aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/cifsfs.c
diff options
context:
space:
mode:
authorMiklos Szeredi <miklos@szeredi.hu>2008-07-31 07:41:58 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-10-23 05:13:25 -0400
commitf696a3659fc4b3a3bf4bc83d9dbec5e5a2ffd929 (patch)
tree738adf557608f26e881a710839de12b7527549b6 /fs/cifs/cifsfs.c
parent5cec56deb6d41b5b570306b17cd0b1590ebd0897 (diff)
[PATCH] move executable checking into ->permission()
For execute permission on a regular files we need to check if file has any execute bits at all, regardless of capabilites. This check is normally performed by generic_permission() but was also added to the case when the filesystem defines its own ->permission() method. In the latter case the filesystem should be responsible for performing this check. Move the check from inode_permission() inside filesystems which are not calling generic_permission(). Create a helper function execute_ok() that returns true if the inode is a directory or if any execute bits are present in i_mode. Also fix up the following code: - coda control file is never executable - sysctl files are never executable - hfs_permission seems broken on MAY_EXEC, remove - hfsplus_permission is eqivalent to generic_permission(), remove Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Diffstat (limited to 'fs/cifs/cifsfs.c')
-rw-r--r--fs/cifs/cifsfs.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 89c64a8dcb99..84cc011a16e4 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -275,9 +275,12 @@ static int cifs_permission(struct inode *inode, int mask)
275 275
276 cifs_sb = CIFS_SB(inode->i_sb); 276 cifs_sb = CIFS_SB(inode->i_sb);
277 277
278 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_PERM) 278 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_PERM) {
279 return 0; 279 if ((mask & MAY_EXEC) && !execute_ok(inode))
280 else /* file mode might have been restricted at mount time 280 return -EACCES;
281 else
282 return 0;
283 } else /* file mode might have been restricted at mount time
281 on the client (above and beyond ACL on servers) for 284 on the client (above and beyond ACL on servers) for
282 servers which do not support setting and viewing mode bits, 285 servers which do not support setting and viewing mode bits,
283 so allowing client to check permissions is useful */ 286 so allowing client to check permissions is useful */