From patchwork Thu Oct 4 01:02:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: NeilBrown X-Patchwork-Id: 10625445 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 24639174A for ; Thu, 4 Oct 2018 01:03:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 138FD28592 for ; Thu, 4 Oct 2018 01:03:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 07A5328D85; Thu, 4 Oct 2018 01:03:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI,UPPERCASE_50_75 autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8B0A528592 for ; Thu, 4 Oct 2018 01:03:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727488AbeJDHyc (ORCPT ); Thu, 4 Oct 2018 03:54:32 -0400 Received: from mx2.suse.de ([195.135.220.15]:56212 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726277AbeJDHyc (ORCPT ); Thu, 4 Oct 2018 03:54:32 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 79E5EAFED; Thu, 4 Oct 2018 01:03:41 +0000 (UTC) From: NeilBrown To: "J. Bruce Fields" , Anna Schumaker , Alexander Viro , Trond Myklebust Date: Thu, 04 Oct 2018 11:02:43 +1000 Subject: [PATCH 3/3] NFSD - Use MAY_ACT_AS_OWNER Cc: Jan Harkes , linux-nfs@vger.kernel.org, Miklos Szeredi , Jeff Layton , linux-kernel@vger.kernel.org, linux-afs@lists.infradead.org, David Howells , coda@cs.cmu.edu, linux-fsdevel@vger.kernel.org, Christoph Hellwig Message-ID: <153861496336.30373.7984309432171094818.stgit@noble> In-Reply-To: <153861471803.30373.6184444014227748848.stgit@noble> References: <153861471803.30373.6184444014227748848.stgit@noble> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The NFSD_MAY_OWNER_OVERRIDE has exactly the same meaning as the new MAY_ACT_AS_OWNER flag, so simplify the code by making use of the identity. The move NFSD_MAY_OWNER_OVERRIDE into NFSD_MAY_MASK, but that is not a problem is it is always set together with a flag that is already in the MASK. Signed-off-by: NeilBrown --- fs/nfsd/vfs.c | 11 ++++++----- fs/nfsd/vfs.h | 14 +++++++------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 55a099e47ba2..d89d23e6e2fe 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -2038,12 +2038,13 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, * We must trust the client to do permission checking - using "ACCESS" * with NFSv3. */ - if ((acc & NFSD_MAY_OWNER_OVERRIDE) && - uid_eq(inode->i_uid, current_fsuid())) - return 0; - /* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */ - err = inode_permission(inode, acc & (MAY_READ|MAY_WRITE|MAY_EXEC)); + /* + * This works as NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} + * and NFSD_MAY_OWNER_OVERRIDE == MAY_ACT_AS_OWNER + */ + err = inode_permission(inode, (acc & (MAY_READ|MAY_WRITE| + MAY_EXEC|MAY_ACT_AS_OWNER))); /* Allow read access to binaries even when mode 111 */ if (err == -EACCES && S_ISREG(inode->i_mode) && diff --git a/fs/nfsd/vfs.h b/fs/nfsd/vfs.h index 2b1c70d3757a..f6e96dba76a5 100644 --- a/fs/nfsd/vfs.h +++ b/fs/nfsd/vfs.h @@ -16,6 +16,7 @@ #define NFSD_MAY_EXEC MAY_EXEC #define NFSD_MAY_WRITE MAY_WRITE #define NFSD_MAY_READ MAY_READ +#define NFSD_MAY_OWNER_OVERRIDE MAY_ACT_AS_OWNER #define NFSD_MAY_SATTR (__MAY_UNUSED << 0) #define NFSD_MAY_TRUNC (__MAY_UNUSED << 1) #define NFSD_MAY_LOCK (__MAY_UNUSED << 2) @@ -23,16 +24,15 @@ #define NFSD_MAY_MASK (__NFSD_MAY_FIRST_HINT - 1) /* extra hints to permission and open routines: */ -#define NFSD_MAY_OWNER_OVERRIDE (__NFSD_MAY_FIRST_HINT << 0) /* for device special files */ -#define NFSD_MAY_LOCAL_ACCESS (__NFSD_MAY_FIRST_HINT << 1) -#define NFSD_MAY_BYPASS_GSS_ON_ROOT (__NFSD_MAY_FIRST_HINT << 2) -#define NFSD_MAY_NOT_BREAK_LEASE (__NFSD_MAY_FIRST_HINT << 3) -#define NFSD_MAY_BYPASS_GSS (__NFSD_MAY_FIRST_HINT << 4) -#define NFSD_MAY_READ_IF_EXEC (__NFSD_MAY_FIRST_HINT << 5) +#define NFSD_MAY_LOCAL_ACCESS (__NFSD_MAY_FIRST_HINT << 0) +#define NFSD_MAY_BYPASS_GSS_ON_ROOT (__NFSD_MAY_FIRST_HINT << 1) +#define NFSD_MAY_NOT_BREAK_LEASE (__NFSD_MAY_FIRST_HINT << 2) +#define NFSD_MAY_BYPASS_GSS (__NFSD_MAY_FIRST_HINT << 3) +#define NFSD_MAY_READ_IF_EXEC (__NFSD_MAY_FIRST_HINT << 4) /* 64 bit readdir cookies for >= NFSv3 */ -#define NFSD_MAY_64BIT_COOKIE (__NFSD_MAY_FIRST_HINT << 6) +#define NFSD_MAY_64BIT_COOKIE (__NFSD_MAY_FIRST_HINT << 5) #define NFSD_MAY_CREATE (NFSD_MAY_EXEC|NFSD_MAY_WRITE) #define NFSD_MAY_REMOVE (NFSD_MAY_EXEC|NFSD_MAY_WRITE|NFSD_MAY_TRUNC)