mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-25 06:20:06 +00:00
809fdf0d23
This patch cleans up for __ASSUME_ATFCTS now always being true for the supported Linux kernel versions by removing conditional code in sysdeps/unix/sysv/linux. Several fchownat.c files that were only present because of differences in the fallback syscalls used (depending on the architecture-specific names of chown-related syscalls for 32-bit uids) are removed. Files that looks like they could be replaced by syscalls.list entries have the standard "Consider moving to syscalls.list." comment (see bug 14138) added. Conditionals on the relevant __NR_* syscall numbers being defined are also removed, since my analysis indicated that the relevant syscalls are always defined for all relevant kernel versions using any affected file. Much of the removed fallback code had unbounded stack allocations, so this reduces the number of cases to consider for anyone reviewing uses of alloca and VLAs in glibc. There remain tests of __ASSUME_ATFCTS in io/openat.c (to determine whether to define __have_atfcts) and sysdeps/posix/getcwd.c (which also uses __have_atfcts); thus, the definition of __ASSUME_ATFCTS remains in kernel-features.h. The logical condition relevant there is whether openat64_not_cancel_3 is known to work. Hurd doesn't use this version of getcwd at all, so the conditionals in getcwd.c are always true in glibc. However, this code is also used in gnulib. So the best way to deal with the conditionals there may be for gnulib people to deal with merging all relevant changes in both directions between the glibc and gnulib versions of this file, at the end of which the openat conditionals should be in whatever form is best for gnulib, and hardcoded in the _LIBC case to having openat supported. Tested by comparing before-and-after disassembly of installed (stripped) shared libraries, on x86_64 and x86. On x86 the patch made no change to the disassembly; on x86_64, the only changes were in readlinkat, where formerly the return value from the readlinkat syscall was stored in an int variable before being converted to ssize_t for the return, and now the return value is returned directly without truncation to int. I think it's clearly correct not to truncate the return value (although I also think the truncation would not have been a user-visible bug because the kernel would never have returned a value it could have affected). * include/fcntl.h (__atfct_seterrno): Remove prototype. (__atfct_seterrno_2): Likewise. * sysdeps/unix/sysv/linux/alpha/dl-fxstatat64.c: Do not include <kernel-features.h>. (__ASSUME_ATFCTS): Do not undefine and redefine. * sysdeps/unix/sysv/linux/alpha/fxstatat.c [__ASSUME_ATFCTS] (__have_atfcts): Remove conditional definition. (__fxstatat([__NR_fstatat64]: Make code unconditional. (__fxstatat) [!__ASSUME_ATFCTS]: Remove conditional code and code unreachable if [__ASSUME_ATFCTS]. * sysdeps/unix/sysv/linux/dl-fxstatat64.c (__ASSUME_ATFCTS): Do not undefine and redefine. * sysdeps/unix/sysv/linux/faccessat.c: Do not include <kernel-features.h>. (faccessat) [__NR_faccessat]: Make code unconditional. (faccessat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/fchmodat.c: Do not include <kernel-features.h>. (fchmodat) [__NR_fchmodat]: Make code unconditional. (fchmodat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/fchownat.c: Do not include <kernel-features.h>. (fchownat) [__NR_fchownat]: Make code unconditional. (fchownat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/futimesat.c: Do not include <kernel-features.h>. (futimesat) [__NR_futimesat]: Make code unconditional. (futimesat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/fxstatat.c: Do not include <kernel-features.h>. (__fxstatat) [__NR_newfstatat]: Make code unconditional. (__fxstatat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/fxstatat64.c: Do not include <kernel-features.h>. (__fxstatat64) [__NR_fstatat64]: Make code unconditional. (__fxstatat64) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/i386/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/i386/fxstatat.c: Do not include <kernel-features.h>. (__fxstatat) [__NR_fstatat64]: Make code unconditional. (__fxstatat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/linkat.c: Do not include <kernel-features.h>. (linkat) [__NR_linkat]: Make code unconditional. (linkat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/m68k/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/mips/mips64/fxstatat64.c: Do not include <kernel-features.h>. (__fxstatat64) [__NR_newfstatat]: Make code unconditional. (__fxstatat64) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/mkdirat.c: Do not include <kernel-features.h>. (mkdirat) [__NR_mkdirat]: Make code unconditional. (mkdirat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/openat.c: Do not include <kernel-features.h>. [!