Mercurial > illumos > illumos-gate
changeset 3947:ed1a1295c374
6436336 5.10:named pipe in chroot cage blocks as cannot create
| author | nr123932 |
|---|---|
| date | Mon, 02 Apr 2007 12:11:24 -0700 |
| parents | 0cc6f51aa203 |
| children | b8d304c37bf9 |
| files | usr/src/uts/common/fs/fifofs/fifosubr.c |
| diffstat | 1 files changed, 8 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/uts/common/fs/fifofs/fifosubr.c Mon Apr 02 05:33:26 2007 -0700 +++ b/usr/src/uts/common/fs/fifofs/fifosubr.c Mon Apr 02 12:11:24 2007 -0700 @@ -394,6 +394,7 @@ fifodata_t *fdp; vnode_t *newvp; struct vattr va; + vnode_t *rvp; ASSERT(vp != NULL); @@ -403,18 +404,14 @@ fnp = &fdp->fifo_fnode[0]; /* - * In Trusted Extensions cross-zone named pipes - * are supported subject to the MAC policy. Since - * cross-zone access is done using lofs mounts, - * it is necessary to use the real vnode so that - * matching ends of the fifo can find each other. + * Its possible that fifo nodes on different lofs mountpoints + * shadow the same real filesystem fifo node. + * In this case its necessary to get and store the realvp. + * This way different fifo nodes sharing the same real vnode + * can use realvp for communication. */ - if (is_system_labeled()) { - vnode_t *rvp; - - if (VOP_REALVP(vp, &rvp) == 0) - vp = rvp; - } + if (VOP_REALVP(vp, &rvp) == 0) + vp = rvp; fnp->fn_realvp = vp; fnp->fn_wcnt = 0;