1 /* $OpenBSD: vnd.c,v 1.172 2021/10/09 14:47:02 deraadt Exp $ */ 2 /* $NetBSD: vnd.c,v 1.26 1996/03/30 23:06:11 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1988 University of Utah. 6 * Copyright (c) 1990, 1993 7 * The Regents of the University of California. All rights reserved. 8 * 9 * This code is derived from software contributed to Berkeley by 10 * the Systems Programming Group of the University of Utah Computer 11 * Science Department. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 /* 39 * There is a security issue involved with this driver. 40 * 41 * Once mounted all access to the contents of the "mapped" file via 42 * the special file is controlled by the permissions on the special 43 * file, the protection of the mapped file is ignored (effectively, 44 * by using root credentials in all transactions). 45 * 46 */ 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/namei.h> 51 #include <sys/proc.h> 52 #include <sys/errno.h> 53 #include <sys/limits.h> 54 #include <sys/buf.h> 55 #include <sys/malloc.h> 56 #include <sys/ioctl.h> 57 #include <sys/disklabel.h> 58 #include <sys/device.h> 59 #include <sys/disk.h> 60 #include <sys/stat.h> 61 #include <sys/vnode.h> 62 #include <sys/fcntl.h> 63 #include <sys/uio.h> 64 #include <sys/conf.h> 65 #include <sys/dkio.h> 66 #include <sys/specdev.h> 67 68 #include <crypto/blf.h> 69 70 #include <dev/vndioctl.h> 71 72 #ifdef VNDDEBUG 73 int vnddebug = 0x00; 74 #define VDB_FOLLOW 0x01 75 #define VDB_INIT 0x02 76 #define VDB_IO 0x04 77 #define DNPRINTF(f, p...) do { if ((f) & vnddebug) printf(p); } while (0) 78 #else 79 #define DNPRINTF(f, p...) /* nothing */ 80 #endif /* VNDDEBUG */ 81 82 struct vnd_softc { 83 struct device sc_dev; 84 struct disk sc_dk; 85 86 char sc_file[VNDNLEN]; /* file we're covering */ 87 int sc_flags; /* flags */ 88 size_t sc_size; /* size of vnd in sectors */ 89 size_t sc_secsize; /* sector size in bytes */ 90 size_t sc_nsectors; /* # of sectors per track */ 91 size_t sc_ntracks; /* # of tracks per cylinder */ 92 struct vnode *sc_vp; /* vnode */ 93 struct ucred *sc_cred; /* credentials */ 94 blf_ctx *sc_keyctx; /* key context */ 95 }; 96 97 /* sc_flags */ 98 #define VNF_INITED 0x0001 99 #define VNF_HAVELABEL 0x0002 100 #define VNF_READONLY 0x0004 101 102 #define VNDRW(v) ((v)->sc_flags & VNF_READONLY ? FREAD : FREAD|FWRITE) 103 104 struct vnd_softc *vnd_softc; 105 int numvnd = 0; 106 107 /* called by main() at boot time */ 108 void vndattach(int); 109 110 void vndclear(struct vnd_softc *); 111 int vndsetcred(struct proc *p, struct vnode *, struct vnd_ioctl *, 112 struct ucred **); 113 int vndgetdisklabel(dev_t, struct vnd_softc *, struct disklabel *, int); 114 void vndencrypt(struct vnd_softc *, caddr_t, size_t, daddr_t, int); 115 void vndencryptbuf(struct vnd_softc *, struct buf *, int); 116 size_t vndbdevsize(struct vnode *, struct proc *); 117 118 void 119 vndencrypt(struct vnd_softc *sc, caddr_t addr, size_t size, daddr_t off, 120 int encrypt) 121 { 122 int i, bsize; 123 