Re: [PATCH -V4 08/11] vfs: Add new file and directory createpermission flags

From: Jeff Layton
Date: Fri Sep 24 2010 - 15:24:01 EST

Next message: matt mooney: "[PATCH 17/24] power: change to new flag variable"
Previous message: matt mooney: "[PATCH 18/24] pps: change to new flag variable"
In reply to: Aneesh Kumar K. V: "Re: [PATCH -V4 08/11] vfs: Add new file and directory create permission flags"
Next in thread: Andreas Gruenbacher: "Re: [PATCH -V4 08/11] vfs: Add new file and directory create permission flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 25 Sep 2010 00:46:03 +0530
"Aneesh Kumar K. V" <aneesh.kumar@xxxxxxxxxxxxxxxxxx> wrote:

> On Fri, 24 Sep 2010 11:54:23 -0400, Jeff Layton <jlayton@xxxxxxxxxx> wrote:
> > On Fri, 24 Sep 2010 18:18:11 +0530
> > "Aneesh Kumar K.V" <aneesh.kumar@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > > From: Andreas Gruenbacher <agruen@xxxxxxx>
> > >
> > > Some permission models distinguish between the permission to create a
> > > non-directory and a directory. Pass this information down to
> > > inode_permission() as mask flags
> > >
> > > Signed-off-by: Andreas Gruenbacher <agruen@xxxxxxx>
> > > Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx>
> > > ---
> > > fs/namei.c | 21 ++++++++++++---------
> > > include/linux/fs.h | 2 ++
> > > 2 files changed, 14 insertions(+), 9 deletions(-)
> > >
> > > diff --git a/fs/namei.c b/fs/namei.c
> > > index b0b8a71..ed786b2 100644
> > > --- a/fs/namei.c
> > > +++ b/fs/namei.c
> > > @@ -253,7 +253,8 @@ int generic_permission(struct inode *inode, int mask,
> > > * for filesystem access without changing the "normal" uids which
> > > * are used for other things.
> > > *
> > > - * When checking for MAY_APPEND, MAY_WRITE must also be set in @mask.
> > > + * When checking for MAY_APPEND, MAY_CREATE_FILE, MAY_CREATE_DIR,
> > > + * MAY_WRITE must also be set in @mask.
> > > */
> > > int inode_permission(struct inode *inode, int mask)
> > > {
> > > @@ -1337,13 +1338,15 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
> > > * 3. We should have write and exec permissions on dir
> > > * 4. We can't do it if dir is immutable (done in permission())
> > > */
> > > -static inline int may_create(struct inode *dir, struct dentry *child)
> > > +static inline int may_create(struct inode *dir, struct dentry *child, int isdir)
> > ^^^^^
> > nit: maybe saner as a bool?
> > > {
> > > + int mask = isdir ? MAY_CREATE_DIR : MAY_CREATE_FILE;
> > > +
> > > if (child->d_inode)
> > > return -EEXIST;
> > > if (IS_DEADDIR(dir))
> > > return -ENOENT;
> > > - return inode_permission(dir, MAY_WRITE | MAY_EXEC);
> > > + return inode_permission(dir, MAY_WRITE | MAY_EXEC | mask);
> > > }
> > >
> > > /*
> > > @@ -1391,7 +1394,7 @@ void unlock_rename(struct dentry *p1, struct dentry *p2)
> > > int vfs_create(struct inode *dir, struct dentry *dentry, int mode,
> > > struct nameidata *nd)
> > > {
> > > - int error = may_create(dir, dentry);
> > > + int error = may_create(dir, dentry, 0);
> > >
> > > if (error)
> > > return error;
> > > @@ -1953,7 +1956,7 @@ EXPORT_SYMBOL_GPL(lookup_create);
> > >
> > > int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
> > > {
> > > - int error = may_create(dir, dentry);
> > > + int error = may_create(dir, dentry, 0);
> > >
> > > if (error)
> > > return error;
> > > @@ -2057,7 +2060,7 @@ SYSCALL_DEFINE3(mknod, const char __user *, filename, int, mode, unsigned, dev)
> > >
> > > int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
> > > {
> > > - int error = may_create(dir, dentry);
> > > + int error = may_create(dir, dentry, 1);
> > >
> > > if (error)
> > > return error;
> > > @@ -2342,7 +2345,7 @@ SYSCALL_DEFINE1(unlink, const char __user *, pathname)
> > >
> > > int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname)
> > > {
> > > - int error = may_create(dir, dentry);
> > > + int error = may_create(dir, dentry, 0);
> > >
> > > if (error)
> > > return error;
> > > @@ -2415,7 +2418,7 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
> > > if (!inode)
> > > return -ENOENT;
> > >
> > > - error = may_create(dir, new_dentry);
> > > + error = may_create(dir, new_dentry, S_ISDIR(inode->i_mode));
> >
> > ^^^^ this is a little
> > scary, but even if it's
> > a directory, it'll get
> > kicked out in a later
> > check. Would it be
> > clearer to move up the
> > S_ISDIR() check in this
> > function and then pass
> > this in as false?
>
> Can you elaborate on this ?
>
> -aneesh
>

Hardlinked directories are a no-no, of course. So when I first saw this
patch, it gave me pause. There's a later check in vfs_link though that
explicitly rejects hardlinking directories, so the above is harmless.
It may be more efficient to go ahead and return error if the target
is a directory however and bypass the permission check.

OTOH, maybe there's good reason to do it this way or I'm just being
excessively nitpicky.

--
Jeff Layton <jlayton@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: matt mooney: "[PATCH 17/24] power: change to new flag variable"
Previous message: matt mooney: "[PATCH 18/24] pps: change to new flag variable"
In reply to: Aneesh Kumar K. V: "Re: [PATCH -V4 08/11] vfs: Add new file and directory create permission flags"
Next in thread: Andreas Gruenbacher: "Re: [PATCH -V4 08/11] vfs: Add new file and directory create permission flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]