From patchwork Sun Apr 27 16:14:40 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Aneesh Kumar K.V" X-Patchwork-Id: 4072241 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 18684C0ACC for ; Sun, 27 Apr 2014 16:24:14 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 5D01D20266 for ; Sun, 27 Apr 2014 16:24:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 78E3420270 for ; Sun, 27 Apr 2014 16:24:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753307AbaD0QQh (ORCPT ); Sun, 27 Apr 2014 12:16:37 -0400 Received: from e23smtp06.au.ibm.com ([202.81.31.148]:40745 "EHLO e23smtp06.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753354AbaD0QPk (ORCPT ); Sun, 27 Apr 2014 12:15:40 -0400 Received: from /spool/local by e23smtp06.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 28 Apr 2014 02:15:38 +1000 Received: from d23dlp02.au.ibm.com (202.81.31.213) by e23smtp06.au.ibm.com (202.81.31.212) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Mon, 28 Apr 2014 02:15:36 +1000 Received: from d23relay05.au.ibm.com (d23relay05.au.ibm.com [9.190.235.152]) by d23dlp02.au.ibm.com (Postfix) with ESMTP id 23D4B2BB0052; Mon, 28 Apr 2014 02:15:36 +1000 (EST) Received: from d23av02.au.ibm.com (d23av02.au.ibm.com [9.190.235.138]) by d23relay05.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id s3RFsSpE21430394; Mon, 28 Apr 2014 01:54:29 +1000 Received: from d23av02.au.ibm.com (localhost [127.0.0.1]) by d23av02.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id s3RGFYBw032115; Mon, 28 Apr 2014 02:15:35 +1000 Received: from skywalker.in.ibm.com ([9.79.196.205]) by d23av02.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id s3RGF2CO031555; Mon, 28 Apr 2014 02:15:32 +1000 From: "Aneesh Kumar K.V" To: agruen@kernel.org, bfields@fieldses.org, akpm@linux-foundation.org, viro@zeniv.linux.org.uk, dhowells@redhat.com Cc: aneesh.kumar@linux.vnet.ibm.com, linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH -V1 09/22] vfs: Make acl_permission_check() work for richacls Date: Sun, 27 Apr 2014 21:44:40 +0530 Message-Id: <1398615293-22931-10-git-send-email-aneesh.kumar@linux.vnet.ibm.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1398615293-22931-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> References: <1398615293-22931-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 14042716-7014-0000-0000-000004CCD697 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Andreas Gruenbacher Signed-off-by: Andreas Gruenbacher Signed-off-by: Aneesh Kumar K.V --- fs/namei.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/fs/namei.c b/fs/namei.c index 26b9a8212837..06474553c08d 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -284,6 +284,19 @@ static int acl_permission_check(struct inode *inode, int mask) { unsigned int mode = inode->i_mode; + if (IS_RICHACL(inode)) { + int error = check_acl(inode, mask); + if (error != -EAGAIN) + return error; + if (mask & (MAY_DELETE_SELF | MAY_TAKE_OWNERSHIP | + MAY_CHMOD | MAY_SET_TIMES)) { + /* + * The file permission bit cannot grant these + * permissions. + */ + return -EACCES; + } + } if (likely(uid_eq(current_fsuid(), inode->i_uid))) mode >>= 6; else {