u_char iv[8]; 124 125 bsize = dbtob(1); 126 for (i = 0; i < size/bsize; i++) { 127 memset(iv, 0, sizeof(iv)); 128 memcpy(iv, &off, sizeof(off)); 129 blf_ecb_encrypt(sc->sc_keyctx, iv, sizeof(iv)); 130 if (encrypt) 131 blf_cbc_encrypt(sc->sc_keyctx, iv, addr, bsize); 132 else 133 blf_cbc_decrypt(sc->sc_keyctx, iv, addr, bsize); 134 135 addr += bsize; 136 off++; 137 } 138 } 139 140 void 141 vndencryptbuf(struct vnd_softc *sc, struct buf *bp, int encrypt) 142 { 143 vndencrypt(sc, bp->b_data, bp->b_bcount, bp->b_blkno, encrypt); 144 } 145 146 void 147 vndattach(int num) 148 { 149 char *mem; 150 int i; 151 152 if (num <= 0) 153 return; 154 mem = mallocarray(num, sizeof(struct vnd_softc), M_DEVBUF, 155 M_NOWAIT | M_ZERO); 156 if (mem == NULL) { 157 printf("WARNING: no memory for vnode disks\n"); 158 return; 159 } 160 vnd_softc = (struct vnd_softc *)mem; 161 for (i = 0; i < num; i++) { 162 struct vnd_softc *sc = &vnd_softc[i]; 163 164 sc->sc_dev.dv_unit = i; 165 snprintf(sc->sc_dev.dv_xname, sizeof(sc->sc_dev.dv_xname), 166 "vnd%d", i); 167 disk_construct(&sc->sc_dk); 168 device_ref(&sc->sc_dev); 169 } 170 numvnd = num; 171 } 172 173 int 174 vndopen(dev_t dev, int flags, int mode, struct proc *p) 175 { 176 int unit = DISKUNIT(dev); 177 struct vnd_softc *sc; 178 int error = 0, part; 179 180 DNPRINTF(VDB_FOLLOW, "vndopen(%x, %x, %x, %p)\n", dev, flags, mode, p); 181 182 if (unit >= numvnd) 183 return (ENXIO); 184 sc = &vnd_softc[unit]; 185 186 if ((error = disk_lock(&sc->sc_dk)) != 0) 187 return (error); 188 189 if ((flags & FWRITE) && (sc->sc_flags & VNF_READONLY)) { 190 error = EROFS; 191 goto bad; 192 } 193 194 if ((sc->sc_flags & VNF_INITED) && 195 (sc->sc_flags & VNF_HAVELABEL) == 0 && 196 sc->sc_dk.dk_openmask == 0) { 197 sc->sc_flags |= VNF_HAVELABEL; 198 vndgetdisklabel(dev, sc, sc->sc_dk.dk_label, 0); 199 } 200 201 part = DISKPART(dev); 202 error = disk_openpart(&sc->sc_dk, part, mode, 203 (sc->sc_flags & VNF_HAVELABEL) != 0); 204 205 bad: 206 disk_unlock(&sc->sc_dk); 207 return (error); 208 } 209 210 /* 211 * Load the label information on the named device 212 */ 213 int 214 vndgetdisklabel(dev_t dev, struct vnd_softc *sc, struct disklabel *lp, 215 int spoofonly) 216 { 217 memset(lp, 0, sizeof(struct disklabel)); 218 219 lp->d_secsize = sc->sc_secsize; 220 lp->d_nsectors = sc->sc_nsectors; 221 lp->d_ntracks = sc->sc_ntracks; 222 lp->d_secpercyl = lp->d_ntracks * lp->d_nsectors; 223 if (lp->d_secpercyl) 224 lp->d_ncylinders = sc->sc_size / lp->d_secpercyl; 225 226 strncpy(lp->d_typename, "vnd device", sizeof(lp->d_typename)); 227 lp->d_type = DTYPE_VND; 228 strncpy(lp->d_packname, "fictitious", sizeof(lp->d_packname)); 229 DL_SETDSIZE(lp, sc->sc_size); 230 lp->d_flags = 0; 231 lp->d_version = 1; 232 233 lp->d_magic = DISKMAGIC; 234 lp->d_magic2 = DISKMAGIC; 235 lp->d_checksum = dkcksum(lp); 236 237 /* Call the generic disklabel extraction routine */ 238 return readdisklabel(DISKLABELDEV(dev), vndstrategy, lp, spoofonly); 239 } 240 241 int 242 vndclose(dev_t