1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 03:37:45 +00:00

Kernel: Make O_RDONLY non-zero

Sergey suggested that having a non-zero O_RDONLY would make some things
less confusing, and it seems like he's right about that.

We can now easily check read/write permissions separately instead of
dancing around with the bits.

This patch also fixes unveil() validation for O_RDWR which previously
forgot to check for "r" permission.
This commit is contained in:
Andreas Kling 2020-01-21 13:14:26 +01:00
parent efbd1620d9
commit 6081c76515
6 changed files with 24 additions and 33 deletions

View file

@ -59,16 +59,8 @@ public:
void set_rw_mode(int options)
{
if (options & O_WRONLY) {
set_readable(false);
set_writable(true);
} else if (options & O_RDWR) {
set_readable(true);
set_writable(true);
} else {
set_readable(true);
set_writable(false);
}
set_readable(options & O_RDONLY);
set_writable(options & O_WRONLY);
}
int close();

View file

@ -239,13 +239,10 @@ KResultOr<NonnullRefPtr<FileDescription>> VFS::open(StringView path, int options
bool should_truncate_file = false;
// NOTE: Read permission is a bit weird, since O_RDONLY == 0,
// so we check if (NOT write_only OR read_and_write)
if (!(options & O_WRONLY) || (options & O_RDWR)) {
if (!metadata.may_read(current->process()))
return KResult(-EACCES);
}
if ((options & O_WRONLY) || (options & O_RDWR)) {
if ((options & O_RDONLY) && !metadata.may_read(current->process()))
return KResult(-EACCES);
if (options & O_WRONLY) {
if (!metadata.may_write(current->process()))
return KResult(-EACCES);
if (metadata.is_directory())
@ -748,21 +745,23 @@ KResult VFS::validate_path_against_process_veil(StringView path, int options)
}
return KSuccess;
}
if ((options & O_RDWR) || (options & O_WRONLY)) {
if (options & O_RDONLY) {
if (!(unveiled_path->permissions & UnveiledPath::Access::Read)) {
dbg() << *current << " rejecting path '" << path << "' since it hasn't been unveiled with 'r' permission.";
return KResult(-EACCES);
}
}
if (options & O_WRONLY) {
if (!(unveiled_path->permissions & UnveiledPath::Access::Write)) {
dbg() << *current << " rejecting path '" << path << "' since it hasn't been unveiled with 'w' permission.";
return KResult(-EACCES);
}
} else if (options & O_EXEC) {
}
if (options & O_EXEC) {
if (!(unveiled_path->permissions & UnveiledPath::Access::Execute)) {
dbg() << *current << " rejecting path '" << path << "' since it hasn't been unveiled with 'x' permission.";
return KResult(-EACCES);
}
} else {
if (!(unveiled_path->permissions & UnveiledPath::Access::Read)) {
dbg() << *current << " rejecting path '" << path << "' since it hasn't been unveiled with 'r' permission.";
return KResult(-EACCES);
}
}
return KSuccess;
}

View file

@ -38,9 +38,9 @@
#include <Kernel/FileSystem/InodeMetadata.h>
#include <Kernel/KResult.h>
#define O_RDONLY 0
#define O_WRONLY 1
#define O_RDWR 2
#define O_RDONLY 1
#define O_WRONLY 2
#define O_RDWR 3
#define O_EXEC 4
#define O_CREAT 0100
#define O_EXCL 0200