summaryrefslogtreecommitdiff
path: root/fs
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2008-07-17 09:19:08 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-07-26 20:53:21 -0400
commita110343f0d6d41f68b7cf8c00b57a3172c67f816 (patch)
tree04f57e3454e796765a7395d2ece4739cf536ae9f /fs
parent7f2da1e7d0330395e5e9e350b879b98a1ea495df (diff)
downloadlwn-a110343f0d6d41f68b7cf8c00b57a3172c67f816.tar.gz
lwn-a110343f0d6d41f68b7cf8c00b57a3172c67f816.zip
[PATCH] fix MAY_CHDIR/MAY_ACCESS/LOOKUP_ACCESS mess
* MAY_CHDIR is redundant - it's an equivalent of MAY_ACCESS * MAY_ACCESS on fuse should affect only the last step of pathname resolution * fchdir() and chroot() should pass MAY_ACCESS, for the same reason why chdir() needs that. * now that we pass MAY_ACCESS explicitly in all cases, LOOKUP_ACCESS can be removed; it has no business being in nameidata. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r--fs/fuse/dir.c2
-rw-r--r--fs/namei.c2
-rw-r--r--fs/open.c10
3 files changed, 6 insertions, 8 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 48a7934cb950..fd03330cadeb 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -962,7 +962,7 @@ static int fuse_permission(struct inode *inode, int mask)
exist. So if permissions are revoked this won't be
noticed immediately, only after the attribute
timeout has expired */
- } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
+ } else if (mask & MAY_ACCESS) {
err = fuse_access(inode, mask);
} else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
if (!(inode->i_mode & S_IXUGO)) {
diff --git a/fs/namei.c b/fs/namei.c
index 095818089ac1..33dcaf025c49 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -265,8 +265,6 @@ int permission(struct inode *inode, int mask, struct nameidata *nd)
if (inode->i_op && inode->i_op->permission) {
int extra = 0;
if (nd) {
- if (nd->flags & LOOKUP_ACCESS)
- extra |= MAY_ACCESS;
if (nd->flags & LOOKUP_OPEN)
extra |= MAY_OPEN;
}
diff --git a/fs/open.c b/fs/open.c
index d3a2a00f52dc..3317e1909b2c 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -457,11 +457,11 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
old_cap = cap_set_effective(current->cap_permitted);
}
- res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd);
+ res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW, &nd);
if (res)
goto out;
- res = vfs_permission(&nd, mode);
+ res = vfs_permission(&nd, mode | MAY_ACCESS);
/* SuS v2 requires we report a read only fs too */
if(res || !(mode & S_IWOTH) ||
special_file(nd.path.dentry->d_inode->i_mode))
@@ -505,7 +505,7 @@ asmlinkage long sys_chdir(const char __user * filename)
if (error)
goto out;
- error = vfs_permission(&nd, MAY_EXEC | MAY_CHDIR);
+ error = vfs_permission(&nd, MAY_EXEC | MAY_ACCESS);
if (error)
goto dput_and_out;
@@ -534,7 +534,7 @@ asmlinkage long sys_fchdir(unsigned int fd)
if (!S_ISDIR(inode->i_mode))
goto out_putf;
- error = file_permission(file, MAY_EXEC);
+ error = file_permission(file, MAY_EXEC | MAY_ACCESS);
if (!error)
set_fs_pwd(current->fs, &file->f_path);
out_putf:
@@ -552,7 +552,7 @@ asmlinkage long sys_chroot(const char __user * filename)
if (error)
goto out;
- error = vfs_permission(&nd, MAY_EXEC);
+ error = vfs_permission(&nd, MAY_EXEC | MAY_ACCESS);
if (error)
goto dput_and_out;