vfs: OPEN_RO flag, read-only whitelist entries

author: dzwdz 2022-08-12 00:30:14 +0200
committer: dzwdz 2022-08-12 00:30:14 +0200
commit: 215aa95c8d8c85985c1dcc5a994ad164823b39e6 (patch)
tree: a8346262dea6d5d32b552c8ccf407256d370e086 /src/kernel/syscalls.c
parent: d170ceb6c9f26f222558012ccbb75614ec2a6b8f (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/kernel/syscalls.c b/src/kernel/syscalls.c
index 7bc018d..68c0241 100644
--- a/src/kernel/syscalls.c
+++ b/src/kernel/syscalls.c
@@ -88,6 +88,8 @@ handle_t _syscall_open(const char __user *path, long len, int flags) {
 	struct vfs_mount *mount;
 	char *path_buf = NULL;
 
+	if (flags & ~(OPEN_CREATE | OPEN_RO)) SYSCALL_RETURN(-ENOSYS);
+
 	if (PATH_MAX < len)
 		SYSCALL_RETURN(-1);
 	if (process_find_free_handle(process_current, 0) < 0)
@@ -210,6 +212,8 @@ static long simple_vfsop(
 	struct handle *h = process_handle_get(process_current, hid);
 	if (!h) SYSCALL_RETURN(-1);
 	if (h->type == HANDLE_FILE) {
+		if (h->ro && !(vfsop == VFSOP_READ || vfsop == VFSOP_GETSIZE))
+			SYSCALL_RETURN(-EACCES);
 		struct vfs_request req = (struct vfs_request){
 			.type = vfsop,
 			.backend = h->backend,
@@ -257,6 +261,7 @@ long _syscall_remove(handle_t hid) {
 	struct handle **hslot = &process_current->handles[hid];
 	struct handle *h = *hslot;
 	if (!h) SYSCALL_RETURN(-1);
+	if (h->ro) SYSCALL_RETURN(-EACCES);
 	if (h->type == HANDLE_FILE) {
 		vfsreq_create((struct vfs_request) {
 				.type = VFSOP_REMOVE,
author	dzwdz	2022-08-12 00:30:14 +0200
committer	dzwdz	2022-08-12 00:30:14 +0200
commit	215aa95c8d8c85985c1dcc5a994ad164823b39e6 (patch)
tree	a8346262dea6d5d32b552c8ccf407256d370e086 /src/kernel/syscalls.c
parent	d170ceb6c9f26f222558012ccbb75614ec2a6b8f (diff)