allow file system to decide if it can be downgraded from r/w to r/odiff -r1.413 -r1.414 src/sys/kern/vfs_syscalls.c
(pooka)
--- src/sys/kern/vfs_syscalls.c 2011/01/02 05:12:33 1.413
+++ src/sys/kern/vfs_syscalls.c 2011/01/13 07:25:50 1.414
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: vfs_syscalls.c,v 1.413 2011/01/02 05:12:33 dholland Exp $ */ | 1 | /* $NetBSD: vfs_syscalls.c,v 1.414 2011/01/13 07:25:50 pooka Exp $ */ | |
2 | 2 | |||
3 | /*- | 3 | /*- | |
4 | * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. | 4 | * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * This code is derived from software contributed to The NetBSD Foundation | 7 | * This code is derived from software contributed to The NetBSD Foundation | |
8 | * by Andrew Doran. | 8 | * by Andrew Doran. | |
9 | * | 9 | * | |
10 | * Redistribution and use in source and binary forms, with or without | 10 | * Redistribution and use in source and binary forms, with or without | |
11 | * modification, are permitted provided that the following conditions | 11 | * modification, are permitted provided that the following conditions | |
12 | * are met: | 12 | * are met: | |
13 | * 1. Redistributions of source code must retain the above copyright | 13 | * 1. Redistributions of source code must retain the above copyright | |
14 | * notice, this list of conditions and the following disclaimer. | 14 | * notice, this list of conditions and the following disclaimer. | |
@@ -56,27 +56,27 @@ | @@ -56,27 +56,27 @@ | |||
56 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 56 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
57 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 57 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
58 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 58 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
59 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 59 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
60 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 60 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
61 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 61 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
62 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 62 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
63 | * SUCH DAMAGE. | 63 | * SUCH DAMAGE. | |
64 | * | 64 | * | |
65 | * @(#)vfs_syscalls.c 8.42 (Berkeley) 7/31/95 | 65 | * @(#)vfs_syscalls.c 8.42 (Berkeley) 7/31/95 | |
66 | */ | 66 | */ | |
67 | 67 | |||
68 | #include <sys/cdefs.h> | 68 | #include <sys/cdefs.h> | |
69 | __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.413 2011/01/02 05:12:33 dholland Exp $"); | 69 | __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.414 2011/01/13 07:25:50 pooka Exp $"); | |
70 | 70 | |||
71 | #ifdef _KERNEL_OPT | 71 | #ifdef _KERNEL_OPT | |
72 | #include "opt_fileassoc.h" | 72 | #include "opt_fileassoc.h" | |
73 | #include "veriexec.h" | 73 | #include "veriexec.h" | |
74 | #endif | 74 | #endif | |
75 | 75 | |||
76 | #include <sys/param.h> | 76 | #include <sys/param.h> | |
77 | #include <sys/systm.h> | 77 | #include <sys/systm.h> | |
78 | #include <sys/namei.h> | 78 | #include <sys/namei.h> | |
79 | #include <sys/filedesc.h> | 79 | #include <sys/filedesc.h> | |
