Commit 4ad5abb3 authored by Al Viro's avatar Al Viro

no reason to keep exec_permission() separate now

cache footprint alone makes it a bad idea...
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent d594e7ec
...@@ -310,43 +310,6 @@ int inode_permission(struct inode *inode, int mask) ...@@ -310,43 +310,6 @@ int inode_permission(struct inode *inode, int mask)
return security_inode_permission(inode, mask); return security_inode_permission(inode, mask);
} }
/**
* exec_permission - check for right to do lookups in a given directory
* @inode: inode to check permission on
* @mask: MAY_EXEC and possibly MAY_NOT_BLOCK flags.
*
* Short-cut version of inode_permission(), for calling on directories
* during pathname resolution. Combines parts of inode_permission()
* and generic_permission(), and tests ONLY for MAY_EXEC permission.
*
* If appropriate, check DAC only. If not appropriate, or
* short-cut DAC fails, then call ->permission() to do more
* complete permission check.
*/
static inline int exec_permission(struct inode *inode, int mask)
{
int ret;
struct user_namespace *ns = inode_userns(inode);
if (inode->i_op->permission) {
ret = inode->i_op->permission(inode, mask);
if (likely(!ret))
goto ok;
} else {
ret = acl_permission_check(inode, mask);
if (likely(!ret))
goto ok;
if (ret != -EACCES)
return ret;
if (ns_capable(ns, CAP_DAC_OVERRIDE) ||
ns_capable(ns, CAP_DAC_READ_SEARCH))
goto ok;
}
return ret;
ok:
return security_inode_permission(inode, mask);
}
/** /**
* path_get - get a reference to a path * path_get - get a reference to a path
* @path: path to get the reference to * @path: path to get the reference to
...@@ -1220,13 +1183,13 @@ static int do_lookup(struct nameidata *nd, struct qstr *name, ...@@ -1220,13 +1183,13 @@ static int do_lookup(struct nameidata *nd, struct qstr *name,
static inline int may_lookup(struct nameidata *nd) static inline int may_lookup(struct nameidata *nd)
{ {
if (nd->flags & LOOKUP_RCU) { if (nd->flags & LOOKUP_RCU) {
int err = exec_permission(nd->inode, MAY_EXEC|MAY_NOT_BLOCK); int err = inode_permission(nd->inode, MAY_EXEC|MAY_NOT_BLOCK);
if (err != -ECHILD) if (err != -ECHILD)
return err; return err;
if (unlazy_walk(nd, NULL)) if (unlazy_walk(nd, NULL))
return -ECHILD; return -ECHILD;
} }
return exec_permission(nd->inode, MAY_EXEC); return inode_permission(nd->inode, MAY_EXEC);
} }
static inline int handle_dots(struct nameidata *nd, int type) static inline int handle_dots(struct nameidata *nd, int type)
...@@ -1501,7 +1464,7 @@ static int path_init(int dfd, const char *name, unsigned int flags, ...@@ -1501,7 +1464,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
if (!S_ISDIR(dentry->d_inode->i_mode)) if (!S_ISDIR(dentry->d_inode->i_mode))
goto fput_fail; goto fput_fail;
retval = exec_permission(dentry->d_inode, MAY_EXEC); retval = inode_permission(dentry->d_inode, MAY_EXEC);
if (retval) if (retval)
goto fput_fail; goto fput_fail;
} }
...@@ -1658,7 +1621,7 @@ static struct dentry *__lookup_hash(struct qstr *name, ...@@ -1658,7 +1621,7 @@ static struct dentry *__lookup_hash(struct qstr *name,
struct dentry *dentry; struct dentry *dentry;
int err; int err;
err = exec_permission(inode, MAY_EXEC); err = inode_permission(inode, MAY_EXEC);
if (err) if (err)
return ERR_PTR(err); return ERR_PTR(err);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment