[RFC 1/2] [9P] Add a new access mode, V9FS_ACCESS_USER.

[RFC 1/2] [9P] Add a new access mode, V9FS_ACCESS_USER.

[Venkateswararao Jujjuri (JV)]

This new access mode is just like V9FS_ACCESS_USER except the location of
access check. Traditionally 9P protocol lets the server perform access
cheks but with this mode, all the access checks will be performed on the
client itself. Server just follows the client's directive.

This mode can be invoked during the mount time by providing the following
option:  "-o access=client"

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
 fs/9p/fid.c  |    1 +
 fs/9p/v9fs.c |    5 ++++-
 fs/9p/v9fs.h |    4 +++-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/fs/9p/fid.c b/fs/9p/fid.c
index 5d6cfcb..6e9bb6b 100644
--- a/fs/9p/fid.c
+++ b/fs/9p/fid.c
@@ -121,6 +121,7 @@ struct p9_fid *v9fs_fid_lookup(struct dentry *dentry)
 	switch (access) {
 	case V9FS_ACCESS_SINGLE:
 	case V9FS_ACCESS_USER:
+	case V9FS_ACCESS_CLIENT:
 		uid = current_fsuid();
 		any = 0;
 		break;
diff --git a/fs/9p/v9fs.c b/fs/9p/v9fs.c
index 3c49201..aac818d 100644
--- a/fs/9p/v9fs.c
+++ b/fs/9p/v9fs.c
@@ -193,6 +193,8 @@ static int v9fs_parse_options(struct v9fs_session_info *v9ses, char *opts)
 				v9ses->flags |= V9FS_ACCESS_USER;
 			else if (strcmp(s, "any") == 0)
 				v9ses->flags |= V9FS_ACCESS_ANY;
+			else if (strcmp(s, "client") == 0)
+				v9ses->flags |= V9FS_ACCESS_CLIENT;
 			else {
 				v9ses->flags |= V9FS_ACCESS_SINGLE;
 				v9ses->uid = simple_strtoul(s, &e, 10);
@@ -279,7 +281,8 @@ struct p9_fid *v9fs_session_init(struct v9fs_session_info *v9ses,
 
 	/* for legacy mode, fall back to V9FS_ACCESS_ANY */
 	if (!(v9fs_proto_dotu(v9ses) || v9fs_proto_dotl(v9ses)) &&
-		((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_USER)) {
+		(((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_USER) ||
+		 ((v9ses->flags&V9FS_ACCESS_MASK) == V9FS_ACCESS_CLIENT))) {
 
 		v9ses->flags &= ~V9FS_ACCESS_MASK;
 		v9ses->flags |= V9FS_ACCESS_ANY;
diff --git a/fs/9p/v9fs.h b/fs/9p/v9fs.h
index bec4d0b..58ffdcf 100644
--- a/fs/9p/v9fs.h
+++ b/fs/9p/v9fs.h
@@ -29,6 +29,7 @@
  * @V9FS_ACCESS_SINGLE: only the mounting user can access the hierarchy
  * @V9FS_ACCESS_USER: a new attach will be issued for every user (default)
  * @V9FS_ACCESS_ANY: use a single attach for all users
+ * @V9FS_ACCESS_CLIENT: Like V9FS_ACCESS_USER, but access check on client.
  * @V9FS_ACCESS_MASK: bit mask of different ACCESS options
  *
  * Session flags reflect options selected by users at mount time
@@ -39,7 +40,8 @@ enum p9_session_flags {
 	V9FS_ACCESS_SINGLE	= 0x04,
 	V9FS_ACCESS_USER	= 0x08,
 	V9FS_ACCESS_ANY		= 0x0C,
-	V9FS_ACCESS_MASK	= 0x0C,
+	V9FS_ACCESS_CLIENT	= 0x1C,
+	V9FS_ACCESS_MASK	= 0x1C,
 };
 
 /* possible values of ->cache */
-- 
1.6.5.2

[RFC 2/2] [fs/9p] Check if the inode change is allowed.

[Venkateswararao Jujjuri (JV)]

This patch adds a inode_change_ok() check before proceeding on to change
the attributes. This check is done only if the access=client.

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
 fs/9p/vfs_inode.c |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c
index a67f9f5..31a70c7 100644
--- a/fs/9p/vfs_inode.c
+++ b/fs/9p/vfs_inode.c
@@ -900,10 +900,19 @@ static int v9fs_vfs_setattr(struct dentry *dentry, struct iattr *iattr)
 	struct v9fs_session_info *v9ses;
 	struct p9_fid *fid;
 	struct p9_wstat wstat;
+	int access;
 
 	P9_DPRINTK(P9_DEBUG_VFS, "\n");
 	retval = -EPERM;
 	v9ses = v9fs_inode2v9ses(dentry->d_inode);
+	access = v9ses->flags & V9FS_ACCESS_MASK;
+
+	if ((access == V9FS_ACCESS_CLIENT)) {
+		retval = inode_change_ok(dentry->d_inode, iattr);
+		if (retval)
+			return retval;
+	}
+
 	fid = v9fs_fid_lookup(dentry);
 	if(IS_ERR(fid))
 		return PTR_ERR(fid);
-- 
1.6.5.2