From: Andreas Gruenbacher <agruen@suse.de>
To: linux-kernel@vger.kernel.org
Cc: John Johansen <jjohansen@suse.de>, Jan Blunck <jblunck@suse.de>,
Erez Zadok <ezk@cs.sunysb.edu>,
"Josef 'Jeff' Sipek" <jsipek@cs.sunysb.edu>
Subject: [RFC 03/10] Pass no unnecessary information to iop->permission
Date: Wed, 08 Aug 2007 19:16:25 +0200 [thread overview]
Message-ID: <20070808171643.797533942@suse.de> (raw)
In-Reply-To: 20070808171622.632749741@suse.de
[-- Attachment #1: permission-args.diff --]
[-- Type: text/plain, Size: 29196 bytes --]
The various permission functions and the permission inode operation do
not need a full nameidata. Pass a struct vfs_lookup instead.
Signed-off-by: Andreas Gruenbacher <ag@bestbits.at>
---
fs/afs/internal.h | 4 +---
fs/afs/security.c | 2 +-
fs/bad_inode.c | 2 +-
fs/cifs/cifsfs.c | 3 ++-
fs/coda/dir.c | 2 +-
fs/coda/pioctl.c | 4 ++--
fs/ecryptfs/inode.c | 20 ++++++++++----------
fs/exec.c | 4 ++--
fs/ext2/acl.c | 2 +-
fs/ext2/acl.h | 2 +-
fs/ext3/acl.c | 2 +-
fs/ext3/acl.h | 2 +-
fs/ext4/acl.c | 2 +-
fs/ext4/acl.h | 2 +-
fs/fuse/dir.c | 4 ++--
fs/gfs2/ops_inode.c | 4 ++--
fs/hfs/inode.c | 2 +-
fs/hfsplus/inode.c | 2 +-
fs/inotify_user.c | 2 +-
fs/jffs2/acl.c | 2 +-
fs/jffs2/acl.h | 2 +-
fs/jfs/acl.c | 2 +-
fs/jfs/jfs_acl.h | 2 +-
fs/namei.c | 34 +++++++++++++++++-----------------
fs/nfs/dir.c | 8 ++++----
fs/ocfs2/file.c | 2 +-
fs/ocfs2/file.h | 3 +--
fs/open.c | 8 ++++----
fs/proc/base.c | 2 +-
fs/proc/proc_sysctl.c | 7 ++++---
fs/reiserfs/xattr.c | 3 ++-
fs/smbfs/file.c | 2 +-
fs/utimes.c | 2 +-
fs/xfs/linux-2.6/xfs_iops.c | 2 +-
include/linux/coda_linux.h | 2 +-
include/linux/fs.h | 6 +++---
include/linux/nfs_fs.h | 2 +-
include/linux/reiserfs_xattr.h | 4 ++--
include/linux/security.h | 10 +++++-----
include/linux/shmem_fs.h | 2 +-
mm/shmem_acl.c | 2 +-
net/unix/af_unix.c | 2 +-
security/dummy.c | 2 +-
security/selinux/hooks.c | 4 ++--
44 files changed, 92 insertions(+), 92 deletions(-)
--- a/fs/afs/internal.h
+++ b/fs/afs/internal.h
@@ -469,8 +469,6 @@ extern bool afs_cm_incoming_call(struct
extern const struct inode_operations afs_dir_inode_operations;
extern const struct file_operations afs_dir_file_operations;
-extern int afs_permission(struct inode *, int, struct nameidata *);
-
/*
* file.c
*/
@@ -607,7 +605,7 @@ extern void afs_clear_permits(struct afs
extern void afs_cache_permit(struct afs_vnode *, struct key *, long);
extern void afs_zap_permits(struct rcu_head *);
extern struct key *afs_request_key(struct afs_cell *);
-extern int afs_permission(struct inode *, int, struct nameidata *);
+extern int afs_permission(struct inode *, int, struct vfs_lookup *);
/*
* server.c
--- a/fs/afs/security.c
+++ b/fs/afs/security.c
@@ -284,7 +284,7 @@ static int afs_check_permit(struct afs_v
* - AFS ACLs are attached to directories only, and a file is controlled by its
* parent directory's ACL
*/
-int afs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int afs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
struct afs_vnode *vnode = AFS_FS_I(inode);
afs_access_t access;
--- a/fs/bad_inode.c
+++ b/fs/bad_inode.c
@@ -244,7 +244,7 @@ static int bad_inode_readlink(struct den
}
static int bad_inode_permission(struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
return -EIO;
}
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -234,7 +234,8 @@ cifs_statfs(struct dentry *dentry, struc
longer available? */
}