__ASSUME_ATFCTS] (__atfct_seterrno): Remove function. [!__ASSUME_ATFCTS] (__have_atfcts): Remove variable. (OPENAT_NOT_CANCEL) [__NR_openat]: Make code unconditional. (OPENAT_NOT_CANCEL) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/powerpc/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/readlinkat.c: Do not include <kernel-features.h>. (readlinkat) [__NR_readlinkat]: Make code unconditional. (readlinkat) [!__ASSUME_ATFCTS]: Remove conditional code. Return result of INLINE_SYSCALL directly, not via int variable. * sysdeps/unix/sysv/linux/renameat.c: Do not include <kernel-features.h>. [!__ASSUME_ATFCTS] (__atfct_seterrno_2): Remove function. (renameat) [__NR_renameat]: Make code unconditional. (renameat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/s390/s390-32/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/sh/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/sparc/sparc32/fchownat.c: Remove file. * sysdeps/unix/sysv/linux/sparc/sparc64/dl-fxstatat64.c (__ASSUME_ATFCTS): Do not undefine and redefine. * sysdeps/unix/sysv/linux/symlinkat.c: Do not include <kernel-features.h>. (symlinkat) [__NR_symlinkat]: Make code unconditional. (symlinkat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/unlinkat.c: Do not include <kernel-features.h>. (unlinkat) [__NR_unlinkat]: Make code unconditional. (unlinkat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/wordsize-64/dl-fxstatat64.c (__ASSUME_ATFCTS): Do not undefine and redefine. * sysdeps/unix/sysv/linux/wordsize-64/fxstatat.c: Do not include <kernel-features.h>. (__fxstatat) [__NR_newfstatat]: Make code unconditional. (__fxstatat) [!__ASSUME_ATFCTS]: Remove conditional code. * sysdeps/unix/sysv/linux/xmknodat.c: Do not include <kernel-features.h>. (__xmknodat) [__NR_mknodat]: Make code unconditional. (__xmknodat) [!__ASSUME_ATFCTS]: Remove conditional code.
80 lines
2.3 KiB
C
80 lines
2.3 KiB
C
/* Test for access to file, relative to open directory. Linux version.
|
|
Copyright (C) 2006-2014 Free Software Foundation, Inc.
|
|
This file is part of the GNU C Library.
|
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 2.1 of the License, or (at your option) any later version.
|
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with the GNU C Library; if not, see
|
|
<http://www.gnu.org/licenses/>. */
|
|
|
|
#include <errno.h>
|
|
#include <fcntl.h>
|
|
#include <stddef.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
#include <sys/types.h>
|
|
#include <alloca.h>
|
|
#include <sysdep.h>
|
|
|
|
|
|
int
|
|
faccessat (fd, file, mode, flag)
|
|
int fd;
|
|
const char *file;
|
|
int mode;
|
|
int flag;
|
|
{
|
|
if (flag & ~(AT_SYMLINK_NOFOLLOW | AT_EACCESS))
|
|
{
|
|
__set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
|
|
if ((flag == 0 || ((flag & ~AT_EACCESS) == 0 && ! __libc_enable_secure)))
|
|
return INLINE_SYSCALL (faccessat, 3, fd, file, mode);
|
|
|
|
struct stat64 stats;
|
|
if (__fxstatat64 (_STAT_VER, fd, file, &stats, flag & AT_SYMLINK_NOFOLLOW))
|
|
return -1;
|
|
|
|
mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
|
|
#if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
|
|
# error Oops, portability assumptions incorrect.
|
|
#endif
|
|
|
|
if (mode == F_OK)
|
|
return 0; /* The file exists. */
|
|
|
|
uid_t uid = (flag & AT_EACCESS) ? __geteuid () : __getuid ();
|
|
|
|
/* The super-user can read and write any file, and execute any file
|
|
that anyone can execute. */
|
|
if (uid == 0 && ((mode & X_OK) == 0
|
|
|| (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
|
|
return 0;
|
|
|
|
int granted = (uid == stats.st_uid
|
|
? (unsigned int) (stats.st_mode & (mode << 6)) >> 6
|
|
: (stats.st_gid == ((flag & AT_EACCESS)
|
|
? __getegid () : __getgid ())
|
|
|| __group_member (stats.st_gid))
|
|
? (unsigned int) (stats.st_mode & (mode << 3)) >> 3
|
|
: (stats.st_mode & mode));
|
|
|
|
if (granted == mode)
|
|
return 0;
|
|
|
|
__set_errno (EACCES);
|
|
return -1;
|
|
}
|