提交 6902d925 编写于 作者: D Dave Hansen 提交者: Linus Torvalds

[PATCH] r/o bind mounts: prepare for write access checks: collapse if()

We're shortly going to be adding a bunch more permission checks in these
functions.  That requires adding either a bunch of new if() conditions, or
some gotos.  This patch collapses existing if()s and uses gotos instead to
prepare for the upcoming changes.
Signed-off-by: NDave Hansen <haveblue@us.ibm.com>
Acked-by: NChristoph Hellwig <hch@lst.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 db5fed26
...@@ -1934,30 +1934,32 @@ asmlinkage long sys_mkdirat(int dfd, const char __user *pathname, int mode) ...@@ -1934,30 +1934,32 @@ asmlinkage long sys_mkdirat(int dfd, const char __user *pathname, int mode)
{ {
int error = 0; int error = 0;
char * tmp; char * tmp;
struct dentry *dentry;
struct nameidata nd;
tmp = getname(pathname); tmp = getname(pathname);
error = PTR_ERR(tmp); error = PTR_ERR(tmp);
if (!IS_ERR(tmp)) { if (IS_ERR(tmp))
struct dentry *dentry; goto out_err;
struct nameidata nd;
error = do_path_lookup(dfd, tmp, LOOKUP_PARENT, &nd); error = do_path_lookup(dfd, tmp, LOOKUP_PARENT, &nd);
if (error) if (error)
goto out; goto out;
dentry = lookup_create(&nd, 1); dentry = lookup_create(&nd, 1);
error = PTR_ERR(dentry); error = PTR_ERR(dentry);
if (!IS_ERR(dentry)) { if (IS_ERR(dentry))
if (!IS_POSIXACL(nd.dentry->d_inode)) goto out_unlock;
mode &= ~current->fs->umask;
error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
dput(dentry);
}
mutex_unlock(&nd.dentry->d_inode->i_mutex);
path_release(&nd);
out:
putname(tmp);
}
if (!IS_POSIXACL(nd.dentry->d_inode))
mode &= ~current->fs->umask;
error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
dput(dentry);
out_unlock:
mutex_unlock(&nd.dentry->d_inode->i_mutex);
path_release(&nd);
out:
putname(tmp);
out_err:
return error; return error;
} }
...@@ -2056,10 +2058,11 @@ static long do_rmdir(int dfd, const char __user *pathname) ...@@ -2056,10 +2058,11 @@ static long do_rmdir(int dfd, const char __user *pathname)
mutex_lock_nested(&nd.dentry->d_inode->i_mutex, I_MUTEX_PARENT); mutex_lock_nested(&nd.dentry->d_inode->i_mutex, I_MUTEX_PARENT);
dentry = lookup_hash(&nd); dentry = lookup_hash(&nd);
error = PTR_ERR(dentry); error = PTR_ERR(dentry);
if (!IS_ERR(dentry)) { if (IS_ERR(dentry))
error = vfs_rmdir(nd.dentry->d_inode, dentry); goto exit2;
dput(dentry); error = vfs_rmdir(nd.dentry->d_inode, dentry);
} dput(dentry);
exit2:
mutex_unlock(&nd.dentry->d_inode->i_mutex); mutex_unlock(&nd.dentry->d_inode->i_mutex);
exit1: exit1:
path_release(&nd); path_release(&nd);
...@@ -2199,30 +2202,33 @@ asmlinkage long sys_symlinkat(const char __user *oldname, ...@@ -2199,30 +2202,33 @@ asmlinkage long sys_symlinkat(const char __user *oldname,
int error = 0; int error = 0;
char * from; char * from;
char * to; char * to;
struct dentry *dentry;
struct nameidata nd;
from = getname(oldname); from = getname(oldname);
if(IS_ERR(from)) if(IS_ERR(from))
return PTR_ERR(from); return PTR_ERR(from);
to = getname(newname); to = getname(newname);
error = PTR_ERR(to); error = PTR_ERR(to);
if (!IS_ERR(to)) { if (IS_ERR(to))
struct dentry *dentry; goto out_putname;
struct nameidata nd;
error = do_path_lookup(newdfd, to, LOOKUP_PARENT, &nd); error = do_path_lookup(newdfd, to, LOOKUP_PARENT, &nd);
if (error) if (error)
goto out; goto out;
dentry = lookup_create(&nd, 0); dentry = lookup_create(&nd, 0);
error = PTR_ERR(dentry); error = PTR_ERR(dentry);
if (!IS_ERR(dentry)) { if (IS_ERR(dentry))
error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); goto out_unlock;
dput(dentry);
} error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
mutex_unlock(&nd.dentry->d_inode->i_mutex); dput(dentry);
path_release(&nd); out_unlock:
mutex_unlock(&nd.dentry->d_inode->i_mutex);
path_release(&nd);
out: out:
putname(to); putname(to);
} out_putname:
putname(from); putname(from);
return error; return error;
} }
...@@ -2308,10 +2314,11 @@ asmlinkage long sys_linkat(int olddfd, const char __user *oldname, ...@@ -2308,10 +2314,11 @@ asmlinkage long sys_linkat(int olddfd, const char __user *oldname,
goto out_release; goto out_release;
new_dentry = lookup_create(&nd, 0); new_dentry = lookup_create(&nd, 0);
error = PTR_ERR(new_dentry); error = PTR_ERR(new_dentry);
if (!IS_ERR(new_dentry)) { if (IS_ERR(new_dentry))
error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); goto out_unlock;
dput(new_dentry); error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
} dput(new_dentry);
out_unlock:
mutex_unlock(&nd.dentry->d_inode->i_mutex); mutex_unlock(&nd.dentry->d_inode->i_mutex);
out_release: out_release:
path_release(&nd); path_release(&nd);
......
...@@ -386,15 +386,21 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode) ...@@ -386,15 +386,21 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
current->cap_effective = current->cap_permitted; current->cap_effective = current->cap_permitted;
res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd); res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd);
if (!res) { if (res)
res = vfs_permission(&nd, mode); goto out;
/* SuS v2 requires we report a read only fs too */
if(!res && (mode & S_IWOTH) && IS_RDONLY(nd.dentry->d_inode) res = vfs_permission(&nd, mode);
&& !special_file(nd.dentry->d_inode->i_mode)) /* SuS v2 requires we report a read only fs too */
res = -EROFS; if(res || !(mode & S_IWOTH) ||
path_release(&nd); special_file(nd.dentry->d_inode->i_mode))
} goto out_path_release;
if(IS_RDONLY(nd.dentry->d_inode))
res = -EROFS;
out_path_release:
path_release(&nd);
out:
current->fsuid = old_fsuid; current->fsuid = old_fsuid;
current->fsgid = old_fsgid; current->fsgid = old_fsgid;
current->cap_effective = old_cap; current->cap_effective = old_cap;
...@@ -603,10 +609,11 @@ asmlinkage long sys_chown(const char __user * filename, uid_t user, gid_t group) ...@@ -603,10 +609,11 @@ asmlinkage long sys_chown(const char __user * filename, uid_t user, gid_t group)
int error; int error;
error = user_path_walk(filename, &nd); error = user_path_walk(filename, &nd);
if (!error) { if (error)
error = chown_common(nd.dentry, user, group); goto out;
path_release(&nd); error = chown_common(nd.dentry, user, group);
} path_release(&nd);
out:
return error; return error;
} }
...@@ -622,10 +629,10 @@ asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user, ...@@ -622,10 +629,10 @@ asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
follow = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW; follow = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
error = __user_walk_fd(dfd, filename, follow, &nd); error = __user_walk_fd(dfd, filename, follow, &nd);
if (!error) { if (error)
error = chown_common(nd.dentry, user, group); goto out;
path_release(&nd); error = chown_common(nd.dentry, user, group);
} path_release(&nd);
out: out:
return error; return error;
} }
...@@ -636,10 +643,11 @@ asmlinkage long sys_lchown(const char __user * filename, uid_t user, gid_t group ...@@ -636,10 +643,11 @@ asmlinkage long sys_lchown(const char __user * filename, uid_t user, gid_t group
int error; int error;
error = user_path_walk_link(filename, &nd); error = user_path_walk_link(filename, &nd);
if (!error) { if (error)
error = chown_common(nd.dentry, user, group); goto out;
path_release(&nd); error = chown_common(nd.dentry, user, group);
} path_release(&nd);
out:
return error; return error;
} }
...@@ -648,15 +656,17 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group) ...@@ -648,15 +656,17 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
{ {
struct file * file; struct file * file;
int error = -EBADF; int error = -EBADF;
struct dentry * dentry;
file = fget(fd); file = fget(fd);
if (file) { if (!file)
struct dentry * dentry; goto out;
dentry = file->f_dentry;
audit_inode(NULL, dentry->d_inode); dentry = file->f_dentry;
error = chown_common(dentry, user, group); audit_inode(NULL, dentry->d_inode);
fput(file); error = chown_common(dentry, user, group);
} fput(file);
out:
return error; return error;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册