-static int cifs_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int cifs_permission(struct inode *inode, int mask,
+ struct vfs_lookup *lookup)
{
struct cifs_sb_info *cifs_sb;
--- a/fs/coda/dir.c
+++ b/fs/coda/dir.c
@@ -137,7 +137,7 @@ exit:
}
-int coda_permission(struct inode *inode, int mask, struct nameidata *nd)
+int coda_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
int error = 0;
--- a/fs/coda/pioctl.c
+++ b/fs/coda/pioctl.c
@@ -25,7 +25,7 @@
/* pioctl ops */
static int coda_ioctl_permission(struct inode *inode, int mask,
- struct nameidata *nd);
+ struct vfs_lookup *lookup);
static int coda_pioctl(struct inode * inode, struct file * filp,
unsigned int cmd, unsigned long user_data);
@@ -43,7 +43,7 @@ const struct file_operations coda_ioctl_
/* the coda pioctl inode ops */
static int coda_ioctl_permission(struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
return 0;
}
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -855,19 +855,19 @@ out:
}
static int
-ecryptfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+ecryptfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
int rc;
- if (nd) {
- struct vfsmount *vfsmnt_save = nd->lookup.path.mnt;
- struct dentry *dentry_save = nd->lookup.path.dentry;
-
- nd->lookup.path.mnt = ecryptfs_dentry_to_lower_mnt(nd->lookup.path.dentry);
- nd->lookup.path.dentry = ecryptfs_dentry_to_lower(nd->lookup.path.dentry);
- rc = permission(ecryptfs_inode_to_lower(inode), mask, nd);
- nd->lookup.path.mnt = vfsmnt_save;
- nd->lookup.path.dentry = dentry_save;
+ if (lookup) {
+ struct vfsmount *vfsmnt_save = lookup->path.mnt;
+ struct dentry *dentry_save = lookup->path.dentry;
+
+ lookup->path.mnt = ecryptfs_dentry_to_lower_mnt(lookup->path.dentry);
+ lookup->path.dentry = ecryptfs_dentry_to_lower(lookup->path.dentry);
+ rc = permission(ecryptfs_inode_to_lower(inode), mask, lookup);
+ lookup->path.mnt = vfsmnt_save;
+ lookup->path.dentry = dentry_save;
} else
rc = permission(ecryptfs_inode_to_lower(inode), mask, NULL);
return rc;
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -142,7 +142,7 @@ asmlinkage long sys_uselib(const char __
if (!S_ISREG(nd.lookup.path.dentry->d_inode->i_mode))
goto exit;
- error = vfs_permission(&nd, MAY_READ | MAY_EXEC);
+ error = vfs_permission(&nd.lookup, MAY_READ | MAY_EXEC);
if (error)
goto exit;
@@ -683,7 +683,7 @@ struct file *open_exec(const char *name)
file = ERR_PTR(-EACCES);
if (!(nd.lookup.path.mnt->mnt_flags & MNT_NOEXEC) &&
S_ISREG(inode->i_mode)) {
- int err = vfs_permission(&nd, MAY_EXEC);
+ int err = vfs_permission(&nd.lookup, MAY_EXEC);
file = ERR_PTR(err);
if (!err) {
file = nameidata_to_filp(&nd, O_RDONLY);
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -294,7 +294,7 @@ ext2_check_acl(struct inode *inode, int
}
int
-ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, ext2_check_acl);
}
--- a/fs/ext2/acl.h
+++ b/fs/ext2/acl.h
@@ -58,7 +58,7 @@ static inline int ext2_acl_count(size_t
#define EXT2_ACL_NOT_CACHED ((void *)-1)
/* acl.c */
-extern int ext2_permission (struct inode *, int, struct nameidata *);
+extern int ext2_permission (struct inode *, int, struct vfs_lookup *);
extern int ext2_acl_chmod (struct inode *);
extern int ext2_init_acl (struct inode *, struct inode *);
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -299,7 +299,7 @@ ext3_check_acl(struct inode *inode, int
}
int
-ext3_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext3_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, ext3_check_acl);
}
--- a/fs/ext3/acl.h
+++ b/fs/ext3/acl.h
@@ -58,7 +58,7 @@ static inline int ext3_acl_count(size_t
#define EXT3_ACL_NOT_CACHED ((void *)-1)
/* acl.c */
-extern int ext3_permission (struct inode *, int, struct nameidata *);
+extern int ext3_permission (struct inode *, int, struct vfs_lookup *);
extern int ext3_acl_chmod (struct inode *);
extern int ext3_init_acl (handle_t *, struct inode *, struct inode *);
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -299,7 +299,7 @@ ext4_check_acl(struct inode *inode, int
}
int
-ext4_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext4_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, ext4_check_acl);
}
--- a/fs/ext4/acl.h
+++ b/fs/ext4/acl.h
@@ -58,7 +58,7 @@ static inline int ext4_acl_count(size_t
#define EXT4_ACL_NOT_CACHED ((void *)-1)
/* acl.c */
-extern int ext4_permission (struct inode *, int, struct nameidata *);
+extern int ext4_permission (struct inode *, int, struct vfs_lookup *);
extern int ext4_acl_chmod (struct inode *);
extern int ext4_init_acl (handle_t *, struct inode *, struct inode *);
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -792,7 +792,7 @@ static int fuse_access(struct inode *ino
* access request is sent. Execute permission is still checked
* locally based on file mode.
*/
-static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int fuse_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
struct fuse_conn *fc = get_fuse_conn(inode);
@@ -821,7 +821,7 @@ static int fuse_permission(struct inode
if ((mask & MAY_EXEC) && !S_ISDIR(mode) && !(mode & S_IXUGO))
return -EACCES;
- if (nd && (nd->lookup.flags & (LOOKUP_ACCESS | LOOKUP_CHDIR)))
+ if (lookup && (lookup->flags & (LOOKUP_ACCESS | LOOKUP_CHDIR)))
return fuse_access(inode, mask);
return 0;
}
--- a/fs/gfs2/ops_inode.c
+++ b/fs/gfs2/ops_inode.c
@@ -861,7 +861,7 @@ static void *gfs2_follow_link(struct den
* gfs2_permission -
* @inode:
* @mask:
- * @nd: passed from Linux VFS, ignored by us
+ * @lookup: passed from Linux VFS, ignored by us
*
* This may be called from the VFS directly, or from within GFS2 with the
* inode locked, so we look to see if the glock is already locked and only
@@ -870,7 +870,7 @@ static void *gfs2_follow_link(struct den
* Returns: errno
*/
-static int gfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int gfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
struct gfs2_inode *ip = GFS2_I(inode);
struct gfs2_holder i_gh;
--- a/fs/hfs/inode.c
+++ b/fs/hfs/inode.c
@@ -508,7 +508,7 @@ void hfs_clear_inode(struct inode *inode
}
static int hfs_permission(struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
if (S_ISREG(inode->i_mode) && mask & MAY_EXEC)
return 0;
--- a/fs/hfsplus/inode.c
+++ b/fs/hfsplus/inode.c
@@ -232,7 +232,7 @@ static void hfsplus_set_perms(struct ino
perms->dev = cpu_to_be32(HFSPLUS_I(inode).dev);
}
-static int hfsplus_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int hfsplus_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
/* MAY_EXEC is also used for lookup, if no x bit is set allow lookup,
* open_exec has the same test, so it's still not executable, if a x bit
--- a/fs/inotify_user.c
+++ b/fs/inotify_user.c
@@ -349,7 +349,7 @@ static int find_inode(const char __user
if (error)
return error;
/* you can only watch an inode if you have read permissions on it */
