Commit cb23beb5 authored by Christoph Hellwig's avatar Christoph Hellwig Committed by Al Viro
Browse files

kill vfs_permission



With all the nameidata removal there's no point anymore for this helper.
Of the three callers left two will go away with the next lookup series
anyway.

Also add proper kerneldoc to inode_permission as this is the main
permission check routine now.
Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 3fb64190
......@@ -127,7 +127,8 @@ asmlinkage long sys_uselib(const char __user * library)
if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
goto exit;
error = vfs_permission(&nd, MAY_READ | MAY_EXEC | MAY_OPEN);
error = inode_permission(nd.path.dentry->d_inode,
MAY_READ | MAY_EXEC | MAY_OPEN);
if (error)
goto exit;
......@@ -680,7 +681,7 @@ struct file *open_exec(const char *name)
if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
goto out_path_put;
err = vfs_permission(&nd, MAY_EXEC | MAY_OPEN);
err = inode_permission(nd.path.dentry->d_inode, MAY_EXEC | MAY_OPEN);
if (err)
goto out_path_put;
......
......@@ -226,6 +226,16 @@ int generic_permission(struct inode *inode, int mask,
return -EACCES;
}
/**
* inode_permission - check for access rights to a given inode
* @inode: inode to check permission on
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
*
* Used to check for read/write/execute permissions on an inode.
* We use "fsuid" for this, letting us set arbitrary permissions
* for filesystem access without changing the "normal" uids which
* are used for other things.
*/
int inode_permission(struct inode *inode, int mask)
{
int retval;
......@@ -263,21 +273,6 @@ int inode_permission(struct inode *inode, int mask)
mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
}
/**
* vfs_permission - check for access rights to a given path
* @nd: lookup result that describes the path
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
*
* Used to check for read/write/execute permissions on a path.
* We use "fsuid" for this, letting us set arbitrary permissions
* for filesystem access without changing the "normal" uids which
* are used for other things.
*/
int vfs_permission(struct nameidata *nd, int mask)
{
return inode_permission(nd->path.dentry->d_inode, mask);
}
/**
* file_permission - check for additional access rights to a given file
* @file: file to check access rights for
......@@ -288,7 +283,7 @@ int vfs_permission(struct nameidata *nd, int mask)
*
* Note:
* Do not use this function in new code. All access checks should
* be done using vfs_permission().
* be done using inode_permission().
*/
int file_permission(struct file *file, int mask)
{
......@@ -853,7 +848,8 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
nd->flags |= LOOKUP_CONTINUE;
err = exec_permission_lite(inode);
if (err == -EAGAIN)
err = vfs_permission(nd, MAY_EXEC);
err = inode_permission(nd->path.dentry->d_inode,
MAY_EXEC);
if (err)
break;
......@@ -2882,7 +2878,6 @@ EXPORT_SYMBOL(path_lookup);
EXPORT_SYMBOL(kern_path);
EXPORT_SYMBOL(vfs_path_lookup);
EXPORT_SYMBOL(inode_permission);
EXPORT_SYMBOL(vfs_permission);
EXPORT_SYMBOL(file_permission);
EXPORT_SYMBOL(unlock_rename);
EXPORT_SYMBOL(vfs_create);
......
......@@ -1212,7 +1212,6 @@ extern void unlock_super(struct super_block *);
/*
* VFS helper functions..
*/
extern int vfs_permission(struct nameidata *, int);
extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
extern int vfs_mkdir(struct inode *, struct dentry *, int);
extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment