Looks good from my point of view.
btw, my opinion is that for the "external representation" purposes all inode
operations that can possibly deal with files ( IOW: terminal nodes of the
dentry tree ) should get dentry as an argument.
Thanks,
Roman.
On Sun, May 14, 2000 at 02:48:48AM +0200, Trond Myklebust wrote:
>
> Hi,
>
> As part of the Linux move to NFSv3, I'd like very much to be able
> to implement the NFSPROC3_ACCESS method of permissions checking as a
> VFS callback. As usual, in NFS, this means that we'd like to use the
> file handle that is cached in the dentry.
>
> The advantages of implementing this in the case of NFSv3 is that
> we get increased POSIX-compatibility (proper permission-checking at
> file open()) as well as support for ACLs on those servers which
> implement that sort of thing.
>
> 'Downside':
> This would involve work, as a proper implementation requires 2
> changes to the VFS API:
> - fs/namei.c:permission() is changed to take a dentry argument
> instead of an inode.
> and
> - ditto for the permission callback in the inode_operations
>
>
> The appended patch illustrates what I'd like to do. It should patch
> cleanly against 2.3.99-pre8, and preliminary tests indicate it tests
> out well.
>
> Comments/objections/suggestions?
>
> Cheers,
> Trond
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/coda/dir.c linux-2.3.99-pre8-perm/fs/coda/dir.c
> --- linux-2.3.99-pre8-cred/fs/coda/dir.c Thu Mar 23 07:15:57 2000
> +++ linux-2.3.99-pre8-perm/fs/coda/dir.c Sun May 14 00:09:12 2000
> @@ -156,8 +156,9 @@
> }
>
>
> -int coda_permission(struct inode *inode, int mask)
> +int coda_permission(struct dentry *dentry, int mask)
> {
> + struct inode *inode = dentry->d_inode;
> struct coda_inode_info *cp = ITOC(inode);
> int error;
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/coda/pioctl.c linux-2.3.99-pre8-perm/fs/coda/pioctl.c
> --- linux-2.3.99-pre8-cred/fs/coda/pioctl.c Mon May 8 20:17:47 2000
> +++ linux-2.3.99-pre8-perm/fs/coda/pioctl.c Sun May 14 00:08:08 2000
> @@ -25,7 +25,7 @@
> #include <linux/coda_psdev.h>
>
> /* pioctl ops */
> -static int coda_ioctl_permission(struct inode *inode, int mask);
> +static int coda_ioctl_permission(struct dentry *dentry, int mask);
> static int coda_ioctl_open(struct inode *i, struct file *f);
> static int coda_ioctl_release(struct inode *i, struct file *f);
> static int coda_pioctl(struct inode * inode, struct file * filp,
> @@ -45,7 +45,7 @@
> };
>
> /* the coda pioctl inode ops */
> -static int coda_ioctl_permission(struct inode *inode, int mask)
> +static int coda_ioctl_permission(struct dentry *dentry, int mask)
> {
> ENTRY;
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/exec.c linux-2.3.99-pre8-perm/fs/exec.c
> --- linux-2.3.99-pre8-cred/fs/exec.c Wed May 10 01:18:27 2000
> +++ linux-2.3.99-pre8-perm/fs/exec.c Sun May 14 00:24:09 2000
> @@ -329,7 +329,7 @@
> if (!err) {
> file = ERR_PTR(-EACCES);
> if (S_ISREG(nd.dentry->d_inode->i_mode)) {
> - int err = permission(nd.dentry->d_inode, MAY_EXEC);
> + int err = permission(nd.dentry, MAY_EXEC);
> file = ERR_PTR(err);
> if (!err) {
> lock_kernel();
> @@ -498,7 +498,7 @@
> flush_thread();
>
> if (bprm->e_uid != current->euid || bprm->e_gid != current->egid ||
> - permission(bprm->file->f_dentry->d_inode,MAY_READ))
> + permission(bprm->file->f_dentry,MAY_READ))
> current->dumpable = 0;
>
> /* An exec changes our domain. We are no longer part of the thread
> @@ -538,7 +538,8 @@
> {
> int mode;
> int retval,id_change,cap_raised;
> - struct inode * inode = bprm->file->f_dentry->d_inode;
> + struct dentry * dentry = bprm->file->f_dentry;
> + struct inode * inode = dentry->d_inode;
>
> mode = inode->i_mode;
> if (!S_ISREG(mode)) /* must be regular file */
> @@ -549,7 +550,7 @@
> return -EACCES;
> if (!inode->i_sb)
> return -EACCES;
> - if ((retval = permission(inode, MAY_EXEC)) != 0)
> + if ((retval = permission(dentry, MAY_EXEC)) != 0)
> return retval;
> /* better not execute files which are being written to */
> if (atomic_read(&inode->i_writecount) > 0)
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/hpfs/namei.c linux-2.3.99-pre8-perm/fs/hpfs/namei.c
> --- linux-2.3.99-pre8-cred/fs/hpfs/namei.c Mon May 8 23:24:10 2000
> +++ linux-2.3.99-pre8-perm/fs/hpfs/namei.c Sun May 14 00:34:25 2000
> @@ -331,7 +331,7 @@
> struct iattr newattrs;
> int err;
> hpfs_unlock_2inodes(dir, inode);
> - if (rep || dentry->d_count > 1 || permission(inode, MAY_WRITE) || get_write_access(inode)) goto ret;
> + if (rep || dentry->d_count > 1 || vfs_permission(inode, MAY_WRITE) || get_write_access(inode)) goto ret;
> /*printk("HPFS: truncating file before delete.\n");*/
> down(&inode->i_sem);
> newattrs.ia_size = 0;
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/namei.c linux-2.3.99-pre8-perm/fs/namei.c
> --- linux-2.3.99-pre8-cred/fs/namei.c Tue May 9 00:27:12 2000
> +++ linux-2.3.99-pre8-perm/fs/namei.c Sun May 14 01:11:48 2000
> @@ -144,17 +144,23 @@
> * for filesystem access without changing the "normal" uids which
> * are used for other things..
> */
> -int permission(struct inode * inode,int mask)
> +int permission(struct dentry *dentry, int mask)
> {
> - int mode = inode->i_mode;
> + struct inode *inode = dentry->d_inode;
>
> if (inode->i_op && inode->i_op->permission) {
> int retval;
> lock_kernel();
> - retval = inode->i_op->permission(inode, mask);
> + retval = inode->i_op->permission(dentry, mask);
> unlock_kernel();
> return retval;
> }
> + return vfs_permission(inode, mask);
> +}
> +
> +int vfs_permission(struct inode *inode, int mask)
> +{
> + int mode = inode->i_mode;
>
> if ((mask & S_IWOTH) && IS_RDONLY(inode) &&
> (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
> @@ -348,7 +354,7 @@
> */
> int path_walk(const char * name, struct nameidata *nd)
> {
> - struct dentry *dentry;
> + struct dentry *dentry, *dbase;
> struct inode *inode;
> int err;
> unsigned int lookup_flags = nd->flags;
> @@ -358,7 +364,8 @@
> if (!*name)
> goto return_base;
>
> - inode = nd->dentry->d_inode;
> + dbase = nd->dentry;
> + inode = dbase->d_inode;
> if (current->link_count)
> lookup_flags = LOOKUP_FOLLOW;
>
> @@ -368,7 +375,7 @@
> struct qstr this;
> unsigned int c;
>
> - err = permission(inode, MAY_EXEC);
> + err = permission(dbase, MAY_EXEC);
> dentry = ERR_PTR(err);
> if (err)
> break;
> @@ -416,7 +423,8 @@
> if (!__follow_up(&nd->mnt, &nd->dentry))
> break;
> }
> - inode = nd->dentry->d_inode;
> + dbase = nd->dentry;
> + inode = dbase->d_inode;
> /* fallthrough */
> case 1:
> continue;
> @@ -443,7 +451,8 @@
> ;
>
> err = -ENOENT;
> - inode = dentry->d_inode;
> + dbase = dentry;
> + inode = dbase->d_inode;
> if (!inode)
> goto out_dput;
> err = -ENOTDIR;
> @@ -456,7 +465,8 @@
> if (err)
> goto return_err;
> err = -ENOENT;
> - inode = nd->dentry->d_inode;
> + dbase = nd->dentry;
> + inode = dbase->d_inode;
> if (!inode)
> break;
> err = -ENOTDIR;
> @@ -496,7 +506,8 @@
> if (!__follow_up(&nd->mnt, &nd->dentry))
> break;
> }
> - inode = nd->dentry->d_inode;
> + dbase = nd->dentry;
> + inode = dbase->d_inode;
> /* fallthrough */
> case 1:
> goto return_base;
> @@ -515,14 +526,16 @@
> }
> while (d_mountpoint(dentry) && __follow_down(&nd->mnt, &dentry))
> ;
> - inode = dentry->d_inode;
> + dbase = dentry;
> + inode = dbase->d_inode;
> if ((lookup_flags & LOOKUP_FOLLOW)
> && inode && inode->i_op && inode->i_op->follow_link) {
> err = do_follow_link(dentry, nd);
> dput(dentry);
> if (err)
> goto return_err;
> - inode = nd->dentry->d_inode;
> + dbase = nd->dentry;
> + inode = dbase->d_inode;
> } else {
> dput(nd->dentry);
> nd->dentry = dentry;
> @@ -647,7 +660,7 @@
> int err;
>
> inode = base->d_inode;
> - err = permission(inode, MAY_EXEC);
> + err = permission(base, MAY_EXEC);
> dentry = ERR_PTR(err);
> if (err)
> goto out;
> @@ -773,7 +786,7 @@
> return -ENOENT;
> if (IS_DEADDIR(dir))
> return -ENOENT;
> - error = permission(dir,MAY_WRITE | MAY_EXEC);
> + error = permission(victim->d_parent,MAY_WRITE | MAY_EXEC);
> if (error)
> return error;
> if (IS_APPEND(dir))
> @@ -806,7 +819,7 @@
> return -EEXIST;
> if (IS_DEADDIR(dir))
> return -ENOENT;
> - return permission(dir,MAY_WRITE | MAY_EXEC);
> + return permission(child->d_parent,MAY_WRITE | MAY_EXEC);
> }
>
> /*
> @@ -964,7 +977,7 @@
> if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
> goto exit;
>
> - error = permission(inode,acc_mode);
> + error = permission(dentry,acc_mode);
> if (error)
> goto exit;
>
> @@ -1533,7 +1546,7 @@
> * we'll need to flip '..'.
> */
> if (new_dir != old_dir) {
> - error = permission(old_dentry->d_inode, MAY_WRITE);
> + error = permission(old_dentry, MAY_WRITE);
> }
> if (error)
> return error;
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/ncpfs/ioctl.c linux-2.3.99-pre8-perm/fs/ncpfs/ioctl.c
> --- linux-2.3.99-pre8-cred/fs/ncpfs/ioctl.c Tue Jan 25 23:09:29 2000
> +++ linux-2.3.99-pre8-perm/fs/ncpfs/ioctl.c Sun May 14 00:30:48 2000
> @@ -37,7 +37,7 @@
> switch (cmd) {
> case NCP_IOC_NCPREQUEST:
>
> - if ((permission(inode, MAY_WRITE) != 0)
> + if ((vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid)) {
> return -EACCES;
> }
> @@ -83,7 +83,7 @@
>
> case NCP_IOC_CONN_LOGGED_IN:
>
> - if ((permission(inode, MAY_WRITE) != 0)
> + if ((vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid)) {
> return -EACCES;
> }
> @@ -98,7 +98,7 @@
> {
> struct ncp_fs_info info;
>
> - if ((permission(inode, MAY_WRITE) != 0)
> + if ((vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid)) {
> return -EACCES;
> }
> @@ -126,7 +126,7 @@
> {
> struct ncp_fs_info_v2 info2;
>
> - if ((permission(inode, MAY_WRITE) != 0)
> + if ((vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid)) {
> return -EACCES;
> }
> @@ -154,7 +154,7 @@
> {
> unsigned long tmp = server->m.mounted_uid;
>
> - if ( (permission(inode, MAY_READ) != 0)
> + if ( (vfs_permission(inode, MAY_READ) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -169,7 +169,7 @@
> {
> struct ncp_setroot_ioctl sr;
>
> - if ( (permission(inode, MAY_READ) != 0)
> + if ( (vfs_permission(inode, MAY_READ) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -204,7 +204,7 @@
> struct nw_info_struct i;
> struct dentry* dentry;
>
> - if ( (permission(inode, MAY_WRITE) != 0)
> + if ( (vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -245,7 +245,7 @@
>
> #ifdef CONFIG_NCPFS_PACKET_SIGNING
> case NCP_IOC_SIGN_INIT:
> - if ((permission(inode, MAY_WRITE) != 0)
> + if ((vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -268,7 +268,7 @@
> return 0;
>
> case NCP_IOC_SIGN_WANTED:
> - if ( (permission(inode, MAY_READ) != 0)
> + if ( (vfs_permission(inode, MAY_READ) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -281,7 +281,7 @@
> {
> int newstate;
>
> - if ( (permission(inode, MAY_WRITE) != 0)
> + if ( (vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -301,7 +301,7 @@
>
> #ifdef CONFIG_NCPFS_IOCTL_LOCKING
> case NCP_IOC_LOCKUNLOCK:
> - if ( (permission(inode, MAY_WRITE) != 0)
> + if ( (vfs_permission(inode, MAY_WRITE) != 0)
> && (current->uid != server->m.mounted_uid))
> {
> return -EACCES;
> @@ -513,7 +513,7 @@
> * Thanks Petr Vandrovec for idea and many hints.
> */
> case NCP_IOC_SETCHARSETS:
> - if ((permission(inode, MAY_WRITE) != 0) &&
> + if ((vfs_permission(inode, MAY_WRITE) != 0) &&
> (current->uid != server->m.mounted_uid))
> return -EACCES;
> if (server->root_setuped)
> @@ -610,7 +610,7 @@
> }
> #endif /* CONFIG_NCPFS_NLS */
> case NCP_IOC_SETDENTRYTTL:
> - if ((permission(inode, MAY_WRITE) != 0) &&
> + if ((vfs_permission(inode, MAY_WRITE) != 0) &&
> (current->uid != server->m.mounted_uid))
> return -EACCES;
> {
> @@ -639,7 +639,7 @@
> /* NCP_IOC_GETMOUNTUID may be same as NCP_IOC_GETMOUNTUID2,
> so we have this out of switch */
> if (cmd == NCP_IOC_GETMOUNTUID) {
> - if ((permission(inode, MAY_READ) != 0)
> + if ((vfs_permission(inode, MAY_READ) != 0)
> && (current->uid != server->m.mounted_uid)) {
> return -EACCES;
> }
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/nfs/dir.c linux-2.3.99-pre8-perm/fs/nfs/dir.c
> --- linux-2.3.99-pre8-cred/fs/nfs/dir.c Fri Apr 21 22:36:39 2000
> +++ linux-2.3.99-pre8-perm/fs/nfs/dir.c Sun May 14 00:17:19 2000
> @@ -66,6 +66,7 @@
> rmdir: nfs_rmdir,
> mknod: nfs_mknod,
> rename: nfs_rename,
> + permission: nfs_permission,
> revalidate: nfs_revalidate,
> setattr: nfs_notify_change,
> };
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/nfs/file.c linux-2.3.99-pre8-perm/fs/nfs/file.c
> --- linux-2.3.99-pre8-cred/fs/nfs/file.c Wed Apr 26 02:28:55 2000
> +++ linux-2.3.99-pre8-perm/fs/nfs/file.c Sun May 14 00:18:16 2000
> @@ -53,6 +53,7 @@
> };
>
> struct inode_operations nfs_file_inode_operations = {
> + permission: nfs_permission,
> revalidate: nfs_revalidate,
> setattr: nfs_notify_change,
> };
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/nfs/inode.c linux-2.3.99-pre8-perm/fs/nfs/inode.c
> --- linux-2.3.99-pre8-cred/fs/nfs/inode.c Sat May 13 14:29:52 2000
> +++ linux-2.3.99-pre8-perm/fs/nfs/inode.c Sun May 14 01:02:24 2000
> @@ -912,6 +912,21 @@
> return 0;
> }
>
> +int nfs_permission(struct dentry *dentry, int mask)
> +{
> + struct inode *inode = dentry->d_inode;
> + int status;
> +
> + if (!NFS_PROTO(inode)->access)
> + return vfs_permission(inode, mask);
> +
> + status = NFS_PROTO(inode)->access(dentry, mask, 0);
> + if (status == -EACCES && (current->fsuid != current->uid ||
> + current->fsgid != current->gid))
> + status = NFS_PROTO(inode)->access(dentry, mask, 1);
> + return status;
> +}
> +
> /*
> * This function is called whenever some part of NFS notices that
> * the cached attributes have to be refreshed.
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/nfs/symlink.c linux-2.3.99-pre8-perm/fs/nfs/symlink.c
> --- linux-2.3.99-pre8-cred/fs/nfs/symlink.c Fri Apr 7 22:38:00 2000
> +++ linux-2.3.99-pre8-perm/fs/nfs/symlink.c Sun May 14 01:01:40 2000
> @@ -104,6 +104,7 @@
> struct inode_operations nfs_symlink_inode_operations = {
> readlink: nfs_readlink,
> follow_link: nfs_follow_link,
> + permission: nfs_permission,
> revalidate: nfs_revalidate,
> setattr: nfs_notify_change,
> };
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/nfsd/vfs.c linux-2.3.99-pre8-perm/fs/nfsd/vfs.c
> --- linux-2.3.99-pre8-cred/fs/nfsd/vfs.c Tue May 9 00:54:17 2000
> +++ linux-2.3.99-pre8-perm/fs/nfsd/vfs.c Sun May 14 00:35:55 2000
> @@ -1517,11 +1517,11 @@
> cap_clear(current->cap_effective);
> }
>
> - err = permission(inode, acc & (MAY_READ|MAY_WRITE|MAY_EXEC));
> + err = permission(dentry, acc & (MAY_READ|MAY_WRITE|MAY_EXEC));
>
> /* Allow read access to binaries even when mode 111 */
> if (err == -EACCES && S_ISREG(inode->i_mode) && acc == MAY_READ)
> - err = permission(inode, MAY_EXEC);
> + err = permission(dentry, MAY_EXEC);
>
> if (current->fsuid != 0)
> current->cap_effective = saved_cap;
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/open.c linux-2.3.99-pre8-perm/fs/open.c
> --- linux-2.3.99-pre8-cred/fs/open.c Mon May 8 22:31:40 2000
> +++ linux-2.3.99-pre8-perm/fs/open.c Sun May 14 00:26:12 2000
> @@ -101,7 +101,7 @@
> if (S_ISDIR(inode->i_mode))
> goto dput_and_out;
>
> - error = permission(inode,MAY_WRITE);
> + error = permission(nd.dentry,MAY_WRITE);
> if (error)
> goto dput_and_out;
>
> @@ -230,7 +230,7 @@
> newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
> } else {
> if (current->fsuid != inode->i_uid &&
> - (error = permission(inode,MAY_WRITE)) != 0)
> + (error = permission(nd.dentry,MAY_WRITE)) != 0)
> goto dput_and_out;
> }
> error = notify_change(nd.dentry, &newattrs);
> @@ -274,7 +274,7 @@
> newattrs.ia_mtime = times[1].tv_sec;
> newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
> } else {
> - if ((error = permission(inode,MAY_WRITE)) != 0)
> + if ((error = permission(nd.dentry,MAY_WRITE)) != 0)
> goto dput_and_out;
> }
> error = notify_change(nd.dentry, &newattrs);
> @@ -314,7 +314,7 @@
>
> res = user_path_walk(filename, &nd);
> if (!res) {
> - res = permission(nd.dentry->d_inode, mode);
> + res = permission(nd.dentry, mode);
> /* SuS v2 requires we report a read only fs too */
> if(!res && (mode & S_IWOTH) && IS_RDONLY(nd.dentry->d_inode))
> res = -EROFS;
> @@ -348,7 +348,7 @@
> if (error)
> goto out;
>
> - error = permission(nd.dentry->d_inode,MAY_EXEC);
> + error = permission(nd.dentry,MAY_EXEC);
> if (error)
> goto dput_and_out;
>
> @@ -383,7 +383,7 @@
> goto out_putf;
>
> lock_kernel();
> - error = permission(inode, MAY_EXEC);
> + error = permission(dentry, MAY_EXEC);
> if (!error)
> set_fs_pwd(current->fs, mnt, dentry);
> unlock_kernel();
> @@ -413,7 +413,7 @@
> if (error)
> goto out;
>
> - error = permission(nd.dentry->d_inode,MAY_EXEC);
> + error = permission(nd.dentry,MAY_EXEC);
> if (error)
> goto dput_and_out;
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/proc/base.c linux-2.3.99-pre8-perm/fs/proc/base.c
> --- linux-2.3.99-pre8-cred/fs/proc/base.c Wed May 10 01:19:04 2000
> +++ linux-2.3.99-pre8-perm/fs/proc/base.c Sun May 14 01:00:59 2000
> @@ -193,8 +193,9 @@
> return -EACCES;
> }
>
> -static int proc_permission(struct inode *inode, int mask)
> +static int proc_permission(struct dentry *dentry, int mask)
> {
> + struct inode *inode = dentry->d_inode;
> struct dentry *de, *base, *root;
> struct vfsmount *our_vfsmnt, *vfsmnt, *mnt;
>
> @@ -384,7 +385,7 @@
> /* We don't need a base pointer in the /proc filesystem */
> path_release(nd);
>
> - error = proc_permission(inode, MAY_EXEC);
> + error = proc_permission(dentry, MAY_EXEC);
> if (error)
> goto out;
>
> @@ -438,7 +439,7 @@
> struct dentry *de;
> struct vfsmount *mnt = NULL;
>
> - error = proc_permission(inode, MAY_EXEC);
> + error = proc_permission(dentry, MAY_EXEC);
> if (error)
> goto out;
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/smbfs/file.c linux-2.3.99-pre8-perm/fs/smbfs/file.c
> --- linux-2.3.99-pre8-cred/fs/smbfs/file.c Mon May 8 22:51:01 2000
> +++ linux-2.3.99-pre8-perm/fs/smbfs/file.c Sun May 14 00:11:30 2000
> @@ -371,8 +371,9 @@
> * privileges, so we need our own check for this.
> */
> static int
> -smb_file_permission(struct inode *inode, int mask)
> +smb_file_permission(struct dentry *dentry, int mask)
> {
> + struct inode *inode = dentry->d_inode;
> int mode = inode->i_mode;
> int error = 0;
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/fs/udf/file.c linux-2.3.99-pre8-perm/fs/udf/file.c
> --- linux-2.3.99-pre8-cred/fs/udf/file.c Mon May 8 22:51:01 2000
> +++ linux-2.3.99-pre8-perm/fs/udf/file.c Sun May 14 00:29:24 2000
> @@ -209,7 +209,7 @@
> long_ad eaicb;
> Uint8 *ea = NULL;
>
> - if ( permission(inode, MAY_READ) != 0 )
> + if ( vfs_permission(inode, MAY_READ) != 0 )
> {
> udf_debug("no permission to access inode %lu\n",
> inode->i_ino);
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/include/linux/coda_linux.h linux-2.3.99-pre8-perm/include/linux/coda_linux.h
> --- linux-2.3.99-pre8-cred/include/linux/coda_linux.h Sat Apr 29 18:59:53 2000
> +++ linux-2.3.99-pre8-perm/include/linux/coda_linux.h Sun May 14 01:25:01 2000
> @@ -37,7 +37,7 @@
> /* operations shared over more than one file */
> int coda_open(struct inode *i, struct file *f);
> int coda_release(struct inode *i, struct file *f);
> -int coda_permission(struct inode *inode, int mask);
> +int coda_permission(struct dentry *dentry, int mask);
> int coda_revalidate_inode(struct dentry *);
> int coda_notify_change(struct dentry *, struct iattr *);
>
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/include/linux/fs.h linux-2.3.99-pre8-perm/include/linux/fs.h
> --- linux-2.3.99-pre8-cred/include/linux/fs.h Sat May 13 14:17:31 2000
> +++ linux-2.3.99-pre8-perm/include/linux/fs.h Sun May 14 01:10:33 2000
> @@ -682,6 +682,7 @@
> extern int vfs_rmdir(struct inode *, struct dentry *);
> extern int vfs_unlink(struct inode *, struct dentry *);
> extern int vfs_rename(struct inode *, struct dentry *, struct inode *, struct dentry *);
> +extern int vfs_permission(struct inode *, int);
>
> /*
> * This is the "filldir" function type, used by readdir() to let
> @@ -736,7 +737,7 @@
> int (*readlink) (struct dentry *, char *,int);
> int (*follow_link) (struct dentry *, struct nameidata *);
> void (*truncate) (struct inode *);
> - int (*permission) (struct inode *, int);
> + int (*permission) (struct dentry *, int);
> int (*revalidate) (struct dentry *);
> int (*setattr) (struct dentry *, struct iattr *);
> int (*getattr) (struct dentry *, struct iattr *);
> @@ -965,7 +966,7 @@
> extern void sync_supers(kdev_t);
> extern int bmap(struct inode *, int);
> extern int notify_change(struct dentry *, struct iattr *);
> -extern int permission(struct inode *, int);
> +extern int permission(struct dentry *, int);
> extern int get_write_access(struct inode *);
> extern void put_write_access(struct inode *);
> extern int do_pipe(int *);
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/include/linux/nfs_fs.h linux-2.3.99-pre8-perm/include/linux/nfs_fs.h
> --- linux-2.3.99-pre8-cred/include/linux/nfs_fs.h Sat May 13 14:25:35 2000
> +++ linux-2.3.99-pre8-perm/include/linux/nfs_fs.h Sun May 14 01:12:31 2000
> @@ -143,6 +143,7 @@
> extern struct inode *nfs_fhget(struct dentry *, struct nfs_fh *,
> struct nfs_fattr *);
> extern int nfs_refresh_inode(struct inode *, struct nfs_fattr *);
> +extern int nfs_permission(struct dentry *, int);
> extern int nfs_revalidate(struct dentry *);
> extern int nfs_open(struct inode *, struct file *);
> extern int nfs_release(struct inode *, struct file *);
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/ipc/shm.c linux-2.3.99-pre8-perm/ipc/shm.c
> --- linux-2.3.99-pre8-cred/ipc/shm.c Fri May 12 20:21:20 2000
> +++ linux-2.3.99-pre8-perm/ipc/shm.c Sun May 14 01:44:04 2000
> @@ -1190,7 +1190,7 @@
> err = -ENOENT;
> if (!dentry->d_inode)
> goto bad_file;
> - err = permission(dentry->d_inode, acc_mode);
> + err = permission(dentry, acc_mode);
> if (err)
> goto bad_file1;
> file = dentry_open(dentry, shm_fs_type.kern_mnt, o_flags);
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/kernel/ksyms.c linux-2.3.99-pre8-perm/kernel/ksyms.c
> --- linux-2.3.99-pre8-cred/kernel/ksyms.c Tue May 9 07:21:57 2000
> +++ linux-2.3.99-pre8-perm/kernel/ksyms.c Sun May 14 00:22:07 2000
> @@ -233,6 +233,7 @@
> EXPORT_SYMBOL(vfs_unlink);
> EXPORT_SYMBOL(vfs_rename);
> EXPORT_SYMBOL(vfs_statfs);
> +EXPORT_SYMBOL(vfs_permission);
> EXPORT_SYMBOL(generic_read_dir);
> EXPORT_SYMBOL(__pollwait);
> EXPORT_SYMBOL(ROOT_DEV);
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/kernel/sysctl.c linux-2.3.99-pre8-perm/kernel/sysctl.c
> --- linux-2.3.99-pre8-cred/kernel/sysctl.c Fri May 12 20:21:20 2000
> +++ linux-2.3.99-pre8-perm/kernel/sysctl.c Sun May 14 01:41:28 2000
> @@ -107,7 +107,7 @@
>
> static ssize_t proc_readsys(struct file *, char *, size_t, loff_t *);
> static ssize_t proc_writesys(struct file *, const char *, size_t, loff_t *);
> -static int proc_sys_permission(struct inode *, int);
> +static int proc_sys_permission(struct dentry *, int);
>
> struct file_operations proc_sys_file_operations = {
> read: proc_readsys,
> @@ -608,9 +608,9 @@
> return do_rw_proc(1, file, (char *) buf, count, ppos);
> }
>
> -static int proc_sys_permission(struct inode *inode, int op)
> +static int proc_sys_permission(struct dentry *dentry, int op)
> {
> - return test_perm(inode->i_mode, op);
> + return test_perm(dentry->d_inode->i_mode, op);
> }
>
> int proc_dostring(ctl_table *table, int write, struct file *filp,
> diff -u --recursive --new-file linux-2.3.99-pre8-cred/net/unix/af_unix.c linux-2.3.99-pre8-perm/net/unix/af_unix.c
> --- linux-2.3.99-pre8-cred/net/unix/af_unix.c Fri May 12 20:37:39 2000
> +++ linux-2.3.99-pre8-perm/net/unix/af_unix.c Sun May 14 01:43:01 2000
> @@ -582,7 +582,7 @@
> unlock_kernel();
> goto fail;
> }
> - err = permission(nd.dentry->d_inode,MAY_WRITE);
> + err = permission(nd.dentry,MAY_WRITE);
> if (err)
> goto put_fail;
>
>
>
>
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:24 EST