}
key_put(key);
- ret = generic_permission(inode, mask, flags, NULL);
+ ret = generic_permission(inode, mask, flags);
_leave(" = %d", ret);
return ret;
return -EROFS;
if ((BTRFS_I(inode)->flags & BTRFS_INODE_READONLY) && (mask & MAY_WRITE))
return -EACCES;
- return generic_permission(inode, mask, flags, btrfs_check_acl);
+ return generic_permission(inode, mask, flags);
}
static const struct inode_operations btrfs_dir_inode_operations = {
.listxattr = btrfs_listxattr,
.removexattr = btrfs_removexattr,
.permission = btrfs_permission,
+ .check_acl = btrfs_check_acl,
};
static const struct inode_operations btrfs_dir_ro_inode_operations = {
.lookup = btrfs_lookup,
.permission = btrfs_permission,
+ .check_acl = btrfs_check_acl,
};
static const struct file_operations btrfs_dir_file_operations = {
.removexattr = btrfs_removexattr,
.permission = btrfs_permission,
.fiemap = btrfs_fiemap,
+ .check_acl = btrfs_check_acl,
};
static const struct inode_operations btrfs_special_inode_operations = {
.getattr = btrfs_getattr,
.getxattr = btrfs_getxattr,
.listxattr = btrfs_listxattr,
.removexattr = btrfs_removexattr,
+ .check_acl = btrfs_check_acl,
};
static const struct inode_operations btrfs_symlink_inode_operations = {
.readlink = generic_readlink,
.getxattr = btrfs_getxattr,
.listxattr = btrfs_listxattr,
.removexattr = btrfs_removexattr,
+ .check_acl = btrfs_check_acl,
};
const struct dentry_operations btrfs_dentry_operations = {
err = ceph_do_getattr(inode, CEPH_CAP_AUTH_SHARED);
if (!err)
- err = generic_permission(inode, mask, flags, NULL);
+ err = generic_permission(inode, mask, flags);
return err;
}
on the client (above and beyond ACL on servers) for
servers which do not support setting and viewing mode bits,
so allowing client to check permissions is useful */
- return generic_permission(inode, mask, flags, NULL);
+ return generic_permission(inode, mask, flags);
}
static struct kmem_cache *cifs_inode_cachep;
}
if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
- err = generic_permission(inode, mask, flags, NULL);
+ err = generic_permission(inode, mask, flags);
/* If permission is denied, try to refresh file
attributes. This is also needed, because the root
err = fuse_perm_getattr(inode, flags);
if (!err)
err = generic_permission(inode, mask,
- flags, NULL);
+ flags);
}
/* Note: the opposite of the above test does not
if ((mask & MAY_WRITE) && IS_IMMUTABLE(inode))
error = -EACCES;
else
- error = generic_permission(inode, mask, flags, gfs2_check_acl);
+ error = generic_permission(inode, mask, flags);
if (unlock)
gfs2_glock_dq_uninit(&i_gh);
.listxattr = gfs2_listxattr,
.removexattr = gfs2_removexattr,
.fiemap = gfs2_fiemap,
+ .check_acl = gfs2_check_acl,
};
const struct inode_operations gfs2_dir_iops = {
.listxattr = gfs2_listxattr,
.removexattr = gfs2_removexattr,
.fiemap = gfs2_fiemap,
+ .check_acl = gfs2_check_acl,
};
const struct inode_operations gfs2_symlink_iops = {
.listxattr = gfs2_listxattr,
.removexattr = gfs2_removexattr,
.fiemap = gfs2_fiemap,
+ .check_acl = gfs2_check_acl,
};
err = access_file(name, r, w, x);
__putname(name);
if (!err)
- err = generic_permission(ino, desired, flags, NULL);
+ err = generic_permission(ino, desired, flags);
return err;
}
hpfs_unlock(dir->i_sb);
return -ENOSPC;
}
- if (generic_permission(inode, MAY_WRITE, 0, NULL) ||
+ if (generic_permission(inode, MAY_WRITE, 0) ||
!S_ISREG(inode->i_mode) ||
get_write_access(inode)) {
d_rehash(dentry);
/*
* This does basic POSIX ACL permission checking
*/
-static int acl_permission_check(struct inode *inode, int mask, unsigned int flags,
- int (*check_acl)(struct inode *inode, int mask, unsigned int flags))
+static int acl_permission_check(struct inode *inode, int mask, unsigned int flags)
{
+ int (*check_acl)(struct inode *inode, int mask, unsigned int flags);
unsigned int mode = inode->i_mode;
mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
if (current_fsuid() == inode->i_uid)
mode >>= 6;
else {
+ check_acl = inode->i_op->check_acl;
if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) {
int error = check_acl(inode, mask, flags);
if (error != -EAGAIN)
* generic_permission - check for access rights on a Posix-like filesystem
* @inode: inode to check access rights for
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
- * @check_acl: optional callback to check for Posix ACLs
* @flags: IPERM_FLAG_ flags.
*
* Used to check for read/write/execute permissions on a file.
* request cannot be satisfied (eg. requires blocking or too much complexity).
* It would then be called again in ref-walk mode.
*/
-int generic_permission(struct inode *inode, int mask, unsigned int flags,
- int (*check_acl)(struct inode *inode, int mask, unsigned int flags))
+int generic_permission(struct inode *inode, int mask, unsigned int flags)
{
int ret;
/*
* Do the basic POSIX ACL permission checks.
*/
- ret = acl_permission_check(inode, mask, flags, check_acl);
+ ret = acl_permission_check(inode, mask, flags);
if (ret != -EACCES)
return ret;
if (inode->i_op->permission)
retval = inode->i_op->permission(inode, mask, 0);
else
- retval = generic_permission(inode, mask, 0,
- inode->i_op->check_acl);
+ retval = generic_permission(inode, mask, 0);
if (retval)
return retval;
if (likely(!ret))
goto ok;
} else {
- ret = acl_permission_check(inode, MAY_EXEC, flags,
- inode->i_op->check_acl);
+ ret = acl_permission_check(inode, MAY_EXEC, flags);
if (likely(!ret))
goto ok;
if (ret != -EACCES)
out_notsup:
res = nfs_revalidate_inode(NFS_SERVER(inode), inode);
if (res == 0)
- res = generic_permission(inode, mask, flags, NULL);
+ res = generic_permission(inode, mask, flags);
goto out;
}
root->cno != NILFS_CPTREE_CURRENT_CNO)
return -EROFS; /* snapshot is not writable */
- return generic_permission(inode, mask, flags, NULL);
+ return generic_permission(inode, mask, flags);
}
int nilfs_load_inode_block(struct inode *inode, struct buffer_head **pbh)
goto out;
}
- ret = generic_permission(inode, mask, flags, ocfs2_check_acl);
+ ret = generic_permission(inode, mask, flags);
ocfs2_inode_unlock(inode, 0);
out:
.listxattr = ocfs2_listxattr,
.removexattr = generic_removexattr,
.fiemap = ocfs2_fiemap,
+ .check_acl = ocfs2_check_acl,
};
const struct inode_operations ocfs2_special_file_iops = {
.setattr = ocfs2_setattr,
.getattr = ocfs2_getattr,
.permission = ocfs2_permission,
+ .check_acl = ocfs2_check_acl,
};
/*
.listxattr = ocfs2_listxattr,
.removexattr = generic_removexattr,
.fiemap = ocfs2_fiemap,
+ .check_acl = ocfs2_check_acl,
};
*/
static int proc_fd_permission(struct inode *inode, int mask, unsigned int flags)
{
- int rv = generic_permission(inode, mask, flags, NULL);
+ int rv = generic_permission(inode, mask, flags);
if (rv == 0)
return 0;
if (task_pid(current) == proc_pid(inode))
.listxattr = reiserfs_listxattr,
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
+ .check_acl = reiserfs_check_acl,
};
.listxattr = reiserfs_listxattr,
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
+ .check_acl = reiserfs_check_acl,
};
/*
.listxattr = reiserfs_listxattr,
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
+ .check_acl = reiserfs_check_acl,
};
.listxattr = reiserfs_listxattr,
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
-
+ .check_acl = reiserfs_check_acl,
};
return err;
}
-static int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags)
+int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags)
{
struct posix_acl *acl;
int error = -EAGAIN; /* do regular unix permission checks by default */
+ /*
+ * Stat data v1 doesn't support ACLs.
+ */
+ if (get_inode_sd_version(inode) == STAT_DATA_V1)
+ return -EAGAIN;
+
if (flags & IPERM_FLAG_RCU)
return -ECHILD;
if (IS_PRIVATE(inode))
return 0;
-#ifdef CONFIG_REISERFS_FS_XATTR
- /*
- * Stat data v1 doesn't support ACLs.
- */
- if (get_inode_sd_version(inode) != STAT_DATA_V1)
- return generic_permission(inode, mask, flags,
- reiserfs_check_acl);
-#endif
- return generic_permission(inode, mask, flags, NULL);
+ return generic_permission(inode, mask, flags);
}
static int xattr_hide_revalidate(struct dentry *dentry, struct nameidata *nd)
sysfs_refresh_inode(sd, inode);
mutex_unlock(&sysfs_mutex);
- return generic_permission(inode, mask, flags, NULL);
+ return generic_permission(inode, mask, flags);
}
#endif
extern int notify_change(struct dentry *, struct iattr *);
extern int inode_permission(struct inode *, int);
-extern int generic_permission(struct inode *, int, unsigned int,
- int (*check_acl)(struct inode *, int, unsigned int));
+extern int generic_permission(struct inode *, int, unsigned int);
static inline bool execute_ok(struct inode *inode)
{
#ifdef CONFIG_REISERFS_FS_XATTR
#define has_xattr_dir(inode) (REISERFS_I(inode)->i_flags & i_has_xattr_dir)
+int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags);
ssize_t reiserfs_getxattr(struct dentry *dentry, const char *name,
void *buffer, size_t size);
int reiserfs_setxattr(struct dentry *dentry, const char *name,
#define reiserfs_setxattr NULL
#define reiserfs_listxattr NULL
#define reiserfs_removexattr NULL
+#define reiserfs_check_acl NULL
static inline void reiserfs_init_xattr_rwsem(struct inode *inode)
{
projects / firefly-linux-kernel-4.4.55.git / commitdiff