80 | #include <sys/kernel.h> | 80 | #include <sys/kernel.h> | |
81 | #include <sys/file.h> | 81 | #include <sys/file.h> | |
82 | #include <sys/stat.h> | 82 | #include <sys/stat.h> | |
@@ -159,27 +159,28 @@ mount_update(struct lwp *l, struct vnode | @@ -159,27 +159,28 @@ mount_update(struct lwp *l, struct vnode | |||
159 | 159 | |||
160 | /* We can operate only on VV_ROOT nodes. */ | 160 | /* We can operate only on VV_ROOT nodes. */ | |
161 | if ((vp->v_vflag & VV_ROOT) == 0) { | 161 | if ((vp->v_vflag & VV_ROOT) == 0) { | |
162 | error = EINVAL; | 162 | error = EINVAL; | |
163 | goto out; | 163 | goto out; | |
164 | } | 164 | } | |
165 | 165 | |||
166 | /* | 166 | /* | |
167 | * We only allow the filesystem to be reloaded if it | 167 | * We only allow the filesystem to be reloaded if it | |
168 | * is currently mounted read-only. Additionally, we | 168 | * is currently mounted read-only. Additionally, we | |
169 | * prevent read-write to read-only downgrades. | 169 | * prevent read-write to read-only downgrades. | |
170 | */ | 170 | */ | |
171 | if ((flags & (MNT_RELOAD | MNT_RDONLY)) != 0 && | 171 | if ((flags & (MNT_RELOAD | MNT_RDONLY)) != 0 && | |
172 | (mp->mnt_flag & MNT_RDONLY) == 0) { | 172 | (mp->mnt_flag & MNT_RDONLY) == 0 && | |
173 | (mp->mnt_iflag & IMNT_CAN_RWTORO) == 0) { | |||
173 | error = EOPNOTSUPP; /* Needs translation */ | 174 | error = EOPNOTSUPP; /* Needs translation */ | |
174 | goto out; | 175 | goto out; | |
175 | } | 176 | } | |
176 | 177 | |||
177 | error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_MOUNT, | 178 | error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_MOUNT, | |
178 | KAUTH_REQ_SYSTEM_MOUNT_UPDATE, mp, KAUTH_ARG(flags), data); | 179 | KAUTH_REQ_SYSTEM_MOUNT_UPDATE, mp, KAUTH_ARG(flags), data); | |
179 | if (error) | 180 | if (error) | |
180 | goto out; | 181 | goto out; | |
181 | 182 | |||
182 | if (vfs_busy(mp, NULL)) { | 183 | if (vfs_busy(mp, NULL)) { | |
183 | error = EPERM; | 184 | error = EPERM; | |
184 | goto out; | 185 | goto out; | |
185 | } | 186 | } |
--- src/sys/sys/fstypes.h 2011/01/13 07:23:39 1.27
+++ src/sys/sys/fstypes.h 2011/01/13 07:25:50 1.28
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: fstypes.h,v 1.27 2011/01/13 07:23:39 pooka Exp $ */ | 1 | /* $NetBSD: fstypes.h,v 1.28 2011/01/13 07:25:50 pooka Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1989, 1991, 1993 | 4 | * Copyright (c) 1989, 1991, 1993 | |
5 | * The Regents of the University of California. All rights reserved. | 5 | * The Regents of the University of California. All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -200,26 +200,27 @@ typedef struct fhandle fhandle_t; | @@ -200,26 +200,27 @@ typedef struct fhandle fhandle_t; | |||
200 | * Internal filesystem control flags. | 200 | * Internal filesystem control flags. | |
201 | * These are set in struct mount mnt_iflag. | 201 | * These are set in struct mount mnt_iflag. | |
202 | * | 202 | * | |
203 | * IMNT_UNMOUNT locks the mount entry so that name lookup cannot proceed | 203 | * IMNT_UNMOUNT locks the mount entry so that name lookup cannot proceed | |
204 | * past the mount point. This keeps the subtree stable during mounts | 204 | * past the mount point. This keeps the subtree stable during mounts | |