- error = vfs_permission(nd, MAY_READ);
+ error = vfs_permission(nd.lookup, MAY_READ);
if (error)
path_release(nd);
return error;
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -302,7 +302,7 @@ static int jffs2_check_acl(struct inode
return -EAGAIN;
}
-int jffs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+int jffs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, jffs2_check_acl);
}
--- a/fs/jffs2/acl.h
+++ b/fs/jffs2/acl.h
@@ -28,7 +28,7 @@ struct jffs2_acl_header {
#define JFFS2_ACL_NOT_CACHED ((void *)-1)
-extern int jffs2_permission(struct inode *, int, struct nameidata *);
+extern int jffs2_permission(struct inode *, int, struct vfs_lookup *);
extern int jffs2_acl_chmod(struct inode *);
extern int jffs2_init_acl(struct inode *, struct inode *);
extern void jffs2_clear_acl(struct jffs2_inode_info *);
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -140,7 +140,7 @@ static int jfs_check_acl(struct inode *i
return -EAGAIN;
}
-int jfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int jfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, jfs_check_acl);
}
--- a/fs/jfs/jfs_acl.h
+++ b/fs/jfs/jfs_acl.h
@@ -20,7 +20,7 @@
#ifdef CONFIG_JFS_POSIX_ACL
-int jfs_permission(struct inode *, int, struct nameidata *);
+int jfs_permission(struct inode *, int, struct vfs_lookup *);
int jfs_init_acl(tid_t, struct inode *, struct inode *);
int jfs_setattr(struct dentry *, struct iattr *);
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -226,7 +226,7 @@ int generic_permission(struct inode *ino
return -EACCES;
}
-int permission(struct inode *inode, int mask, struct nameidata *nd)
+int permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
umode_t mode = inode->i_mode;
int retval, submask;
@@ -254,24 +254,25 @@ int permission(struct inode *inode, int
* the fs is mounted with the "noexec" flag.
*/
if ((mask & MAY_EXEC) && S_ISREG(mode) && (!(mode & S_IXUGO) ||
- (nd && nd->lookup.path.mnt && (nd->lookup.path.mnt->mnt_flags & MNT_NOEXEC))))
+ (lookup && lookup->path.mnt &&
+ (lookup->path.mnt->mnt_flags & MNT_NOEXEC))))
return -EACCES;
/* Ordinary permission routines do not understand MAY_APPEND. */
submask = mask & ~MAY_APPEND;
if (inode->i_op && inode->i_op->permission)
- retval = inode->i_op->permission(inode, submask, nd);
+ retval = inode->i_op->permission(inode, submask, lookup);
else
retval = generic_permission(inode, submask, NULL);
if (retval)
return retval;
- return security_inode_permission(inode, mask, nd);
+ return security_inode_permission(inode, mask, lookup);
}
/**
* vfs_permission - check for access rights to a given path
- * @nd: lookup result that describes the path
+ * @lookup: lookup result that describes the path
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
*
* Used to check for read/write/execute permissions on a path.
@@ -279,9 +280,9 @@ int permission(struct inode *inode, int
* for filesystem access without changing the "normal" uids which
* are used for other things.
*/
-int vfs_permission(struct nameidata *nd, int mask)
+int vfs_permission(struct vfs_lookup *lookup, int mask)
{
- return permission(nd->lookup.path.dentry->d_inode, mask, nd);
+ return permission(lookup->path.dentry->d_inode, mask, lookup);
}
/**
@@ -429,8 +430,7 @@ static struct dentry * cached_lookup(str
* short-cut DAC fails, then call permission() to do more
* complete permission check.
