From: Lunaixsky Date: Wed, 19 Mar 2025 00:56:38 +0000 (+0000) Subject: patch file systems with the acl checks X-Git-Url: https://scm.lunaixsky.com/lunaix-os.git/commitdiff_plain/5f4f16c074be65639b5c3333441d48b1d418104c?hp=7bc179c25a1a0b7053959a7b7f2f530da1edbf13 patch file systems with the acl checks make sure the user scope is copied upon fork --- diff --git a/lunaix-os/includes/lunaix/compiler.h b/lunaix-os/includes/lunaix/compiler.h index a41c741..aea7e58 100644 --- a/lunaix-os/includes/lunaix/compiler.h +++ b/lunaix-os/includes/lunaix/compiler.h @@ -39,8 +39,9 @@ #define prefetch_rd(ptr, ll) __builtin_prefetch((ptr), 0, ll) #define prefetch_wr(ptr, ll) __builtin_prefetch((ptr), 1, ll) -#define stringify(v) #v -#define stringify__(v) stringify(v) +#define v__(v) (v) +#define stringify(v) #v +#define stringify__(v) stringify(v) #define compact __attribute__((packed)) #define align(v) __attribute__((aligned (v))) diff --git a/lunaix-os/includes/lunaix/fs.h b/lunaix-os/includes/lunaix/fs.h index 6feb2aa..b64cdcf 100644 --- a/lunaix-os/includes/lunaix/fs.h +++ b/lunaix-os/includes/lunaix/fs.h @@ -13,6 +13,7 @@ #include #include #include +#include #include @@ -248,6 +249,11 @@ struct v_inode u32_t link_count; u32_t lb_usage; u32_t fsize; + + u32_t acl; + uid_t uid; + gid_t gid; + void* data; // 允许底层FS绑定他的一些专有数据 struct llist_header aka_dnodes; struct llist_header xattrs; @@ -707,4 +713,28 @@ check_symlink_node(struct v_inode* inode) return check_itype(inode->itype, VFS_IFSYMLINK); } +static inline bool +check_allow_ops(struct v_inode* inode, unsigned int perm) +{ + return fsacl_allow_ops(perm, inode->acl, inode->uid, inode->gid); +} + +static inline bool +check_allow_read(struct v_inode* inode) +{ + return check_allow_ops(inode, FSACL_aR); +} + +static inline bool +check_allow_write(struct v_inode* inode) +{ + return check_allow_ops(inode, FSACL_aW); +} + +static inline bool +check_allow_execute(struct v_inode* inode) +{ + return check_allow_ops(inode, FSACL_aX); +} + #endif /* __LUNAIX_VFS_H */ diff --git a/lunaix-os/includes/lunaix/fs/api.h b/lunaix-os/includes/lunaix/fs/api.h index d002774..e9c1437 100644 --- a/lunaix-os/includes/lunaix/fs/api.h +++ b/lunaix-os/includes/lunaix/fs/api.h @@ -160,6 +160,19 @@ fsapi_inode_settime(struct v_inode* inode, inode->atime = atime; } +static inline void +fsapi_inode_setaccess(struct v_inode* inode, unsigned int acl) +{ + inode->acl = acl; +} + +static inline void +fsapi_inode_setowner(struct v_inode* inode, uid_t uid, gid_t gid) +{ + inode->uid = uid; + inode->gid = gid; +} + static inline void fsapi_dnode_setdector(struct v_dnode* dnode, dnode_free free_cb) diff --git a/lunaix-os/includes/lunaix/fs_acl.h b/lunaix-os/includes/lunaix/fs_acl.h new file mode 100644 index 0000000..c05080b --- /dev/null +++ b/lunaix-os/includes/lunaix/fs_acl.h @@ -0,0 +1,61 @@ +#ifndef __LUNAIX_FS_ACL_H +#define __LUNAIX_FS_ACL_H + +#include +#include "compiler.h" + +#define FSACL_READ 4 +#define FSACL_WRITE 2 +#define FSACL_EXEC 1 + +#define FSACL_U(x) (((x) & 0b111) << 6) +#define FSACL_G(x) (((x) & 0b111) << 3) +#define FSACL_O(x) ((x) & 0b111) + +#define FSACL_uR FSACL_U(FSACL_READ) +#define FSACL_uW FSACL_U(FSACL_WRITE) +#define FSACL_uX FSACL_U(FSACL_EXEC) + +#define FSACL_gR FSACL_G(FSACL_READ) +#define FSACL_gW FSACL_G(FSACL_WRITE) +#define FSACL_gX FSACL_G(FSACL_EXEC) + +#define FSACL_oR FSACL_O(FSACL_READ) +#define FSACL_oW FSACL_O(FSACL_WRITE) +#define FSACL_oX FSACL_O(FSACL_EXEC) + +// permitted read (any usr or group matched) +#define FSACL_RD (FSACL_uRD | FSACL_gRD) +// permitted write (any