diff options
| author | Miklos Szeredi <mszeredi@suse.cz> | 2007-10-17 02:31:06 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 11:43:04 -0400 |
| commit | e8e961574b5b417d3fc277cbf436081fce4fc2e1 (patch) | |
| tree | 28e73ea3666f4e2778d0d52c511be4d8e32b9e26 /fs/fuse | |
| parent | c9c9d7df5f8aed8b738f1ace45700e2001c1faeb (diff) | |
fuse: clean up execute permission checking
Define a new function fuse_refresh_attributes() that conditionally refreshes
the attributes based on the validity timeout.
In fuse_permission() only refresh the attributes for checking the execute bits
if necessary.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/fuse')
| -rw-r--r-- | fs/fuse/dir.c | 49 |
1 files changed, 31 insertions, 18 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 8ea4ea13ec5f..d1acab931330 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c | |||
| @@ -695,6 +695,20 @@ static int fuse_do_getattr(struct inode *inode) | |||
| 695 | } | 695 | } |
| 696 | 696 | ||
| 697 | /* | 697 | /* |
| 698 | * Check if attributes are still valid, and if not send a GETATTR | ||
| 699 | * request to refresh them. | ||
| 700 | */ | ||
| 701 | static int fuse_refresh_attributes(struct inode *inode) | ||
| 702 | { | ||
| 703 | struct fuse_inode *fi = get_fuse_inode(inode); | ||
| 704 | |||
| 705 | if (fi->i_time < get_jiffies_64()) | ||
| 706 | return fuse_do_getattr(inode); | ||
| 707 | else | ||
| 708 | return 0; | ||
| 709 | } | ||
| 710 | |||
| 711 | /* | ||
| 698 | * Calling into a user-controlled filesystem gives the filesystem | 712 | * Calling into a user-controlled filesystem gives the filesystem |
| 699 | * daemon ptrace-like capabilities over the requester process. This | 713 | * daemon ptrace-like capabilities over the requester process. This |
| 700 | * means, that the filesystem daemon is able to record the exact | 714 | * means, that the filesystem daemon is able to record the exact |
| @@ -770,7 +784,6 @@ static int fuse_access(struct inode *inode, int mask) | |||
| 770 | static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) | 784 | static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) |
| 771 | { | 785 | { |
| 772 | struct fuse_conn *fc = get_fuse_conn(inode); | 786 | struct fuse_conn *fc = get_fuse_conn(inode); |
| 773 | struct fuse_inode *fi = get_fuse_inode(inode); | ||
| 774 | bool refreshed = false; | 787 | bool refreshed = false; |
| 775 | int err = 0; | 788 | int err = 0; |
| 776 | 789 | ||
| @@ -778,12 +791,11 @@ static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) | |||
| 778 | return -EACCES; | 791 | return -EACCES; |
| 779 | 792 | ||
| 780 | /* | 793 | /* |
| 781 | * If attributes are needed, but are stale, refresh them | 794 | * If attributes are needed, refresh them before proceeding |
| 782 | * before proceeding | ||
| 783 | */ | 795 | */ |
| 784 | if (((fc->flags & FUSE_DEFAULT_PERMISSIONS) || (mask & MAY_EXEC)) && | 796 | if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) || |
| 785 | fi->i_time < get_jiffies_64()) { | 797 | ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) { |
| 786 | err = fuse_do_getattr(inode); | 798 | err = fuse_refresh_attributes(inode); |
| 787 | if (err) | 799 | if (err) |
| 788 | return err; | 800 | return err; |
| 789 | 801 | ||
| @@ -806,14 +818,17 @@ static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) | |||
| 806 | exist. So if permissions are revoked this won't be | 818 | exist. So if permissions are revoked this won't be |
| 807 | noticed immediately, only after the attribute | 819 | noticed immediately, only after the attribute |
| 808 | timeout has expired */ | 820 | timeout has expired */ |
| 809 | 821 | } else if (nd && (nd->flags & (LOOKUP_ACCESS | LOOKUP_CHDIR))) { | |
| 810 | } else { | 822 | err = fuse_access(inode, mask); |
| 811 | int mode = inode->i_mode; | 823 | } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) { |
| 812 | if ((mask & MAY_EXEC) && !S_ISDIR(mode) && !(mode & S_IXUGO)) | 824 | if (!(inode->i_mode & S_IXUGO)) { |
| 813 | return -EACCES; | 825 | if (refreshed) |
| 814 | 826 | return -EACCES; | |
| 815 | if (nd && (nd->flags & (LOOKUP_ACCESS | LOOKUP_CHDIR))) | 827 | |
| 816 | return fuse_access(inode, mask); | 828 | err = fuse_do_getattr(inode); |
| 829 | if (!err && !(inode->i_mode & S_IXUGO)) | ||
| 830 | return -EACCES; | ||
| 831 | } | ||
| 817 | } | 832 | } |
| 818 | return err; | 833 | return err; |
| 819 | } | 834 | } |
| @@ -1046,14 +1061,12 @@ static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry, | |||
| 1046 | struct inode *inode = entry->d_inode; | 1061 | struct inode *inode = entry->d_inode; |
| 1047 | struct fuse_inode *fi = get_fuse_inode(inode); | 1062 | struct fuse_inode *fi = get_fuse_inode(inode); |
| 1048 | struct fuse_conn *fc = get_fuse_conn(inode); | 1063 | struct fuse_conn *fc = get_fuse_conn(inode); |
| 1049 | int err = 0; | 1064 | int err; |
| 1050 | 1065 | ||
| 1051 | if (!fuse_allow_task(fc, current)) | 1066 | if (!fuse_allow_task(fc, current)) |
| 1052 | return -EACCES; | 1067 | return -EACCES; |
| 1053 | 1068 | ||
| 1054 | if (fi->i_time < get_jiffies_64()) | 1069 | err = fuse_refresh_attributes(inode); |
| 1055 | err = fuse_do_getattr(inode); | ||
| 1056 | |||
| 1057 | if (!err) { | 1070 | if (!err) { |
| 1058 | generic_fillattr(inode, stat); | 1071 | generic_fillattr(inode, stat); |
| 1059 | stat->mode = fi->orig_i_mode; | 1072 | stat->mode = fi->orig_i_mode; |