diff options
author | Dave Hansen <haveblue@us.ibm.com> | 2007-10-17 02:31:14 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 11:43:05 -0400 |
commit | b41572e929221b0d87f529106cdf12185ee84bca (patch) | |
tree | 0ffd9252f53e9e964e962d6d428377851f12b015 | |
parent | ce8d2cdf3d2b73e346c82e6f0a46da331df6364c (diff) |
r/o bind mounts: rearrange may_open() to be r/o friendly
may_open() calls vfs_permission() before it does checks for IS_RDONLY(inode).
It checks _again_ inside of vfs_permission().
The check inside of vfs_permission() is going away eventually. With the
mnt_want/drop_write() functions, all of the r/o checks (except for this one)
are consistently done before calling permission(). Because of this, I'd like
to use permission() to hold a debugging check to make sure that the
mnt_want/drop_write() calls are actually being made.
So, to do this:
1. remove the IS_RDONLY() check from permission()
2. enforce that you must mnt_want_write() before
even calling permission()
3. actually add the debugging check to permission()
We need to rearrange may_open() to do r/o checks before calling permission().
Here's the patch.
Signed-off-by: Dave Hansen <haveblue@us.ibm.com>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | fs/namei.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/fs/namei.c b/fs/namei.c index 2792e0ca01d4..a29bb0f40ed5 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
@@ -1604,10 +1604,6 @@ int may_open(struct nameidata *nd, int acc_mode, int flag) | |||
1604 | if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) | 1604 | if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) |
1605 | return -EISDIR; | 1605 | return -EISDIR; |
1606 | 1606 | ||
1607 | error = vfs_permission(nd, acc_mode); | ||
1608 | if (error) | ||
1609 | return error; | ||
1610 | |||
1611 | /* | 1607 | /* |
1612 | * FIFO's, sockets and device files are special: they don't | 1608 | * FIFO's, sockets and device files are special: they don't |
1613 | * actually live on the filesystem itself, and as such you | 1609 | * actually live on the filesystem itself, and as such you |
@@ -1622,6 +1618,10 @@ int may_open(struct nameidata *nd, int acc_mode, int flag) | |||
1622 | flag &= ~O_TRUNC; | 1618 | flag &= ~O_TRUNC; |
1623 | } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) | 1619 | } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) |
1624 | return -EROFS; | 1620 | return -EROFS; |
1621 | |||
1622 | error = vfs_permission(nd, acc_mode); | ||
1623 | if (error) | ||
1624 | return error; | ||
1625 | /* | 1625 | /* |
1626 | * An append-only file must be opened in append mode for writing. | 1626 | * An append-only file must be opened in append mode for writing. |
1627 | */ | 1627 | */ |