From: "Venkateswararao Jujjuri (JV)" <jvrao@linux.vnet.ibm.com>
To: v9fs-developer@lists.sourceforge.net
Cc: linux-fsdevel@vger.kernel.org,
"Venkateswararao Jujjuri (JV)" <jvrao@linux.vnet.ibm.com>
Subject: [RFC 1/2] [9P] Add a new access mode, V9FS_ACCESS_USER.
Date: Tue, 8 Jun 2010 17:22:27 -0700 [thread overview]
Message-ID: <1276042948-19257-1-git-send-email-jvrao@linux.vnet.ibm.com> (raw)
This new access mode is just like V9FS_ACCESS_USER except the location of
access check. Traditionally 9P protocol lets the server perform access
cheks but with this mode, all the access checks will be performed on the
client itself. Server just follows the client's directive.
This mode can be invoked during the mount time by providing the following
option: "-o access=client"
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
fs/9p/fid.c | 1 +
fs/9p/v9fs.c | 5 ++++-
fs/9p/v9fs.h | 4 +++-
3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/fs/9p/fid.c b/fs/9p/fid.c
index 5d6cfcb..6e9bb6b 100644
--- a/fs/9p/fid.c
+++ b/fs/9p/fid.c
@@ -121,6 +121,7 @@ struct p9_fid *v9fs_fid_lookup(struct dentry *dentry)
switch (access) {
case V9FS_ACCESS_SINGLE:
case V9FS_ACCESS_USER:
+ case V9FS_ACCESS_CLIENT:
uid = current_fsuid();
any = 0;
break;
diff --git a/fs/9p/v9fs.c b/fs/9p/v9fs.c
index 3c49201..aac818d 100644
--- a/fs/9p/v9fs.c
+++ b/fs/9p/v9fs.c
@@ -193,6 +193,8 @@ static int v9fs_parse_options(struct v9fs_session_info *v9ses, char *opts)
v9ses->flags |= V9FS_ACCESS_USER;
else if (strcmp(s, "any") == 0)
v9ses->flags |= V9FS_ACCESS_ANY;
+ else if (strcmp(s, "client") == 0)
+ v9ses->flags |= V9FS_ACCESS_CLIENT;
else {
v9ses->flags |= V9FS_ACCESS_SINGLE;
v9ses->uid = simple_strtoul(s, &e, 10);
@@ -279,7 +281,8 @@ struct p9_fid *v9fs_session_init(struct v9fs_session_info *v9ses,
/* for legacy mode, fall back to V9FS_ACCESS_ANY */
if (!(v9fs_proto_dotu(v9ses) || v9fs_proto_dotl(v9ses)) &&
- ((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_USER)) {
+ (((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_USER) ||
+ ((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_CLIENT))) {
v9ses->flags &= ~V9FS_ACCESS_MASK;
v9ses->flags |= V9FS_ACCESS_ANY;
diff --git a/fs/9p/v9fs.h b/fs/9p/v9fs.h
index bec4d0b..58ffdcf 100644
--- a/fs/9p/v9fs.h
+++ b/fs/9p/v9fs.h
@@ -29,6 +29,7 @@
* @V9FS_ACCESS_SINGLE: only the mounting user can access the hierarchy
* @V9FS_ACCESS_USER: a new attach will be issued for every user (default)
* @V9FS_ACCESS_ANY: use a single attach for all users
+ * @V9FS_ACCESS_CLIENT: Like V9FS_ACCESS_USER, but access check on client.
* @V9FS_ACCESS_MASK: bit mask of different ACCESS options
*
* Session flags reflect options selected by users at mount time
@@ -39,7 +40,8 @@ enum p9_session_flags {
V9FS_ACCESS_SINGLE = 0x04,
V9FS_ACCESS_USER = 0x08,
V9FS_ACCESS_ANY = 0x0C,
- V9FS_ACCESS_MASK = 0x0C,
+ V9FS_ACCESS_CLIENT = 0x1C,
+ V9FS_ACCESS_MASK = 0x1C,
};
/* possible values of ->cache */
--
1.6.5.2
next reply other threads:[~2010-06-09 0:18 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-09 0:22 Venkateswararao Jujjuri (JV) [this message]
2010-06-09 0:22 ` [RFC 2/2] [fs/9p] Check if the inode change is allowed Venkateswararao Jujjuri (JV)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1276042948-19257-1-git-send-email-jvrao@linux.vnet.ibm.com \
--to=jvrao@linux.vnet.ibm.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=v9fs-developer@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).