* [PATCH] move read-only and immutable checks into permission()
@ 2005-01-13 16:47 Christoph Hellwig
0 siblings, 0 replies; only message in thread
From: Christoph Hellwig @ 2005-01-13 16:47 UTC (permalink / raw)
To: akpm, viro; +Cc: linux-fsdevel
Currently it's up to the filesystem ->permission method to check whether
the filesystem is readonly or the file marked immutable. But this is
really a VFS decision, and the distintion becomes more important when
moving to per-mountpoint read only flags.
For most filesystems that have been using generic_permission this is
not change in behaviour. For those that we're missing the check
(cifs without CIFS_MOUNT_NO_PERM and coda [1]) this is a bugfix.
Both reiserfs and xfs have this check still in their ->permission
routine because they call it from other places aswell. I'll try
switching them over to generic_permission and will take care of this
one.
[1] coda_ioctl_permission always returns 0, aka always grants access,
which looks more than fishy to me.
--- 1.116/fs/namei.c 2005-01-05 03:48:11 +01:00
+++ edited/fs/namei.c 2005-01-12 19:41:49 +01:00
@@ -169,21 +169,6 @@
{
umode_t mode = inode->i_mode;
- if (mask & MAY_WRITE) {
- /*
- * Nobody gets write access to a read-only fs.
- */
- if (IS_RDONLY(inode) &&
- (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
- return -EROFS;
-
- /*
- * Nobody gets write access to an immutable file.
- */
- if (IS_IMMUTABLE(inode))
- return -EACCES;
- }
-
if (current->fsuid == inode->i_uid)
mode >>= 6;
else {
@@ -225,14 +210,30 @@
return -EACCES;
}
-int permission(struct inode * inode,int mask, struct nameidata *nd)
+int permission(struct inode *inode, int mask, struct nameidata *nd)
{
- int retval;
- int submask;
+ int retval, submask;
+
+ if (mask & MAY_WRITE) {
+ umode_t mode = inode->i_mode;
+
+ /*
+ * Nobody gets write access to a read-only fs.
+ */
+ if (IS_RDONLY(inode) &&
+ (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
+ return -EROFS;
+
+ /*
+ * Nobody gets write access to an immutable file.
+ */
+ if (IS_IMMUTABLE(inode))
+ return -EACCES;
+ }
+
/* Ordinary permission routines do not understand MAY_APPEND. */
submask = mask & ~MAY_APPEND;
-
if (inode->i_op && inode->i_op->permission)
retval = inode->i_op->permission(inode, submask, nd);
else
--- 1.86/fs/nfs/dir.c 2005-01-04 01:00:00 +01:00
+++ edited/fs/nfs/dir.c 2005-01-12 19:55:30 +01:00
@@ -1498,29 +1498,11 @@
int nfs_permission(struct inode *inode, int mask, struct nameidata *nd)
{
struct rpc_cred *cred;
- int mode = inode->i_mode;
int res;
if (mask == 0)
return 0;
- if (mask & MAY_WRITE) {
- /*
- *
- * Nobody gets write access to a read-only fs.
- *
- */
- if (IS_RDONLY(inode) &&
- (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
- return -EROFS;
- /*
- *
- * Nobody gets write access to an immutable file.
- *
- */
- if (IS_IMMUTABLE(inode))
- return -EACCES;
- }
/* Are we checking permissions on anything other than lookup/execute? */
if ((mask & MAY_EXEC) == 0) {
/* We only need to check permissions on file open() and access() */
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-01-13 16:47 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-01-13 16:47 [PATCH] move read-only and immutable checks into permission() Christoph Hellwig
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.