*/
-static int exec_permission_lite(struct inode *inode,
- struct nameidata *nd)
+static int exec_permission_lite(struct inode *inode, struct vfs_lookup *lookup)
{
umode_t mode = inode->i_mode;
@@ -456,7 +456,7 @@ static int exec_permission_lite(struct i
return -EACCES;
ok:
- return security_inode_permission(inode, MAY_EXEC, nd);
+ return security_inode_permission(inode, MAY_EXEC, lookup);
}
/*
@@ -831,9 +831,9 @@ static fastcall int __link_path_walk(con
unsigned int c;
nd->lookup.flags |= LOOKUP_CONTINUE;
- err = exec_permission_lite(inode, nd);
+ err = exec_permission_lite(inode, &nd->lookup);
if (err == -EAGAIN)
- err = vfs_permission(nd, MAY_EXEC);
+ err = vfs_permission(&nd->lookup, MAY_EXEC);
if (err)
break;
@@ -1321,7 +1321,7 @@ static inline struct dentry * __lookup_h
inode = base->d_inode;
- err = permission(inode, MAY_EXEC, nd);
+ err = permission(inode, MAY_EXEC, &nd->lookup);
dentry = ERR_PTR(err);
if (err)
goto out;
@@ -1473,13 +1473,13 @@ static int may_delete(struct inode *dir,
* 4. We can't do it if dir is immutable (done in permission())
*/
static inline int may_create(struct inode *dir, struct dentry *child,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
if (child->d_inode)
return -EEXIST;
if (IS_DEADDIR(dir))
return -ENOENT;
- return permission(dir,MAY_WRITE | MAY_EXEC, nd);
+ return permission(dir,MAY_WRITE | MAY_EXEC, lookup);
}
/*
@@ -1545,7 +1545,7 @@ void unlock_rename(struct dentry *p1, st
int vfs_create(struct inode *dir, struct dentry *dentry, int mode,
struct nameidata *nd)
{
- int error = may_create(dir, dentry, nd);
+ int error = may_create(dir, dentry, &nd->lookup);
if (error)
return error;
@@ -1579,7 +1579,7 @@ int may_open(struct nameidata *nd, int a
if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
return -EISDIR;
- error = vfs_permission(nd, acc_mode);
+ error = vfs_permission(&nd->lookup, acc_mode);
if (error)
return error;
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -1955,7 +1955,7 @@ out:
return -EACCES;
}
-int nfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int nfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
struct rpc_cred *cred;
int res = 0;
@@ -1965,7 +1965,7 @@ int nfs_permission(struct inode *inode,
if (mask == 0)
goto out;
/* Is this sys_access() ? */
- if (nd != NULL && (nd->lookup.flags & LOOKUP_ACCESS))
+ if (lookup && (lookup->flags & LOOKUP_ACCESS))
goto force_lookup;
switch (inode->i_mode & S_IFMT) {
@@ -1974,8 +1974,8 @@ int nfs_permission(struct inode *inode,
case S_IFREG:
/* NFSv4 has atomic_open... */
if (nfs_server_capable(inode, NFS_CAP_ATOMIC_OPEN)
- && nd != NULL
- && (nd->lookup.flags & LOOKUP_OPEN))
+ && lookup
+ && (lookup->flags & LOOKUP_OPEN))
goto out;
break;
case S_IFDIR:
--- a/fs/ocfs2/file.c
+++ b/fs/ocfs2/file.c
@@ -1091,7 +1091,7 @@ bail:
return err;
}
-int ocfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+int ocfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
int ret;
--- a/fs/ocfs2/file.h
+++ b/fs/ocfs2/file.h
@@ -54,8 +54,7 @@ int ocfs2_lock_allocators(struct inode *
int ocfs2_setattr(struct dentry *dentry, struct iattr *attr);
int ocfs2_getattr(struct vfsmount *mnt, struct dentry *dentry,
struct kstat *stat);
-int ocfs2_permission(struct inode *inode, int mask,
- struct nameidata *nd);
+int ocfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup);
int ocfs2_should_update_atime(struct inode *inode,
struct vfsmount *vfsmnt);
--- a/fs/open.c
+++ b/fs/open.c
@@ -244,7 +244,7 @@ static long do_sys_truncate(const char _
if (!S_ISREG(inode->i_mode))
goto dput_and_out;
- error = vfs_permission(&nd, MAY_WRITE);
+ error = vfs_permission(&nd.lookup, MAY_WRITE);
if (error)
goto dput_and_out;
@@ -452,7 +452,7 @@ asmlinkage long sys_faccessat(int dfd, c
if (res)
goto out;
- res = vfs_permission(&nd, mode);
+ res = vfs_permission(&nd.lookup, mode);
/* SuS v2 requires we report a read only fs too */
if(res || !(mode & S_IWOTH) ||
special_file(nd.lookup.path.dentry->d_inode->i_mode))
@@ -486,7 +486,7 @@ asmlinkage long sys_chdir(const char __u
if (error)
goto out;
- error = vfs_permission(&nd, MAY_EXEC);
+ error = vfs_permission(&nd.lookup, MAY_EXEC);
if (error)
goto dput_and_out;
@@ -537,7 +537,7 @@ asmlinkage long sys_chroot(const char __
if (error)
goto out;
- error = vfs_permission(&nd, MAY_EXEC);
+ error = vfs_permission(&nd.lookup, MAY_EXEC);
if (error)
goto dput_and_out;
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1479,7 +1479,7 @@ static const struct file_operations proc
* access /proc/self/fd after it has executed a setuid().
*/
static int proc_fd_permission(struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
int rv;
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -369,7 +369,8 @@ out:
return ret;
}
-static int proc_sys_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int proc_sys_permission(struct inode *inode, int mask,
+ struct vfs_lookup *lookup)
{
/*
* sysctl entries that are not writeable,
@@ -402,10 +403,10 @@ static int proc_sys_permission(struct in
/* If we can't get a sysctl table entry the permission
* checks on the cached mode will have to be enough.
*/
- if (!nd || !depth)
+ if (!lookup || !depth)
goto out;
- dentry = nd->lookup.path.dentry;
+ dentry = lookup->path.dentry;
table = do_proc_sys_lookup(dentry->d_parent, &dentry->d_name, &head);
/* If the entry does not exist deny permission */
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -1294,7 +1294,8 @@ static int reiserfs_check_acl(struct ino
return error;
}
-int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int reiserfs_permission(struct inode *inode, int mask,
+ struct vfs_lookup *lookup)
{
/*
* We don't do permission checks on the internal objects.
--- a/fs/smbfs/file.c
+++ b/fs/smbfs/file.c
@@ -391,7 +391,7 @@ smb_file_release(struct inode *inode, st
* privileges, so we need our own check for this.
*/
static int
-smb_file_permission(struct inode *inode, int mask, struct nameidata *nd)
+smb_file_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
int mode = inode->i_mode;
int error = 0;
--- a/fs/utimes.c
+++ b/fs/utimes.c
@@ -111,7 +111,7 @@ long do_utimes(int dfd, char __user *fil
if (!(f->f_mode & FMODE_WRITE))
goto dput_and_out;
} else {
- error = vfs_permission(&nd, MAY_WRITE);
+ error = vfs_permission(&nd.lookup, MAY_WRITE);
if (error)
goto dput_and_out;
}
--- a/fs/xfs/linux-2.6/xfs_iops.c
+++ b/fs/xfs/linux-2.6/xfs_iops.c
@@ -605,7 +605,7 @@ STATIC int
xfs_vn_permission(
struct inode *inode,
int mode,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
return -bhv_vop_access(vn_from_inode(inode), mode << 6, NULL);
}
--- a/include/linux/coda_linux.h
+++ b/include/linux/coda_linux.h
@@ -37,7 +37,7 @@ extern const struct file_operations coda
/* operations shared over more than one file */
int coda_open(struct inode *i, struct file *f);
int coda_release(struct inode *i, struct file *f);
-int coda_permission(struct inode *inode, int mask, struct nameidata *nd);
+int coda_permission(struct inode *inode, int mask, struct vfs_lookup *lookup);
int coda_revalidate_inode(struct dentry *);
int coda_getattr(struct vfsmount *, struct dentry *, struct kstat *);
int coda_setattr(struct dentry *, struct iattr *);
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1008,7 +1008,7 @@ extern void unlock_super(struct super_bl
/*
* VFS helper functions..
