mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 03:57:43 +00:00
Kernel: Make VirtualFileSystem functions take credentials as input
Instead of getting credentials from Process::current(), we now require that they be provided as input to the various VFS functions. This ensures that an atomic set of credentials is used throughout an entire VFS operation.
This commit is contained in:
parent
9744dedb50
commit
c3351d4b9f
33 changed files with 159 additions and 165 deletions
|
@ -105,15 +105,16 @@ ErrorOr<void> Process::validate_mmap_prot(int prot, bool map_stack, bool map_ano
|
|||
|
||||
ErrorOr<void> Process::validate_inode_mmap_prot(int prot, Inode const& inode, bool map_shared) const
|
||||
{
|
||||
auto credentials = this->credentials();
|
||||
auto metadata = inode.metadata();
|
||||
if ((prot & PROT_READ) && !metadata.may_read(*this))
|
||||
if ((prot & PROT_READ) && !metadata.may_read(credentials))
|
||||
return EACCES;
|
||||
|
||||
if (map_shared) {
|
||||
// FIXME: What about readonly filesystem mounts? We cannot make a
|
||||
// decision here without knowing the mount flags, so we would need to
|
||||
// keep a Custody or something from mmap time.
|
||||
if ((prot & PROT_WRITE) && !metadata.may_write(*this))
|
||||
if ((prot & PROT_WRITE) && !metadata.may_write(credentials))
|
||||
return EACCES;
|
||||
if (auto shared_vmobject = inode.shared_vmobject()) {
|
||||
if ((prot & PROT_EXEC) && shared_vmobject->writable_mappings())
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue