us-ascii
Content-Disposition: attachment; filename="a.diff"
? sys/squeue.h
? kern/subr_squeue.c
Index: sys/namei.h
===================================================================
RCS file: /cvsroot/src/sys/sys/namei.h,v
retrieving revision 1.53
diff -u -p -r1.53 namei.h
--- sys/namei.h 22 Aug 2007 17:50:26 -0000 1.53
+++ sys/namei.h 28 Oct 2007 22:49:17 -0000
@@ -1,4 +1,4 @@
-/* $NetBSD: namei.h,v 1.53 2007/08/22 17:50:26 pooka Exp $ */
+/* $NetBSD$ */
/*
* WARNING: GENERATED FILE. DO NOT EDIT
@@ -91,6 +91,7 @@ struct nameidata {
size_t cn_namelen; /* length of looked up comp */
u_long cn_hash; /* hash val of looked up name */
size_t cn_consume; /* chars to consume in lookup */
+ int cn_fmode;
} ni_cnd;
};
@@ -151,6 +152,7 @@ struct nameidata {
(ndp)->ni_dirp = namep; \
(ndp)->ni_cnd.cn_lwp = l; \
(ndp)->ni_cnd.cn_cred = l->l_cred; \
+ (ndp)->ni_cnd.cn_fmode = 0; \
}
#endif
Index: sys/namei.src
===================================================================
RCS file: /cvsroot/src/sys/sys/namei.src,v
retrieving revision 1.3
diff -u -p -r1.3 namei.src
--- sys/namei.src 22 Aug 2007 17:49:40 -0000 1.3
+++ sys/namei.src 28 Oct 2007 22:49:17 -0000
@@ -84,6 +84,7 @@ struct nameidata {
size_t cn_namelen; /* length of looked up comp */
u_long cn_hash; /* hash val of looked up name */
size_t cn_consume; /* chars to consume in lookup */
+ int cn_fmode;
} ni_cnd;
};
@@ -144,6 +145,7 @@ NAMEIFL PARAMASK 0x02fff00 /* mask of pa
(ndp)->ni_dirp = namep; \
(ndp)->ni_cnd.cn_lwp = l; \
(ndp)->ni_cnd.cn_cred = l->l_cred; \
+ (ndp)->ni_cnd.cn_fmode = 0; \
}
#endif
Index: kern/vfs_vnops.c
===================================================================
RCS file: /cvsroot/src/sys/kern/vfs_vnops.c,v
retrieving revision 1.143
diff -u -p -r1.143 vfs_vnops.c
--- kern/vfs_vnops.c 10 Oct 2007 20:42:27 -0000 1.143
+++ kern/vfs_vnops.c 28 Oct 2007 22:49:17 -0000
@@ -118,6 +118,7 @@ vn_open(struct nameidata *ndp, int fmode
if ((fmode & O_NOFOLLOW) == 0)
ndp->ni_cnd.cn_flags |= FOLLOW;
}
+ ndp->ni_cnd.cn_fmode = fmode;
VERIEXEC_PATH_GET(ndp->ni_dirp, ndp->ni_segflg, ndp->ni_dirp, path);
Index: nfs/nfs_vnops.c
===================================================================
RCS file: /cvsroot/src/sys/nfs/nfs_vnops.c,v
retrieving revision 1.257
diff -u -p -r1.257 nfs_vnops.c
--- nfs/nfs_vnops.c 28 Oct 2007 22:24:29 -0000 1.257
+++ nfs/nfs_vnops.c 28 Oct 2007 22:49:17 -0000
@@ -900,22 +900,19 @@ nfs_lookup(v)
*vpp = NULLVP;
}
dorpc:
-#if 0
/*
- * because nfsv3 has the same CREATE semantics as ours,
- * we don't have to perform LOOKUPs beforehand.
- *
- * XXX ideally we can do the same for nfsv2 in the case of !O_EXCL.
- * XXX although we have no way to know if O_EXCL is requested or not.
+ * we don't have to perform LOOKUPs beforehand for the cases
+ * where nfs has the same CREATE semantics as ours.
*/
- if (v3 && cnp->cn_nameiop == CREATE &&
+ if (cnp->cn_nameiop == CREATE &&
+ (cnp->cn_fmode & O_TRUNC) == 0 &&
+ (v3 || (cnp->cn_fmode & O_EXCL) == 0) &&
(flags & (ISLASTCN|ISDOTDOT)) == ISLASTCN &&
(dvp->v_mount->mnt_flag & MNT_RDONLY) == 0) {
cnp->cn_flags |= SAVENAME;
return (EJUSTRETURN);
}
-#endif /* 0 */
error = 0;
newvp = NULLVP;
--NextPart-20071029075058-0110000--