Subject: Re: eliminating veriexec #ifdefs in vfs_vnops.c
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <firstname.lastname@example.org>
Date: 12/30/2006 07:19:28
> YAMAMOTO Takashi wrote:
> >>> - it seems quite racy. i don't know if it's a problem for veriexec, tho.
> >>> first and second namei() can see different
> >>> pathnames (if userland pathname buffer is modified) and/or
> >>> vnode (if any components in the pathname is renamed).
> >> that's what I was worried about: we do two consequtive namei() calls.
> >> do you think there's a way we could have a single namei() in vn_open()
> >> to avoid it? or maybe we can copy the pathname to the kernel in
> >> vn_open(), and then in consequent namei() calls just use that. because
> >> veriexec doesn't care about permissions but relies on internal tables
> >> it shouldn't matter, I *think*.
> > for the pathname problem, i suggested a solution in PR/35278.
> > YAMAMOTO Takashi
> can you be more specific?
i meant this one.
> i'd suggest something like this.
> pathname_t *pn;
> error = pathname_get(user_pointer, &pn); /* allocate buffer and copyinst
> NDINIT(.., pn, ..);