| vfs_vnops.c (e3d16bb6a84661f51fce6ae5313523832e497c93) | vfs_vnops.c (dcef4f65ae3978c50eab745f67364db4660a9f43) |
|---|---|
| 1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph --- 122 unchanged lines hidden (view full) --- 131 &vn_io_fault_enable, 0, "Enable vn_io_fault lock avoidance"); 132static int vn_io_fault_prefault = 0; 133SYSCTL_INT(_debug, OID_AUTO, vn_io_fault_prefault, CTLFLAG_RW, 134 &vn_io_fault_prefault, 0, "Enable vn_io_fault prefaulting"); 135static u_long vn_io_faults_cnt; 136SYSCTL_ULONG(_debug, OID_AUTO, vn_io_faults, CTLFLAG_RD, 137 &vn_io_faults_cnt, 0, "Count of vn_io_fault lock avoidance triggers"); 138 | 1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph --- 122 unchanged lines hidden (view full) --- 131 &vn_io_fault_enable, 0, "Enable vn_io_fault lock avoidance"); 132static int vn_io_fault_prefault = 0; 133SYSCTL_INT(_debug, OID_AUTO, vn_io_fault_prefault, CTLFLAG_RW, 134 &vn_io_fault_prefault, 0, "Enable vn_io_fault prefaulting"); 135static u_long vn_io_faults_cnt; 136SYSCTL_ULONG(_debug, OID_AUTO, vn_io_faults, CTLFLAG_RD, 137 &vn_io_faults_cnt, 0, "Count of vn_io_fault lock avoidance triggers"); 138 |
| 139static int vfs_allow_read_dir = 0; 140SYSCTL_INT(_security_bsd, OID_AUTO, allow_read_dir, CTLFLAG_RW, 141 &vfs_allow_read_dir, 0, 142 "Enable read(2) of directory by root for filesystems that support it"); 143 |
|
| 139/* 140 * Returns true if vn_io_fault mode of handling the i/o request should 141 * be used. 142 */ 143static bool 144do_vn_io_fault(struct vnode *vp, struct uio *uio) 145{ 146 struct mount *mp; --- 1064 unchanged lines hidden (view full) --- 1211 fo_rdwr_t *doio; 1212 struct vnode *vp; 1213 void *rl_cookie; 1214 struct vn_io_fault_args args; 1215 int error; 1216 1217 doio = uio->uio_rw == UIO_READ ? vn_read : vn_write; 1218 vp = fp->f_vnode; | 144/* 145 * Returns true if vn_io_fault mode of handling the i/o request should 146 * be used. 147 */ 148static bool 149do_vn_io_fault(struct vnode *vp, struct uio *uio) 150{ 151 struct mount *mp; --- 1064 unchanged lines hidden (view full) --- 1216 fo_rdwr_t *doio; 1217 struct vnode *vp; 1218 void *rl_cookie; 1219 struct vn_io_fault_args args; 1220 int error; 1221 1222 doio = uio->uio_rw == UIO_READ ? vn_read : vn_write; 1223 vp = fp->f_vnode; |
| 1224 1225 /* 1226 * The ability to read(2) on a directory has historically been 1227 * allowed for all users, but this can and has been the source of 1228 * at least one security issue in the past. As such, it is now hidden 1229 * away behind a sysctl for those that actually need it to use it. 1230 */ 1231 if (vp->v_type == VDIR) { 1232 KASSERT(uio->uio_rw == UIO_READ, 1233 ("illegal write attempted on a directory")); 1234 if (!vfs_allow_read_dir) 1235 return (EISDIR); 1236 } 1237 |
|
| 1219 foffset_lock_uio(fp, uio, flags); 1220 if (do_vn_io_fault(vp, uio)) { 1221 args.kind = VN_IO_FAULT_FOP; 1222 args.args.fop_args.fp = fp; 1223 args.args.fop_args.doio = doio; 1224 args.cred = active_cred; 1225 args.flags = flags | FOF_OFFSET; 1226 if (uio->uio_rw == UIO_READ) { --- 2015 unchanged lines hidden --- | 1238 foffset_lock_uio(fp, uio, flags); 1239 if (do_vn_io_fault(vp, uio)) { 1240 args.kind = VN_IO_FAULT_FOP; 1241 args.args.fop_args.fp = fp; 1242 args.args.fop_args.doio = doio; 1243 args.cred = active_cred; 1244 args.flags = flags | FOF_OFFSET; 1245 if (uio->uio_rw == UIO_READ) { --- 2015 unchanged lines hidden --- |