205 | * and unmounts. | 205 | * and unmounts. | |
206 | */ | 206 | */ | |
207 | #define IMNT_GONE 0x00000001 /* filesystem is gone.. */ | 207 | #define IMNT_GONE 0x00000001 /* filesystem is gone.. */ | |
208 | #define IMNT_UNMOUNT 0x00000002 /* unmount in progress */ | 208 | #define IMNT_UNMOUNT 0x00000002 /* unmount in progress */ | |
209 | #define IMNT_WANTRDWR 0x00000004 /* upgrade to read/write requested */ | 209 | #define IMNT_WANTRDWR 0x00000004 /* upgrade to read/write requested */ | |
210 | #define IMNT_DTYPE 0x00000040 /* returns d_type fields */ | 210 | #define IMNT_DTYPE 0x00000040 /* returns d_type fields */ | |
211 | #define IMNT_HAS_TRANS 0x00000080 /* supports transactions */ | 211 | #define IMNT_HAS_TRANS 0x00000080 /* supports transactions */ | |
212 | #define IMNT_MPSAFE 0x00000100 /* file system code MP safe */ | 212 | #define IMNT_MPSAFE 0x00000100 /* file system code MP safe */ | |
213 | #define IMNT_CAN_RWTORO 0x00000200 /* can downgrade fs to from rw to r/o */ | |||
213 | 214 | |||
214 | #define __MNT_FLAGS \ | 215 | #define __MNT_FLAGS \ | |
215 | __MNT_BASIC_FLAGS \ | 216 | __MNT_BASIC_FLAGS \ | |
216 | __MNT_EXPORTED_FLAGS \ | 217 | __MNT_EXPORTED_FLAGS \ | |
217 | __MNT_INTERNAL_FLAGS \ | 218 | __MNT_INTERNAL_FLAGS \ | |
218 | __MNT_EXTERNAL_FLAGS | 219 | __MNT_EXTERNAL_FLAGS | |
219 | 220 | |||
220 | #define __MNT_FLAG_BITS \ | 221 | #define __MNT_FLAG_BITS \ | |
221 | "\20" \ | 222 | "\20" \ | |
222 | "\40MNT_SOFTDEP" \ | 223 | "\40MNT_SOFTDEP" \ | |
223 | "\37MNT_NODEVMTIME" \ | 224 | "\37MNT_NODEVMTIME" \ | |
224 | "\36MNT_SYMPERM" \ | 225 | "\36MNT_SYMPERM" \ | |
225 | "\35MNT_EXPUBLIC" \ | 226 | "\35MNT_EXPUBLIC" \ | |
@@ -244,26 +245,27 @@ typedef struct fhandle fhandle_t; | @@ -244,26 +245,27 @@ typedef struct fhandle fhandle_t; | |||
244 | "\12MNT_DEFEXPORTED" \ | 245 | "\12MNT_DEFEXPORTED" \ | |
245 | "\11MNT_EXPORTED" \ | 246 | "\11MNT_EXPORTED" \ | |
246 | "\10MNT_EXRDONLY" \ | 247 | "\10MNT_EXRDONLY" \ | |
247 | "\07MNT_ASYNC" \ | 248 | "\07MNT_ASYNC" \ | |
248 | "\06MNT_UNION" \ | 249 | "\06MNT_UNION" \ | |
249 | "\05MNT_NODEV" \ | 250 | "\05MNT_NODEV" \ | |
250 | "\04MNT_NOSUID" \ | 251 | "\04MNT_NOSUID" \ | |
251 | "\03MNT_NOEXEC" \ | 252 | "\03MNT_NOEXEC" \ | |
252 | "\02MNT_SYNCHRONOUS" \ | 253 | "\02MNT_SYNCHRONOUS" \ | |
253 | "\01MNT_RDONLY" | 254 | "\01MNT_RDONLY" | |
254 | 255 | |||
255 | #define __IMNT_FLAG_BITS \ | 256 | #define __IMNT_FLAG_BITS \ | |
256 | "\20" \ | 257 | "\20" \ | |
258 | "\12IMNT_CAN_RWTORO" \ | |||
257 | "\11IMNT_MPSAFE" \ | 259 | "\11IMNT_MPSAFE" \ | |
258 | "\10IMNT_HAS_TRANS" \ | 260 | "\10IMNT_HAS_TRANS" \ | |
259 | "\07IMNT_DTYPE" \ | 261 | "\07IMNT_DTYPE" \ | |
260 | "\03IMNT_WANTRDWR" \ | 262 | "\03IMNT_WANTRDWR" \ | |
261 | "\02IMNT_UNMOUNT" \ | 263 | "\02IMNT_UNMOUNT" \ | |
262 | "\01IMNT_GONE" | 264 | "\01IMNT_GONE" | |
263 | 265 | |||
264 | /* | 266 | /* | |
265 | * Flags for various system call interfaces. | 267 | * Flags for various system call interfaces. | |
266 | * | 268 | * | |
267 | * waitfor flags to vfs_sync() and getvfsstat() | 269 | * waitfor flags to vfs_sync() and getvfsstat() | |
268 | */ | 270 | */ | |
269 | #define MNT_WAIT 1 /* synchronously wait for I/O to complete */ | 271 | #define MNT_WAIT 1 /* synchronously wait for I/O to complete */ |