*/
-extern int vfs_permission(struct nameidata *, int);
+extern int vfs_permission(struct vfs_lookup *, int);
extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
extern int vfs_mkdir(struct inode *, struct dentry *, int);
extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
@@ -1147,7 +1147,7 @@ struct inode_operations {
void * (*follow_link) (struct dentry *, struct nameidata *);
void (*put_link) (struct dentry *, struct nameidata *, void *);
void (*truncate) (struct inode *);
- int (*permission) (struct inode *, int, struct nameidata *);
+ int (*permission) (struct inode *, int, struct vfs_lookup *);
int (*setattr) (struct dentry *, struct iattr *);
int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *);
int (*setxattr) (struct dentry *, const char *,const void *,size_t,int);
@@ -1562,7 +1562,7 @@ extern int do_remount_sb(struct super_bl
extern sector_t bmap(struct inode *, sector_t);
#endif
extern int notify_change(struct dentry *, struct iattr *);
-extern int permission(struct inode *, int, struct nameidata *);
+extern int permission(struct inode *, int, struct vfs_lookup *);
extern int generic_permission(struct inode *, int,
int (*check_acl)(struct inode *, int));
--- a/include/linux/nfs_fs.h
+++ b/include/linux/nfs_fs.h
@@ -288,7 +288,7 @@ extern struct inode *nfs_fhget(struct su
extern int nfs_refresh_inode(struct inode *, struct nfs_fattr *);
extern int nfs_post_op_update_inode(struct inode *inode, struct nfs_fattr *fattr);
extern int nfs_getattr(struct vfsmount *, struct dentry *, struct kstat *);
-extern int nfs_permission(struct inode *, int, struct nameidata *);
+extern int nfs_permission(struct inode *, int, struct vfs_lookup *);
extern int nfs_access_get_cached(struct inode *, struct rpc_cred *, struct nfs_access_entry *);
extern void nfs_access_add_cache(struct inode *, struct nfs_access_entry *);
extern void nfs_access_zap_cache(struct inode *inode);
--- a/include/linux/reiserfs_xattr.h
+++ b/include/linux/reiserfs_xattr.h
@@ -55,8 +55,8 @@ int reiserfs_removexattr(struct dentry *
int reiserfs_delete_xattrs(struct inode *inode);
int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs);
int reiserfs_xattr_init(struct super_block *sb, int mount_flags);
-int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd);
-
+int reiserfs_permission(struct inode *inode, int mask,
+ struct vfs_lookup *lookup);
int reiserfs_xattr_del(struct inode *, const char *);
int reiserfs_xattr_get(const struct inode *, const char *, void *, size_t);
int reiserfs_xattr_set(struct inode *, const char *, const void *, size_t, int);
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -350,7 +350,7 @@ struct request_sock;
* called when the actual read/write operations are performed.
* @inode contains the inode structure to check.
* @mask contains the permission mask.
- * @nd contains the nameidata (may be NULL).
+ * @lookup contains the vfs_lookup (may be NULL).
* Return 0 if permission is granted.
* @inode_setattr:
* Check permission before setting file attributes. Note that the kernel
@@ -1220,7 +1220,7 @@ struct security_operations {
struct inode *new_dir, struct dentry *new_dentry);
int (*inode_readlink) (struct dentry *dentry);
int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
- int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd);
+ int (*inode_permission) (struct inode *inode, int mask, struct vfs_lookup *lookup);
int (*inode_setattr) (struct dentry *dentry, struct iattr *attr);
int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
void (*inode_delete) (struct inode *inode);
@@ -1700,11 +1700,11 @@ static inline int security_inode_follow_
}
static inline int security_inode_permission (struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
if (unlikely (IS_PRIVATE (inode)))
return 0;
- return security_ops->inode_permission (inode, mask, nd);
+ return security_ops->inode_permission (inode, mask, lookup);
}
static inline int security_inode_setattr (struct dentry *dentry,
@@ -2408,7 +2408,7 @@ static inline int security_inode_follow_
}
static inline int security_inode_permission (struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
return 0;
}
--- a/include/linux/shmem_fs.h
+++ b/include/linux/shmem_fs.h