usr or group matched) +#define FSACL_WR (FSACL_uWR | FSACL_gWR) +// permitted execute (any usr or group matched) +#define FSACL_X (FSACL_uX | FSACL_gX) + +#define FSACL_u_ 0 +#define FSACL_g_ 0 +#define FSACL_o_ 0 + +// any read +#define FSACL_aR (FSACL_uR | FSACL_gR | FSACL_oR) +// any write +#define FSACL_aW (FSACL_uW | FSACL_gW | FSACL_oW) +// any execute +#define FSACL_aX (FSACL_uX | FSACL_gX | FSACL_oX) + +#define __fsacl_sel(scope, type) (FSACL_##scope##type) +#define FSACL_u(r, w, x) \ + (v__(__fsacl_sel(u, r)) | v__(__fsacl_sel(u, w)) | v__(__fsacl_sel(u, x))) + +#define FSACL_g(r, w, x) \ + (v__(__fsacl_sel(g, r)) | v__(__fsacl_sel(g, w)) | v__(__fsacl_sel(g, x))) + +#define FSACL_o(r, w, x) \ + (v__(__fsacl_sel(o, r)) | v__(__fsacl_sel(o, w)) | v__(__fsacl_sel(o, x))) + +static inline bool must_inline +fsacl_allow_ops(unsigned int ops, unsigned int acl, uid_t uid, gid_t gid) +{ + return !!(acl & ops & check_current_acl(uid, gid)); +} + +#endif /* __LUNAIX_FS_ACL_H */ diff --git a/lunaix-os/kernel/device/devfs.c b/lunaix-os/kernel/device/devfs.c index c105f66..c707b9f 100644 --- a/lunaix-os/kernel/device/devfs.c +++ b/lunaix-os/kernel/device/devfs.c @@ -179,6 +179,12 @@ devfs_init_inode(struct v_superblock* vsb, struct v_inode* inode) { inode->ops = &devfs_inode_ops; inode->default_fops = &devfs_file_ops; + + // we set default access right to be 0660. + // TODO need a way to allow this to be changed + + fsapi_inode_setaccess(inode, FSACL_u(R, W, _) | FSACL_g(R, W, _)); + fsapi_inode_setowner(inode, 0, 0); } int diff --git a/lunaix-os/kernel/exe/exec.c b/lunaix-os/kernel/exe/exec.c index 0dace13..cc7ae82 100644 --- a/lunaix-os/kernel/exe/exec.c +++ b/lunaix-os/kernel/exe/exec.c @@ -223,7 +223,8 @@ exec_load_byname(struct exec_host* container, const char* filename) goto done; } - if ((errno = vfs_open(dnode, &file))) { + if (!check_allow_execute(dnode->inode)) { + errno = EPERM; goto done; } @@ -231,6 +232,10 @@ exec_load_byname(struct exec_host* container, const char* filename) errno = EISDIR; goto done; } + + if ((errno = vfs_open(dnode, &file))) { + goto done; + } errno = exec_load(container, file); diff --git a/lunaix-os/kernel/fs/ext2/ext2.h b/lunaix-os/kernel/fs/ext2/ext2.h index 14b2218..1f12315 100644 --- a/lunaix-os/kernel/fs/ext2/ext2.h +++ b/lunaix-os/kernel/fs/ext2/ext2.h @@ -30,6 +30,7 @@ #define IMODE_ORD 0x0004 #define IMODE_OWR 0x0002 #define IMODE_OEX 0x0001 +#define IMODE_ACL_MASK 0x01ff #define ext2_aligned compact align(4) #define to_ext2ino_id(fsblock_id) ((fsblock_id) + 1) diff --git a/lunaix-os/kernel/fs/ext2/inode.c b/lunaix-os/kernel/fs/ext2/inode.c index 389bdea..5871d07 100644 --- a/lunaix-os/kernel/fs/ext2/inode.c +++ b/lunaix-os/kernel/fs/ext2/inode.c @@ -295,6 +295,10 @@ ext2ino_fill(struct v_inode* inode, ino_t ino_id) b_ino->i_mtime, b_ino->i_atime); + fsapi_inode_setaccess(inode, b_ino->i_mode & IMODE_ACL_MASK); + fsapi_inode_setowner(inode, b_ino->i_uid, + b_ino->i_gid); + __ext2ino_fill_common(inode, ino_id); if (check_itype(b_ino->i_mode, IMODE_IFLNK)) { diff --git a/lunaix-os/kernel/fs/iso9660/inode.c b/lunaix-os/kernel/fs/iso9660/inode.c index ab66ca4..ab6a396 100644 --- a/lunaix-os/kernel/fs/iso9660/inode.c +++ b/lunaix-os/kernel/fs/iso9660/inode.c @@ -1,5 +1,5 @@ #include -#include +#include #include "iso9660.h" #include #include @@ -87,10 +87,17 @@ iso9660_fill_inode(struct v_inode* inode, struct iso_drecache* dir, int ino) inode->ctime = iso9660_dt2unix(&xattr->ctime); inode->mtime = iso9660_dt2unix(&xattr->mtime); + fsapi_inode_setaccess(inode, xattr->perm); + fsapi_inode_setowner(inode, xattr->owner.le, xattr->group.le); + inode->lb_addr += dir->xattr_len * dir->fu_size; vfree(xattr); } + else { + fsapi_inode_setaccess(inode, FSACL_u(R, W, _) | FSACL_g(R, W, _)); + fsapi_inode_setowner(inode, 0, 0); + } inode->ctime = dir->ctime ? dir->ctime : inode->ctime; inode->mtime = dir->mtime ? dir->mtime : inode->mtime; diff --git a/lunaix-os/kernel/fs/iso9660/iso9660.h b/lunaix-os/kernel/fs/iso9660/iso9660.h index 708a28a..754301b 100644 --- a/lunaix-os/kernel/fs/iso9660/iso9660.h +++ b/lunaix-os/kernel/fs/iso9660/iso9660.h @@ -289,6 +289,7 @@ struct iso_drecache time_t ctime; time_t atime; time_t mtime; + struct hstr name; char name_val[ISO9660_IDLEN]; }; diff --git a/lunaix-os/kernel/fs/mount.c b/lunaix-os/kernel/fs/mount.c index 282ae78..b62b77f 100644 --- a/lunaix-os/kernel/fs/mount.c +++ b/lunaix-os/kernel/fs/mount.c @@ -293,6 +293,11 @@ vfs_check_writable(struct v_dnode* dnode) if ((dnode->mnt->flags & MNT_RO)) { return EROFS; } + + if (!check_allow_write(dnode->inode)) { + return EPERM; + } + return 0; } diff --git a/lunaix-os/kernel/fs/twifs/twifs.c b/lunaix-os/kernel/fs/twifs/twifs.c index 165d0bd..3679ee1 100644 --- a/lunaix-os/kernel/fs/twifs/twifs.c +++ b/lunaix-os/kernel/fs/twifs/twifs.c @@ -58,6 +58,13 @@ __twifs_init_inode(struct v_superblock* vsb, struct v_inode* inode) { inode->ops = (struct v_inode_ops*)&twifs_inode_ops; inode->default_fops = (struct v_file_ops*)&twifs_file_ops; + + + // we set default access right to be 0660. + // TODO need a way to allow this to be changed + + fsapi_inode_setaccess(inode, FSACL_u(R, W, _) | FSACL_g(R, W, _)); + fsapi_inode_setowner(inode, 0, 0); } int diff --git a/lunaix-os/kernel/fs/vfs.c b/lunaix-os/kernel/fs/vfs.c index 1696d6e..53faa56 100644 --- a/lunaix-os/kernel/fs/vfs.c +++ b/lunaix-os/kernel/fs/vfs.c @@ -192,12 +192,12 @@ vfs_dcache_rehash(struct v_dnode* new_parent, struct v_dnode* dnode) int vfs_open(struct v_dnode* dnode, struct v_file** file) { - if (!dnode->inode || !dnode->inode->ops->open) { + struct v_inode* inode = dnode->inode; + + if (!inode || !inode->ops->open) { return ENOTSUP; } - struct v_inode* inode = dnode->inode; - lock_inode(inode); struct v_file* vfile = cake_grab(file_pile); @@ -846,6 +846,11 @@ __DEFINE_LXSYSCALL3(int, read, int, fd, void*, buf, size_t, count) goto done; } + if (!check_allow_read(file->inode)) { + errno = EPERM; + goto done; + } + lock_inode(file->inode); file->inode->atime = clock_unixtime(); @@ -932,6 +937,11 @@ __DEFINE_LXSYSCALL3(int, lseek, int, fd, int, offset, int, options) goto done; } + if (!check_allow_read(inode)) { + errno = EPERM; + goto done; + } + lock_inode(inode); int overflow = 0; @@ -1012,6 +1022,10 @@ vfs_readlink(struct v_dnode* dnode, char* buf, size_t size) return ENOTSUP; } + if (!check_allow_read(inode)) { + return EPERM; + } + lock_inode(inode); int errno = inode->ops->read_symlink(inode, &link); diff --git a/lunaix-os/kernel/process/fork.c b/lunaix-os/kernel/process/fork.c index 6a6be4b..674e5c6 100644 --- a/lunaix-os/kernel/process/fork.c +++ b/lunaix-os/kernel/process/fork.c @@ -173,6 +173,7 @@ dup_proc() } __dup_fdtable(pcb); + uscope_copy(&pcb->uscope, current_user_scope()); struct proc_mm* mm = vmspace(pcb); procvm_dupvms_mount(mm); diff --git a/lunaix-os/kernel/usrscope.c b/lunaix-os/kernel/usrscope.c index 334cad7..5eba922 100644 --- a/lunaix-os/kernel/usrscope.c +++ b/lunaix-os/kernel/usrscope.c @@ -30,6 +30,10 @@ __alloc_groups_obj(unsigned int len) static inline void __ref_groups_obj(struct ugroup_obj* ugo) { + if (unlikely(!ugo)) { + return; + } + ugo->refs++; }