Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

combination of kern_path_parent() and lookup_create().  Does *not*
expose struct nameidata to caller.  Syscalls converted to that...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

LOOKUP_PARENT is equivalent to it now
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

... it will be set in nd->flag for all cases with non-NULL nd
(i.e. when called from do_last()).
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Instead of playing with removal of LOOKUP_OPEN, mangling (and
restoring) nd->path, just pass NULL to vfs_create().  The whole
point of what's being done there is to suppress any attempts
to open file by underlying fs, which is what nd == NULL indicates.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

->create() instances are much happier that way...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

All instances can cope with that now (and ceph one actually
starts working properly).
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

a) check the right flags in ->create() (LOOKUP_OPEN, not LOOKUP_CREATE)
b) default (!LOOKUP_OPEN) open_flags is O_CREAT|O_EXCL|FMODE_READ, not 0
c) lookup_instantiate_filp() should be done only with LOOKUP_OPEN;
otherwise we need to issue CLOSE, lest we leak stateid on server.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

just open flags; switched to passing just those and
renamed to create_nfs_open_context()
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

just dentry, please...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

instead of path_get()/path_put(), we can just use nfs_sb_{,de}active()
to pin the superblock down.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

... and get rid of a bogus typecast, while we are at it; it's not
just that we want a function returning int and not void, but cast
to pointer to function taking void * and returning void would be
(void (*)(void *)) and not (void *)(void *), TYVM...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

... now that inode_permission() can take MAY_NOT_BLOCK and handle it
properly.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

not used anymore
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

cache footprint alone makes it a bad idea...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

pass mask instead; kill security_inode_exec_permission() since we can use
security_inode_permission() instead.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

pass that via mask instead.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

not used by the instances anymore.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

redundant; all callers get it duplicated in mask & MAY_NOT_BLOCK and none of
them removes that bit.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

not used in the instances anymore.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Duplicate the flags argument into mask bitmap.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

its value depends only on inode and does not change; we might as
well store it in ->i_op->check_acl and be done with that.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

new helpers: atomic_inc_unless_negative()/atomic_dec_unless_positive()
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

... and convert the comment before it into linuxdoc form.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

convert the last remaining caller to inode_permission()
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

new helper: would_dump(bprm, file).  Checks if we are allowed to
read the file and if we are not - sets ENFORCE_NODUMP.  Exported,
used in places that previously open-coded the same logics.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

capability overrides apply only to the default case; if fs has ->permission()
that does _not_ call generic_permission(), we have no business doing them.
Moreover, if it has ->permission() that does call generic_permission(), we
have no need to recheck capabilities.

Besides, the capability overrides should apply only if we got EACCES from
acl_permission_check(); any other value (-EIO, etc.) should be returned
to caller, capabilities or not capabilities.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>