@@ -41,7 +41,7 @@ static inline struct shmem_inode_info *S
}
#ifdef CONFIG_TMPFS_POSIX_ACL
-int shmem_permission(struct inode *, int, struct nameidata *);
+int shmem_permission(struct inode *, int, struct vfs_lookup *);
int shmem_acl_init(struct inode *, struct inode *);
void shmem_acl_destroy_inode(struct inode *);
--- a/mm/shmem_acl.c
+++ b/mm/shmem_acl.c
@@ -191,7 +191,7 @@ shmem_check_acl(struct inode *inode, int
* shmem_permission - permission() inode operation
*/
int
-shmem_permission(struct inode *inode, int mask, struct nameidata *nd)
+shmem_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return generic_permission(inode, mask, shmem_check_acl);
}
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -729,7 +729,7 @@ static struct sock *unix_find_other(stru
err = path_lookup(sunname->sun_path, LOOKUP_FOLLOW, &nd);
if (err)
goto fail;
- err = vfs_permission(&nd, MAY_WRITE);
+ err = vfs_permission(&nd.lookup, MAY_WRITE);
if (err)
goto put_fail;
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -323,7 +323,7 @@ static int dummy_inode_follow_link (stru
return 0;
}
-static int dummy_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
+static int dummy_inode_permission (struct inode *inode, int mask, struct vfs_lookup *lookup)
{
return 0;
}
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2250,11 +2250,11 @@ static int selinux_inode_follow_link(str
}
static int selinux_inode_permission(struct inode *inode, int mask,
- struct nameidata *nd)
+ struct vfs_lookup *lookup)
{
int rc;
- rc = secondary_ops->inode_permission(inode, mask, nd);
+ rc = secondary_ops->inode_permission(inode, mask, lookup);
if (rc)
return rc;
next prev parent reply other threads:[~2007-08-08 17:20 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-08 17:16 [RFC 00/10] Split up struct nameidata (take 3) Andreas Gruenbacher
2007-08-08 17:16 ` [RFC 01/10] Split up struct nameidata Andreas Gruenbacher
2007-08-08 19:32 ` Christoph Hellwig
2007-08-09 8:26 ` atomic open (was Re: [RFC 01/10] Split up struct nameidata) Miklos Szeredi
2007-08-10 14:42 ` [RFC 01/10] Split up struct nameidata Andreas Gruenbacher
2007-08-10 14:22 ` [patch 1/4] Introduce pathput Andreas Gruenbacher
2007-08-29 19:07 ` Christoph Hellwig
2007-09-14 16:36 ` Christoph Hellwig
2007-08-10 14:22 ` [patch 2/4] Use pathput in a few more places Andreas Gruenbacher
2007-08-29 19:08 ` Christoph Hellwig
2007-08-30 15:01 ` [FIX] mntput called before dput in afs Andreas Gruenbacher
2007-08-30 15:15 ` David Howells
2007-08-30 15:56 ` David Howells
2007-08-10 14:22 ` [patch 3/4] Introduce pathget Andreas Gruenbacher
2007-08-29 19:09 ` Christoph Hellwig
2007-08-10 14:22 ` [patch 4/4] Switch to struct path in fs_struct Andreas Gruenbacher
2007-08-29 19:12 ` Christoph Hellwig
2007-08-08 17:16 ` [RFC 02/10] Switch from nd->{mnt,dentry} to nd->lookup.path.{mnt,dentry} Andreas Gruenbacher
2007-08-08 17:16 ` Andreas Gruenbacher [this message]
2007-08-08 17:16 ` [RFC 04/10] Temporary struct vfs_lookup in file_permission Andreas Gruenbacher
2007-08-08 17:58 ` Josef Sipek
2007-08-08 18:56 ` Andreas Gruenbacher
2007-08-08 19:25 ` Christoph Hellwig
2007-08-08 21:41 ` Andreas Gruenbacher
2007-08-08 23:24 ` Christoph Hellwig
2007-08-09 17:23 ` Andreas Gruenbacher
2007-08-08 17:16 ` [RFC 05/10] Use vfs_permission instead of file_permission in sys_fchdir Andreas Gruenbacher
2007-08-08 19:26 ` Christoph Hellwig
2007-08-08 17:16 ` [RFC 06/10] Use vfs_permission instead of file_permission in do_path_lookup Andreas Gruenbacher
2007-08-08 19:27 ` Christoph Hellwig
2007-08-08 17:16 ` [RFC 07/10] Pass no unnecessary information to iop->create Andreas Gruenbacher
2007-08-08 17:16 ` [RFC 08/10] Pass no NULL vfs_lookup to vfs_create Andreas Gruenbacher
2007-08-08 19:36 ` Christoph Hellwig
2007-08-08 17:16 ` [RFC 09/10] Pass no unnecessary information to dop->d_revalidate Andreas Gruenbacher
2007-08-08 17:16 ` [RFC 10/10] Pass no unnecessary information to iop->lookup Andreas Gruenbacher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070808171643.797533942@suse.de \
--to=agruen@suse.de \
--cc=ezk@cs.sunysb.edu \
--cc=jblunck@suse.de \
--cc=jjohansen@suse.de \
--cc=jsipek@cs.sunysb.edu \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.