diff options
author | Dave Hansen <haveblue@us.ibm.com> | 2007-10-16 23:31:14 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 08:43:05 -0700 |
commit | b41572e929221b0d87f529106cdf12185ee84bca (patch) | |
tree | 0ffd9252f53e9e964e962d6d428377851f12b015 /fs/namei.c | |
parent | ce8d2cdf3d2b73e346c82e6f0a46da331df6364c (diff) | |
download | lwn-b41572e929221b0d87f529106cdf12185ee84bca.tar.gz lwn-b41572e929221b0d87f529106cdf12185ee84bca.zip |
r/o bind mounts: rearrange may_open() to be r/o friendly
may_open() calls vfs_permission() before it does checks for IS_RDONLY(inode).
It checks _again_ inside of vfs_permission().
The check inside of vfs_permission() is going away eventually. With the
mnt_want/drop_write() functions, all of the r/o checks (except for this one)
are consistently done before calling permission(). Because of this, I'd like
to use permission() to hold a debugging check to make sure that the
mnt_want/drop_write() calls are actually being made.
So, to do this:
1. remove the IS_RDONLY() check from permission()
2. enforce that you must mnt_want_write() before
even calling permission()
3. actually add the debugging check to permission()
We need to rearrange may_open() to do r/o checks before calling permission().
Here's the patch.
Signed-off-by: Dave Hansen <haveblue@us.ibm.com>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/namei.c')
-rw-r--r-- | fs/namei.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/fs/namei.c b/fs/namei.c index 2792e0ca01d4..a29bb0f40ed5 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1604,10 +1604,6 @@ int may_open(struct nameidata *nd, int acc_mode, int flag) if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) return -EISDIR; - error = vfs_permission(nd, acc_mode); - if (error) - return error; - /* * FIFO's, sockets and device files are special: they don't * actually live on the filesystem itself, and as such you @@ -1622,6 +1618,10 @@ int may_open(struct nameidata *nd, int acc_mode, int flag) flag &= ~O_TRUNC; } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) return -EROFS; + + error = vfs_permission(nd, acc_mode); + if (error) + return error; /* * An append-only file must be opened in append mode for writing. */ |