diff options
| author | Miklos Szeredi <mszeredi@suse.cz> | 2014-10-23 18:14:36 -0400 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@suse.cz> | 2014-10-23 18:14:36 -0400 |
| commit | cbdf35bcb833bfd00f0925d7a9a33a21f41ea582 (patch) | |
| tree | fe76fb2eeaaf2b56d4961840caf97719567c6a88 | |
| parent | c771d683a62e5d36bc46036f5c07f4f5bb7dda61 (diff) | |
vfs: export check_sticky()
It's already duplicated in btrfs and about to be used in overlayfs too.
Move the sticky bit check to an inline helper and call the out-of-line
helper only in the unlikly case of the sticky bit being set.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
| -rw-r--r-- | fs/btrfs/ioctl.c | 20 | ||||
| -rw-r--r-- | fs/namei.c | 9 | ||||
| -rw-r--r-- | include/linux/fs.h | 9 |
3 files changed, 12 insertions, 26 deletions
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 8d2b76e29d3b..4399f0c3a4ce 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c | |||
| @@ -765,23 +765,6 @@ out: | |||
| 765 | return ret; | 765 | return ret; |
| 766 | } | 766 | } |
| 767 | 767 | ||
| 768 | /* copy of check_sticky in fs/namei.c() | ||
| 769 | * It's inline, so penalty for filesystems that don't use sticky bit is | ||
| 770 | * minimal. | ||
| 771 | */ | ||
| 772 | static inline int btrfs_check_sticky(struct inode *dir, struct inode *inode) | ||
| 773 | { | ||
| 774 | kuid_t fsuid = current_fsuid(); | ||
| 775 | |||
| 776 | if (!(dir->i_mode & S_ISVTX)) | ||
| 777 | return 0; | ||
| 778 | if (uid_eq(inode->i_uid, fsuid)) | ||
| 779 | return 0; | ||
| 780 | if (uid_eq(dir->i_uid, fsuid)) | ||
| 781 | return 0; | ||
| 782 | return !capable(CAP_FOWNER); | ||
| 783 | } | ||
| 784 | |||
| 785 | /* copy of may_delete in fs/namei.c() | 768 | /* copy of may_delete in fs/namei.c() |
| 786 | * Check whether we can remove a link victim from directory dir, check | 769 | * Check whether we can remove a link victim from directory dir, check |
| 787 | * whether the type of victim is right. | 770 | * whether the type of victim is right. |
| @@ -817,8 +800,7 @@ static int btrfs_may_delete(struct inode *dir, struct dentry *victim, int isdir) | |||
| 817 | return error; | 800 | return error; |
| 818 | if (IS_APPEND(dir)) | 801 | if (IS_APPEND(dir)) |
| 819 | return -EPERM; | 802 | return -EPERM; |
| 820 | if (btrfs_check_sticky(dir, victim->d_inode)|| | 803 | if (check_sticky(dir, victim->d_inode) || IS_APPEND(victim->d_inode) || |
| 821 | IS_APPEND(victim->d_inode)|| | ||
| 822 | IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode)) | 804 | IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode)) |
| 823 | return -EPERM; | 805 | return -EPERM; |
| 824 | if (isdir) { | 806 | if (isdir) { |
diff --git a/fs/namei.c b/fs/namei.c index d944f6db9b07..77fd536106cb 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
| @@ -2384,22 +2384,17 @@ kern_path_mountpoint(int dfd, const char *name, struct path *path, | |||
| 2384 | } | 2384 | } |
| 2385 | EXPORT_SYMBOL(kern_path_mountpoint); | 2385 | EXPORT_SYMBOL(kern_path_mountpoint); |
| 2386 | 2386 | ||
| 2387 | /* | 2387 | int __check_sticky(struct inode *dir, struct inode *inode) |
| 2388 | * It's inline, so penalty for filesystems that don't use sticky bit is | ||
| 2389 | * minimal. | ||
| 2390 | */ | ||
| 2391 | static inline int check_sticky(struct inode *dir, struct inode *inode) | ||
| 2392 | { | 2388 | { |
| 2393 | kuid_t fsuid = current_fsuid(); | 2389 | kuid_t fsuid = current_fsuid(); |
| 2394 | 2390 | ||
| 2395 | if (!(dir->i_mode & S_ISVTX)) | ||
| 2396 | return 0; | ||
| 2397 | if (uid_eq(inode->i_uid, fsuid)) | 2391 | if (uid_eq(inode->i_uid, fsuid)) |
| 2398 | return 0; | 2392 | return 0; |
| 2399 | if (uid_eq(dir->i_uid, fsuid)) | 2393 | if (uid_eq(dir->i_uid, fsuid)) |
| 2400 | return 0; | 2394 | return 0; |
| 2401 | return !capable_wrt_inode_uidgid(inode, CAP_FOWNER); | 2395 | return !capable_wrt_inode_uidgid(inode, CAP_FOWNER); |
| 2402 | } | 2396 | } |
| 2397 | EXPORT_SYMBOL(__check_sticky); | ||
| 2403 | 2398 | ||
| 2404 | /* | 2399 | /* |
| 2405 | * Check whether we can remove a link victim from directory dir, check | 2400 | * Check whether we can remove a link victim from directory dir, check |
diff --git a/include/linux/fs.h b/include/linux/fs.h index 5419df70a835..55cc0a319baa 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h | |||
| @@ -2259,6 +2259,7 @@ extern int notify_change(struct dentry *, struct iattr *, struct inode **); | |||
| 2259 | extern int inode_permission(struct inode *, int); | 2259 | extern int inode_permission(struct inode *, int); |
| 2260 | extern int __inode_permission(struct inode *, int); | 2260 | extern int __inode_permission(struct inode *, int); |
| 2261 | extern int generic_permission(struct inode *, int); | 2261 | extern int generic_permission(struct inode *, int); |
| 2262 | extern int __check_sticky(struct inode *dir, struct inode *inode); | ||
| 2262 | 2263 | ||
| 2263 | static inline bool execute_ok(struct inode *inode) | 2264 | static inline bool execute_ok(struct inode *inode) |
| 2264 | { | 2265 | { |
| @@ -2745,6 +2746,14 @@ static inline int is_sxid(umode_t mode) | |||
| 2745 | return (mode & S_ISUID) || ((mode & S_ISGID) && (mode & S_IXGRP)); | 2746 | return (mode & S_ISUID) || ((mode & S_ISGID) && (mode & S_IXGRP)); |
| 2746 | } | 2747 | } |
| 2747 | 2748 | ||
| 2749 | static inline int check_sticky(struct inode *dir, struct inode *inode) | ||
| 2750 | { | ||
| 2751 | if (!(dir->i_mode & S_ISVTX)) | ||
| 2752 | return 0; | ||
| 2753 | |||
| 2754 | return __check_sticky(dir, inode); | ||
| 2755 | } | ||
| 2756 | |||
| 2748 | static inline void inode_has_no_xattr(struct inode *inode) | 2757 | static inline void inode_has_no_xattr(struct inode *inode) |
| 2749 | { | 2758 | { |
| 2750 | if (!is_sxid(inode->i_mode) && (inode->i_sb->s_flags & MS_NOSEC)) | 2759 | if (!is_sxid(inode->i_mode) && (inode->i_sb->s_flags & MS_NOSEC)) |