dev, int flags, int mode, struct proc *p) 243 { 244 int unit = DISKUNIT(dev); 245 struct vnd_softc *sc; 246 int part; 247 248 DNPRINTF(VDB_FOLLOW, "vndclose(%x, %x, %x, %p)\n", dev, flags, mode, p); 249 250 if (unit >= numvnd) 251 return (ENXIO); 252 sc = &vnd_softc[unit]; 253 254 disk_lock_nointr(&sc->sc_dk); 255 256 part = DISKPART(dev); 257 258 disk_closepart(&sc->sc_dk, part, mode); 259 260 #if 0 261 if (sc->sc_dk.dk_openmask == 0) 262 sc->sc_flags &= ~VNF_HAVELABEL; 263 #endif 264 265 disk_unlock(&sc->sc_dk); 266 return (0); 267 } 268 269 void 270 vndstrategy(struct buf *bp) 271 { 272 int unit = DISKUNIT(bp->b_dev); 273 struct vnd_softc *sc; 274 struct partition *p; 275 off_t off; 276 long origbcount; 277 int s; 278 279 DNPRINTF(VDB_FOLLOW, "vndstrategy(%p): unit %d\n", bp, unit); 280 281 if (unit >= numvnd) { 282 bp->b_error = ENXIO; 283 goto bad; 284 } 285 sc = &vnd_softc[unit]; 286 287 if ((sc->sc_flags & VNF_HAVELABEL) == 0) { 288 bp->b_error = ENXIO; 289 goto bad; 290 } 291 292 /* 293 * Many of the distrib scripts assume they can issue arbitrary 294 * sized requests to raw vnd devices irrespective of the 295 * emulated disk geometry. 296 * 297 * To continue supporting this, round the block count up to a 298 * multiple of d_secsize for bounds_check_with_label(), and 299 * then restore afterwards. 300 * 301 * We only do this for non-encrypted vnd, because encryption 302 * requires operating on blocks at a time. 303 */ 304 origbcount = bp->b_bcount; 305 if (sc->sc_keyctx == NULL) { 306 u_int32_t secsize = sc->sc_dk.dk_label->d_secsize; 307 bp->b_bcount = ((origbcount + secsize - 1) & ~(secsize - 1)); 308 #ifdef DIAGNOSTIC 309 if (bp->b_bcount != origbcount) { 310 struct process *curpr = curproc->p_p; 311 printf("%s: sloppy %s from proc %d (%s): " 312 "blkno %lld bcount %ld\n", sc->sc_dev.dv_xname, 313 (bp->b_flags & B_READ) ? "read" : "write", 314 curpr->ps_pid, curpr->ps_comm, 315 (long long)bp->b_blkno, origbcount); 316 } 317 #endif 318 } 319 320 if (bounds_check_with_label(bp, sc->sc_dk.dk_label) == -1) { 321 bp->b_resid = bp->b_bcount = origbcount; 322 goto done; 323 } 324 325 if (origbcount < bp->b_bcount) 326 bp->b_bcount = origbcount; 327 328 p = &sc->sc_dk.dk_label->d_partitions[DISKPART(bp->b_dev)]; 329 off = DL_GETPOFFSET(p) * sc->sc_dk.dk_label->d_secsize + 330 (u_int64_t)bp->b_blkno * DEV_BSIZE; 331 332 if (sc->sc_keyctx && !(bp->b_flags & B_READ)) 333 vndencryptbuf(sc, bp, 1); 334 335 /* 336 * Use IO_NOLIMIT because upper layer has already checked I/O 337 * for limits, so there is no need to do it again. 338 * 339 * We use IO_NOCACHE because this data should be cached at the 340 * upper layer, so there is no need to cache it again. 