Re: [PATCH -V4 08/11] vfs: Add new file and directory create permission flags
From: Andreas Gruenbacher <hidden>
Date: 2010-09-27 13:14:00
Also in:
linux-fsdevel, lkml
On Friday 24 September 2010 17:54:23 Jeff Layton wrote:
On Fri, 24 Sep 2010 18:18:11 +0530 "Aneesh Kumar K.V" [off-list ref] wrote:quoted
@@ -2415,7 +2418,7 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de if (!inode) return -ENOENT; - error = may_create(dir, new_dentry); + error = may_create(dir, new_dentry, S_ISDIR(inode->i_mode));^^^^ this is a little scary, but even if it's a directory, it'll get kicked out in a later check. Would it be clearer to move up the S_ISDIR() check in this function and then pass this in as false?
Ah, you mean this:
--- a/fs/namei.c
+++ b/fs/namei.c@@ -2450,7 +2450,9 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de if (!inode) return -ENOENT; - error = may_create(dir, new_dentry, S_ISDIR(inode->i_mode)); + if (S_ISDIR(inode->i_mode)) + return -EPERM; + error = may_create(dir, new_dentry, 0); if (error) return error;
@@ -2464,8 +2466,6 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de return -EPERM; if (!dir->i_op->link) return -EPERM; - if (S_ISDIR(inode->i_mode)) - return -EPERM; error = security_inode_link(old_dentry, dir, new_dentry); if (error)
This is a clear improvement; I don't think it matters that user-space will get -EPERM instead of -EXDEV when trying to hard-link a directory across devices. Thanks, Andreas