Kernel: Add file permission checks to utime() syscall.

2025-10-31 00:32:45 +00:00 · 2019-02-21 16:37:41 +01:00 · 2019-02-21 16:37:41 +01:00 · a624fe06b8
commit a624fe06b8
parent f0a869ea50
3 changed files with 27 additions and 12 deletions
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@ -1125,14 +1125,6 @@ int Process::sys$utime(const char* pathname, const utimbuf* buf)
        return -EFAULT;
    if (buf && !validate_read_typed(buf))
        return -EFAULT;
-    String path(pathname);
-    int error;
-    auto descriptor = VFS::the().open(move(path), error, 0, 0, cwd_inode());
-    if (!descriptor)
-        return error;
-    auto& inode = *descriptor->inode();
-    if (inode.fs().is_readonly())
-        return -EROFS;
    time_t atime;
    time_t mtime;
    if (buf) {
@ -1143,11 +1135,10 @@ int Process::sys$utime(const char* pathname, const utimbuf* buf)
        mtime = now;
        atime = now;
    }
-    error = inode.set_atime(atime);
-    if (error)
-        return error;
-    error = inode.set_mtime(mtime);
+    int error;
+    if (!VFS::the().utime(String(pathname), error, cwd_inode(), atime, mtime))
        return error;
+    return 0;
 }

 int Process::sys$access(const char* pathname, int mode)
--- a/Kernel/VirtualFileSystem.cpp
+++ b/Kernel/VirtualFileSystem.cpp
@ -131,6 +131,29 @@ RetainPtr<FileDescriptor> VFS::open(RetainPtr<Device>&& device, int& error, int
    return FileDescriptor::create(move(device));
 }

+bool VFS::utime(const String& path, int& error, Inode& base, time_t atime, time_t mtime)
+{
+    auto descriptor = VFS::the().open(move(path), error, 0, 0, base);
+    if (!descriptor)
+        return false;
+    auto& inode = *descriptor->inode();
+    if (inode.fs().is_readonly()) {
+        error = -EROFS;
+        return false;
+    }
+    if (inode.metadata().uid != current->euid()) {
+        error = -EACCES;
+        return false;
+    }
+    error = inode.set_atime(atime);
+    if (error)
+        return false;
+    error = inode.set_mtime(mtime);
+    if (error)
+        return false;
+    return true;
+}
+
 bool VFS::stat(const String& path, int& error, int options, Inode& base, struct stat& statbuf)
 {
    auto inode_id = resolve_path(path, base.identifier(), error, options);
--- a/Kernel/VirtualFileSystem.h
+++ b/Kernel/VirtualFileSystem.h
@ -70,6 +70,7 @@ public:
    bool rmdir(const String& path, Inode& base, int& error);
    bool chmod(const String& path, mode_t, Inode& base, int& error);
    bool stat(const String& path, int& error, int options, Inode& base, struct stat&);
+    bool utime(const String& path, int& error, Inode& base, time_t atime, time_t mtime);

    void register_device(Device&);
    void unregister_device(Device&);