341 */ 342 bp->b_error = vn_rdwr((bp->b_flags & B_READ) ? UIO_READ : UIO_WRITE, 343 sc->sc_vp, bp->b_data, bp->b_bcount, off, UIO_SYSSPACE, 344 IO_NOCACHE | IO_SYNC | IO_NOLIMIT, sc->sc_cred, &bp->b_resid, curproc); 345 if (bp->b_error) 346 bp->b_flags |= B_ERROR; 347 348 /* Data in buffer cache needs to be in clear */ 349 if (sc->sc_keyctx) 350 vndencryptbuf(sc, bp, 0); 351 352 goto done; 353 354 bad: 355 bp->b_flags |= B_ERROR; 356 bp->b_resid = bp->b_bcount; 357 done: 358 s = splbio(); 359 biodone(bp); 360 splx(s); 361 } 362 363 /* ARGSUSED */ 364 int 365 vndread(dev_t dev, struct uio *uio, int flags) 366 { 367 return (physio(vndstrategy, dev, B_READ, minphys, uio)); 368 } 369 370 /* ARGSUSED */ 371 int 372 vndwrite(dev_t dev, struct uio *uio, int flags) 373 { 374 return (physio(vndstrategy, dev, B_WRITE, minphys, uio)); 375 } 376 377 size_t 378 vndbdevsize(struct vnode *vp, struct proc *p) 379 { 380 struct partinfo pi; 381 struct bdevsw *bsw; 382 dev_t dev; 383 384 dev = vp->v_rdev; 385 bsw = bdevsw_lookup(dev); 386 if (bsw->d_ioctl == NULL) 387 return (0); 388 if (bsw->d_ioctl(dev, DIOCGPART, (caddr_t)&pi, FREAD, p)) 389 return (0); 390 DNPRINTF(VDB_INIT, "vndbdevsize: size %llu secsize %u\n", 391 DL_GETPSIZE(pi.part), pi.disklab->d_secsize); 392 return (DL_GETPSIZE(pi.part)); 393 } 394 395 /* ARGSUSED */ 396 int 397 vndioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p) 398 { 399 int unit = DISKUNIT(dev); 400 struct disklabel *lp; 401 struct vnd_softc *sc; 402 struct vnd_ioctl *vio; 403 struct vnd_user *vnu; 404 struct vattr vattr; 405 int error, part, pmask; 406 407 DNPRINTF(VDB_FOLLOW, "vndioctl(%x, %lx, %p, %x, %p): unit %d\n", 408 dev, cmd, addr, flag, p, unit); 409 410 error = suser(p); 411 if (error) 412 return (error); 413 if (unit >= numvnd) 414 return (ENXIO); 415 416 sc = &vnd_softc[unit]; 417 vio = (struct vnd_ioctl *)addr; 418 switch (cmd) { 419 420 case VNDIOCSET: 421 { 422 char name[VNDNLEN], key[BLF_MAXUTILIZED]; 423 struct nameidata nd; 424 struct ucred *cred; 425 size_t size; 426 int rw; 427 428 if (sc->sc_flags & VNF_INITED) 429 return (EBUSY); 430 431 /* Geometry eventually has to fit into label fields */ 432 if (vio->vnd_secsize > UINT_MAX || 433 vio->vnd_secsize == 0 || 434 vio->vnd_ntracks > UINT_MAX || 435 vio->vnd_nsectors > UINT_MAX) 436 return (EINVAL); 437 438 if ((error = copyinstr(vio->vnd_file, name, 439 sizeof(name), NULL))) 440 return (error); 441 442 if (vio->vnd_keylen > 0) { 443 if (vio->vnd_keylen > sizeof(key)) 444 vio->vnd_keylen = sizeof(key); 445 446 if ((error = copyin(vio->vnd_key, key, 447 vio->vnd_keylen)) != 0) 448 return (error); 449 } 450 451 /* 452 * Open for read and write first. This lets vn_open() weed out 453 * directories, sockets, etc. so we don't have to worry about 454 * them. 455 */ 456 NDINIT(&nd, 0, 0, UIO_SYSSPACE, name, p); 457 rw = FREAD|FWRITE; 458 error = vn_open(&nd, FREAD|FWRITE, 0); 459 if (error == EROFS) { 460 NDINIT(&nd, 0, 0, UIO_SYSSPACE, name, p); 461 rw = FREAD; 462 error = vn_open(&nd, FREAD, 0); 463 } 464 if (error) 465 return (error); 466 467 error = VOP_GETATTR(nd.ni_vp, &vattr, p->p_ucred, p); 468 if (error) { 469 fail: 470 VOP_UNLOCK(nd.ni_vp); 471 vn_close(nd.ni_vp, rw, p->p_ucred, p); 472 return (error); 473 } 474 475 /* Cannot put a vnd on top of a vnd */ 476 if (major(vattr.va_rdev) == major(dev)) { 477 error = EINVAL; 478 goto fail; 479 } 480 481 if ((error = vndsetcred(p, nd.ni_vp, vio, &cred)) != 0) 482 goto fail; 483 484 VOP_UNLOCK(nd.ni_vp); 485 486 if (nd.ni_vp->v_type == VBLK) { 487 size = vndbdevsize(nd.ni_vp, p); 488 /* XXX is size 0 ok? */ 489 } else 490 size = vattr.va_size / vio->vnd_secsize; 491 492 if ((error = disk_lock(&sc->sc_dk)) != 0) { 493 crfree(cred); 494 return (error); 495 } 496 497 /* Set geometry for device. */ 498 sc->sc_secsize = vio->vnd_secsize; 499 sc->sc_ntracks = vio->vnd_ntracks; 500 sc->sc_nsectors = vio->vnd_nsectors; 501 sc->sc_size = size; 502 503 if (rw == FREAD) 504 sc->sc_flags |= VNF_READONLY; 505 else 506 sc->sc_flags &= ~VNF_READONLY; 507 508 memcpy(sc->sc_file, name, sizeof(sc->sc_file)); 509 510 if (vio->vnd_keylen > 0) { 511 sc->sc_keyctx = malloc(sizeof(*sc->sc_keyctx), M_DEVBUF, 512 M_WAITOK); 513 blf_key(sc->sc_keyctx, key, vio->vnd_keylen); 514 explicit_bzero(key, vio->vnd_keylen); 515 } else 516 sc->sc_keyctx = NULL; 517 518 sc->sc_vp = nd.ni_vp; 519 sc->sc_cred = cred; 520 vio->vnd_size = sc->sc_size * sc->sc_secsize; 521 sc->sc_flags |= VNF_INITED; 522 523 DNPRINTF(VDB_INIT, "vndioctl: SET vp %p size %llx\n", 524 sc->sc_vp, (unsigned long long)sc->sc_size); 525 526 /* Attach the disk. */ 527 sc->sc_dk.dk_name = sc->sc_dev.dv_xname; 528 disk_attach(&sc->sc_dev, &sc->sc_dk); 529 530 disk_unlock(&sc->sc_dk); 531 532 break; 533 } 534 case VNDIOCCLR: 535 if ((sc->sc_flags & VNF_INITED) == 0) 536 return (ENXIO); 537 538 if ((error = disk_lock(&sc->sc_dk)) != 0) 539 return (error); 540 541 /* 542 * Don't unconfigure if any other partitions are open 543 * or if both the character and block flavors of this 544 * partition are open. 545 */ 546 part = DISKPART(dev); 547 pmask = (1 << part); 548 if ((sc->sc_dk.dk_openmask & ~pmask) || 549 ((sc->sc_dk.dk_bopenmask & pmask) && 550 (sc->sc_dk.dk_copenmask & pmask))) { 551 disk_unlock(&sc->sc_dk); 552 return (EBUSY); 553 } 554 555 vndclear(sc); 556 DNPRINTF(VDB_INIT, "vndioctl: CLRed\n"); 557 558 /* Free crypto key */ 559 if (sc->sc_keyctx) { 560 explicit_bzero(sc->sc_keyctx, sizeof(*sc->sc_keyctx)); 561 free(sc->sc_keyctx, M_DEVBUF, sizeof(*sc->sc_keyctx)); 562 } 563 564 /* Detach the disk. */ 565 disk_detach(&sc->sc_dk); 566 disk_unlock(&sc->sc_dk); 567 break; 568 569 case VNDIOCGET: 570 vnu = (struct vnd_user *)addr; 571 572 if (vnu->vnu_unit == -1) 573 vnu->vnu_unit = unit; 574 if (vnu->vnu_unit >= numvnd) 575 return (ENXIO); 576 if (vnu->vnu_unit < 0) 577 return (EINVAL); 578 579 sc = &vnd_softc[vnu->vnu_unit]; 580 581 if (sc->sc_flags & VNF_INITED) { 582 error = VOP_GETATTR(sc->sc_vp, &vattr, p->p_ucred, p); 583 if (error) 584 return (error); 585 586 strlcpy(vnu->vnu_file, sc->sc_file, 587 sizeof(vnu->vnu_file)); 588 vnu->vnu_dev = vattr.va_fsid; 589 vnu->vnu_ino = vattr.va_fileid; 590 } else { 591 vnu->vnu_dev = 0; 592 vnu->vnu_ino = 0; 593 } 594 595 break; 596 597 case DIOCRLDINFO: 598 if ((sc->sc_flags & VNF_HAVELABEL) == 0) 599 return (ENOTTY); 600 lp = malloc(sizeof(*lp), M_TEMP, M_WAITOK); 601 vndgetdisklabel(dev, sc, lp, 0); 602 *(sc->sc_dk.dk_label) = *lp; 603 free(lp, M_TEMP, sizeof(*lp)); 604 return (0); 605 606 case DIOCGPDINFO: 607 if ((sc->sc_flags & VNF_HAVELABEL) == 0) 608 return (ENOTTY); 609 vndgetdisklabel(dev, sc, (struct disklabel *)addr, 1); 610 return (0); 611 612 case DIOCGDINFO: 613 if ((sc->sc_flags & VNF_HAVELABEL) == 0) 614 return (ENOTTY); 615 *(struct disklabel *)addr = *(sc->sc_dk.dk_label); 616 return (0); 617 618 case DIOCGPART: 619 if ((sc->sc_flags & VNF_HAVELABEL) == 0) 620 return (ENOTTY); 621 ((struct partinfo *)addr)->disklab = sc->sc_dk.dk_label; 622 ((struct partinfo *)addr)->part = 623 &sc->sc_dk.dk_label->d_partitions[DISKPART(dev)]; 624 return (0); 625 626 case DIOCWDINFO: 627 case DIOCSDINFO: 628 if ((sc->sc_flags & VNF_HAVELABEL) == 0) 629 return (ENOTTY); 630 if ((flag & FWRITE) == 0) 631 return (EBADF); 632 633 if ((error = disk_lock(&sc->sc_dk)) != 0) 634 return (error); 635 636 error = setdisklabel(sc->sc_dk.dk_label, 637 (struct disklabel *)addr, /* sc->sc_dk.dk_openmask */ 0); 638 if (error == 0) { 639 if (cmd == DIOCWDINFO) 640 error = writedisklabel(DISKLABELDEV(dev), 641 vndstrategy, sc->sc_dk.dk_label); 642 } 643 644 disk_unlock(&sc->sc_dk); 645 return (error); 646 647 default: 648 return (ENOTTY); 649 } 650 651 return (0); 652 } 653 654 /* 655 * Duplicate the current processes' credentials. Since we are called only 656 * as the result of a SET ioctl and only root can do that, any future access 657 * to this "disk" is essentially as root. Note that credentials may change 658 * if some other uid can write directly to the mapped file (NFS). 659 */ 660 int 661 vndsetcred(struct proc *p, struct vnode *vp, struct vnd_ioctl *vio, 662 struct ucred **newcredp) 663 { 664 void *buf; 665 size_t size; 666 struct ucred *new; 667 int error; 668 669 new = crdup(p->p_ucred); 670 buf = malloc(DEV_BSIZE, M_TEMP, M_WAITOK); 671 size = DEV_BSIZE; 672 673 /* XXX: Horrible kludge to establish credentials for NFS */ 674 error = vn_rdwr(UIO_READ, vp, buf, size, 0, UIO_SYSSPACE, 0, 675 new, NULL, curproc); 676 677 free(buf, M_TEMP, DEV_BSIZE); 678 if (error == 0) 679 *newcredp = new; 680 return (error); 681 } 682 683 void 684 vndclear(struct vnd_softc *sc) 685 { 686 struct vnode *vp = sc->sc_vp; 687 struct proc *p = curproc; /* XXX */ 688 689 DNPRINTF(VDB_FOLLOW, "vndclear(%p): vp %p\n", sc, vp); 690 691 if (vp == NULL) 692 panic("vndioctl: null vp"); 693 (void) vn_close(vp, VNDRW(sc), sc->sc_cred, p); 694 crfree(sc->sc_cred); 695 sc->sc_flags = 0; 696 sc->sc_vp = NULL; 697 sc->sc_cred = NULL; 698 sc->sc_size = 0; 699 memset(sc->sc_file, 0, sizeof(sc->sc_file)); 700 } 701 702 daddr_t 703 vndsize(dev_t dev) 704 { 705 /* We don't support swapping to vnd anymore. */ 706 return (-1); 707 } 708 709 int 710 vnddump(dev_t dev, daddr_t blkno, caddr_t va, size_t size) 711 { 712 /* Not implemented. */ 713 return (ENXIO); 714 } 715