From 2fcbb846fb247c65edb490f3ffd5cf1d799c0d01 Mon Sep 17 00:00:00 2001
From: Sergey Bugaev <bugaevc@gmail.com>
Date: Sat, 11 Jan 2020 18:33:35 +0300
Subject: [PATCH] Kernel+LibC: Add O_EXEC, move exec permission checking to
 VFS::open()

O_EXEC is mentioned by POSIX, so let's have it. Currently, it is only used
inside the kernel to ensure the process has the right permissions when opening
an executable.
---
 Kernel/FileSystem/VirtualFileSystem.cpp | 4 ++++
 Kernel/FileSystem/VirtualFileSystem.h   | 1 +
 Kernel/Process.cpp                      | 5 +----
 Libraries/LibC/fcntl.h                  | 1 +
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/Kernel/FileSystem/VirtualFileSystem.cpp b/Kernel/FileSystem/VirtualFileSystem.cpp
index 293959f8fb..a0103bc304 100644
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@@ -215,6 +215,10 @@ KResultOr<NonnullRefPtr<FileDescription>> VFS::open(StringView path, int options
             return KResult(-EISDIR);
         should_truncate_file = options & O_TRUNC;
     }
+    if (options & O_EXEC) {
+        if (!metadata.may_execute(current->process()))
+            return KResult(-EACCES);
+    }
 
     if (metadata.is_device()) {
         auto device = Device::get_device(metadata.major_device, metadata.minor_device);
diff --git a/Kernel/FileSystem/VirtualFileSystem.h b/Kernel/FileSystem/VirtualFileSystem.h
index 05997e362a..13f7b7803f 100644
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@@ -15,6 +15,7 @@
 #define O_RDONLY 0
 #define O_WRONLY 1
 #define O_RDWR 2
+#define O_EXEC 4
 #define O_CREAT 0100
 #define O_EXCL 0200
 #define O_NOCTTY 0400
diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp
index 8ab6f731a2..74dc581138 100644
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@@ -653,15 +653,12 @@ int Process::do_exec(String path, Vector<String> arguments, Vector<String> envir
     if (parts.is_empty())
         return -ENOENT;
 
-    auto result = VFS::the().open(path, 0, 0, current_directory());
+    auto result = VFS::the().open(path, O_EXEC, 0, current_directory());
     if (result.is_error())
         return result.error();
     auto description = result.value();
     auto metadata = description->metadata();
 
-    if (!metadata.may_execute(*this))
-        return -EACCES;
-
     if (!metadata.size)
         return -ENOTIMPL;
 
diff --git a/Libraries/LibC/fcntl.h b/Libraries/LibC/fcntl.h
index 9ca005a430..a909af3f86 100644
--- a/Libraries/LibC/fcntl.h
+++ b/Libraries/LibC/fcntl.h
@@ -17,6 +17,7 @@ __BEGIN_DECLS
 #define O_WRONLY 1
 #define O_RDWR 2
 #define O_ACCMODE 3
+#define O_EXEC 4
 #define O_CREAT 0100
 #define O_EXCL 0200
 #define O_NOCTTY 0400