Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> --- fs/namei.c | 24 ------- fs/open.c | 166 +++++++++++++++++++++++++++++++++++++++++++++++++ include/linux/namei.h | 24 +++++++ 3 files changed, 190 insertions(+), 24 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index d62fdc8..7ffdfe9 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1558,30 +1558,6 @@ out_unlock: return may_open(&nd->path, 0, flag & ~O_TRUNC); } -/* - * Note that while the flag value (low two bits) for sys_open means: - * 00 - read-only - * 01 - write-only - * 10 - read-write - * 11 - special - * it is changed into - * 00 - no permissions needed - * 01 - read-permission - * 10 - write-permission - * 11 - read-write - * for the internal routines (ie open_namei()/follow_link() etc) - * This is more logical, and also allows the 00 "no perm needed" - * to be used for symlinks (where the permissions are checked - * later). - * -*/ -static inline int open_to_namei_flags(int flag) -{ - if ((flag+1) & O_ACCMODE) - flag++; - return flag; -} - static int open_will_truncate(int flag, struct inode *inode) { /* diff --git a/fs/open.c b/fs/open.c index f5a8420..4187651 100644 --- a/fs/open.c +++ b/fs/open.c @@ -1273,3 +1273,169 @@ int nonseekable_open(struct inode *inode, struct file *filp) } EXPORT_SYMBOL(nonseekable_open); + +static int vfs_dentry_acceptable(void *context, struct dentry *dentry) +{ + return 1; +} + +static struct path *path_from_fd(int fd) +{ + struct path *path; + struct file *filep; + + if (fd == AT_FDCWD) { + struct fs_struct *fs = current->fs; + read_lock(&fs->lock); + path = &fs->pwd; + path_get(path); + read_unlock(&fs->lock); + } else { + filep = fget(fd); + if (!filep) + return ERR_PTR(-EBADF); + path = &filep->f_path; + path_get(path); + fput(filep); + } + return path; +} + + +static struct dentry *handle_to_dentry(struct path *path, + struct file_handle *fh) +{ + int retval = 0; + void *handle = NULL; + struct inode *inode; + struct dentry *dentry; + int handle_size = fh->handle_size; + + inode = path->dentry->d_inode; + if (!S_ISREG(inode->i_mode) && + !S_ISDIR(inode->i_mode) && + !S_ISLNK(inode->i_mode)) { + retval = -EINVAL; + goto err_out; + } + /* should we do some check on handle size ?*/ + handle = kmalloc(handle_size, GFP_KERNEL); + if (!handle) { + retval = -ENOMEM; + goto err_out; + } + if (copy_from_user(handle, fh->f_handle, + handle_size*sizeof(u32))) { + retval = -EFAULT; + goto err_out; + } + dentry = exportfs_decode_fh(path->mnt, (struct fid *)handle, + handle_size, fh->handle_type, + vfs_dentry_acceptable, NULL); + kfree(handle); + return dentry; + +err_out: + kfree(handle); + return ERR_PTR(retval); +} + +long do_sys_open_by_handle(int dfd, struct file_handle *fh, int flags) +{ + int fd; + int retval = 0; + int d_flags = flags; + struct path *path; + struct file *filp; + struct inode *inode; + struct dentry *dentry; + + if (!capable(CAP_SYS_ADMIN)) + /* Allow open by handle only by sysadmin */ + return -EPERM; + + path = path_from_fd(dfd); + if (IS_ERR(path)) + return PTR_ERR(path); + + dentry = handle_to_dentry(path, fh); + if (IS_ERR(dentry)) { + path_put(path); + return PTR_ERR(dentry); + } + + inode = dentry->d_inode; + /* Restrict open_by_handle to directories & regular files. */ + if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { + retval = -EINVAL; + goto err_out; + } + + flags = open_to_namei_flags(flags); + /* O_TRUNC implies we need access checks for write permissions */ + if (flags & O_TRUNC) + flags |= MAY_WRITE; + + if ((!(flags & O_APPEND) || (flags & O_TRUNC)) && + (flags & FMODE_WRITE) && IS_APPEND(inode)) { + retval = -EPERM; + goto err_out; + } + + if ((flags & FMODE_WRITE) && IS_IMMUTABLE(inode)) { + retval = -EACCES; + goto err_out; + } + + /* Can't write directories. */ + if (S_ISDIR(inode->i_mode) && (flags & FMODE_WRITE)) { + retval = -EISDIR; + goto err_out; + } + + fd = get_unused_fd(); + if (fd < 0) { + retval = fd; + goto err_out; + } + + filp = dentry_open(dentry, mntget(path->mnt), + d_flags, current_cred()); + if (IS_ERR(filp)) { + put_unused_fd(fd); + return PTR_ERR(filp); + } + + if (inode->i_mode & S_IFREG) { + filp->f_flags |= O_NOATIME; + filp->f_mode |= FMODE_NOCMTIME; + } + fsnotify_open(filp->f_path.dentry); + fd_install(fd, filp); + path_put(path); + return fd; + +err_out: + path_put(path); + dput(dentry); + return retval; +} + +SYSCALL_DEFINE2(open_by_handle, struct file_handle __user *, handle, int, flags) +{ + long ret; + struct file_handle f_handle; + + if (force_o_largefile()) + flags |= O_LARGEFILE; + + if (copy_from_user(&f_handle, handle, sizeof(struct file_handle))) { + ret = -EFAULT; + goto err_out; + } + ret = do_sys_open_by_handle(AT_FDCWD, &f_handle, flags); +err_out: + /* avoid REGPARM breakage on x86: */ + asmlinkage_protect(2, ret, handle, flags); + return ret; +} diff --git a/include/linux/namei.h b/include/linux/namei.h index 05b441d..a853aa0 100644 --- a/include/linux/namei.h +++ b/include/linux/namei.h @@ -4,6 +4,7 @@ #include <linux/dcache.h> #include <linux/linkage.h> #include <linux/path.h> +#include <asm-generic/fcntl.h> struct vfsmount; @@ -96,4 +97,27 @@ static inline void nd_terminate_link(void *name, size_t len, size_t maxlen) ((char *) name)[min(len, maxlen)] = '\0'; } +/* + * Note that while the flag value (low two bits) for sys_open means: + * 00 - read-only + * 01 - write-only + * 10 - read-write + * 11 - special + * it is changed into + * 00 - no permissions needed + * 01 - read-permission + * 10 - write-permission + * 11 - read-write + * for the internal routines (ie open_namei()/follow_link() etc) + * This is more logical, and also allows the 00 "no perm needed" + * to be used for symlinks (where the permissions are checked + * later). + * +*/ +static inline int open_to_namei_flags(int flag) +{ + if ((flag+1) & O_ACCMODE) + flag++; + return flag; +} #endif /* _LINUX_NAMEI_H */ -- 1.7.0.31.g1df487 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html