David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 1 | /* AFS security handling |
| 2 | * |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 3 | * Copyright (C) 2007, 2017 Red Hat, Inc. All Rights Reserved. |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 4 | * Written by David Howells (dhowells@redhat.com) |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU General Public License |
| 8 | * as published by the Free Software Foundation; either version |
| 9 | * 2 of the License, or (at your option) any later version. |
| 10 | */ |
| 11 | |
| 12 | #include <linux/init.h> |
| 13 | #include <linux/slab.h> |
| 14 | #include <linux/fs.h> |
| 15 | #include <linux/ctype.h> |
Alexey Dobriyan | e8edc6e | 2007-05-21 01:22:52 +0400 | [diff] [blame] | 16 | #include <linux/sched.h> |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 17 | #include <linux/hashtable.h> |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 18 | #include <keys/rxrpc-type.h> |
| 19 | #include "internal.h" |
| 20 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 21 | static DEFINE_HASHTABLE(afs_permits_cache, 10); |
| 22 | static DEFINE_SPINLOCK(afs_permits_lock); |
| 23 | |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 24 | /* |
| 25 | * get a key |
| 26 | */ |
| 27 | struct key *afs_request_key(struct afs_cell *cell) |
| 28 | { |
| 29 | struct key *key; |
| 30 | |
| 31 | _enter("{%x}", key_serial(cell->anonymous_key)); |
| 32 | |
| 33 | _debug("key %s", cell->anonymous_key->description); |
| 34 | key = request_key(&key_type_rxrpc, cell->anonymous_key->description, |
| 35 | NULL); |
| 36 | if (IS_ERR(key)) { |
| 37 | if (PTR_ERR(key) != -ENOKEY) { |
| 38 | _leave(" = %ld", PTR_ERR(key)); |
| 39 | return key; |
| 40 | } |
| 41 | |
| 42 | /* act as anonymous user */ |
| 43 | _leave(" = {%x} [anon]", key_serial(cell->anonymous_key)); |
| 44 | return key_get(cell->anonymous_key); |
| 45 | } else { |
| 46 | /* act as authorised user */ |
| 47 | _leave(" = {%x} [auth]", key_serial(key)); |
| 48 | return key; |
| 49 | } |
| 50 | } |
| 51 | |
| 52 | /* |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 53 | * Dispose of a list of permits. |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 54 | */ |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 55 | static void afs_permits_rcu(struct rcu_head *rcu) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 56 | { |
| 57 | struct afs_permits *permits = |
| 58 | container_of(rcu, struct afs_permits, rcu); |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 59 | int i; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 60 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 61 | for (i = 0; i < permits->nr_permits; i++) |
| 62 | key_put(permits->permits[i].key); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 63 | kfree(permits); |
| 64 | } |
| 65 | |
| 66 | /* |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 67 | * Discard a permission cache. |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 68 | */ |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 69 | void afs_put_permits(struct afs_permits *permits) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 70 | { |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 71 | if (permits && refcount_dec_and_test(&permits->usage)) { |
| 72 | spin_lock(&afs_permits_lock); |
| 73 | hash_del_rcu(&permits->hash_node); |
| 74 | spin_unlock(&afs_permits_lock); |
| 75 | call_rcu(&permits->rcu, afs_permits_rcu); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 76 | } |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 77 | } |
| 78 | |
| 79 | /* |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 80 | * Clear a permit cache on callback break. |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 81 | */ |
| 82 | void afs_clear_permits(struct afs_vnode *vnode) |
| 83 | { |
| 84 | struct afs_permits *permits; |
| 85 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 86 | spin_lock(&vnode->lock); |
| 87 | permits = rcu_dereference_protected(vnode->permit_cache, |
| 88 | lockdep_is_held(&vnode->lock)); |
| 89 | RCU_INIT_POINTER(vnode->permit_cache, NULL); |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 90 | spin_unlock(&vnode->lock); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 91 | |
David Howells | fd71158 | 2019-05-10 23:14:41 +0100 | [diff] [blame] | 92 | afs_put_permits(permits); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 93 | } |
| 94 | |
| 95 | /* |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 96 | * Hash a list of permits. Use simple addition to make it easy to add an extra |
| 97 | * one at an as-yet indeterminate position in the list. |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 98 | */ |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 99 | static void afs_hash_permits(struct afs_permits *permits) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 100 | { |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 101 | unsigned long h = permits->nr_permits; |
| 102 | int i; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 103 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 104 | for (i = 0; i < permits->nr_permits; i++) { |
| 105 | h += (unsigned long)permits->permits[i].key / sizeof(void *); |
| 106 | h += permits->permits[i].access; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 107 | } |
| 108 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 109 | permits->h = h; |
| 110 | } |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 111 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 112 | /* |
| 113 | * Cache the CallerAccess result obtained from doing a fileserver operation |
| 114 | * that returned a vnode status for a particular key. If a callback break |
| 115 | * occurs whilst the operation was in progress then we have to ditch the cache |
| 116 | * as the ACL *may* have changed. |
| 117 | */ |
| 118 | void afs_cache_permit(struct afs_vnode *vnode, struct key *key, |
David Howells | a58823a | 2019-05-09 15:16:10 +0100 | [diff] [blame^] | 119 | unsigned int cb_break, struct afs_status_cb *scb) |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 120 | { |
David Howells | 1bcab12 | 2017-12-01 11:40:43 +0000 | [diff] [blame] | 121 | struct afs_permits *permits, *xpermits, *replacement, *zap, *new = NULL; |
David Howells | a58823a | 2019-05-09 15:16:10 +0100 | [diff] [blame^] | 122 | afs_access_t caller_access = scb->status.caller_access; |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 123 | size_t size = 0; |
| 124 | bool changed = false; |
| 125 | int i, j; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 126 | |
David Howells | 3b6492d | 2018-10-20 00:57:57 +0100 | [diff] [blame] | 127 | _enter("{%llx:%llu},%x,%x", |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 128 | vnode->fid.vid, vnode->fid.vnode, key_serial(key), caller_access); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 129 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 130 | rcu_read_lock(); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 131 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 132 | /* Check for the common case first: We got back the same access as last |
| 133 | * time we tried and already have it recorded. |
| 134 | */ |
| 135 | permits = rcu_dereference(vnode->permit_cache); |
| 136 | if (permits) { |
| 137 | if (!permits->invalidated) { |
| 138 | for (i = 0; i < permits->nr_permits; i++) { |
| 139 | if (permits->permits[i].key < key) |
| 140 | continue; |
| 141 | if (permits->permits[i].key > key) |
| 142 | break; |
| 143 | if (permits->permits[i].access != caller_access) { |
| 144 | changed = true; |
| 145 | break; |
| 146 | } |
| 147 | |
David Howells | 18ac618 | 2018-10-20 00:57:59 +0100 | [diff] [blame] | 148 | if (afs_cb_is_broken(cb_break, vnode, |
| 149 | vnode->cb_interest)) { |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 150 | changed = true; |
| 151 | break; |
| 152 | } |
| 153 | |
| 154 | /* The cache is still good. */ |
| 155 | rcu_read_unlock(); |
| 156 | return; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 157 | } |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 158 | } |
| 159 | |
| 160 | changed |= permits->invalidated; |
| 161 | size = permits->nr_permits; |
| 162 | |
| 163 | /* If this set of permits is now wrong, clear the permits |
| 164 | * pointer so that no one tries to use the stale information. |
| 165 | */ |
| 166 | if (changed) { |
| 167 | spin_lock(&vnode->lock); |
| 168 | if (permits != rcu_access_pointer(vnode->permit_cache)) |
| 169 | goto someone_else_changed_it_unlock; |
| 170 | RCU_INIT_POINTER(vnode->permit_cache, NULL); |
| 171 | spin_unlock(&vnode->lock); |
| 172 | |
| 173 | afs_put_permits(permits); |
| 174 | permits = NULL; |
| 175 | size = 0; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 176 | } |
| 177 | } |
| 178 | |
David Howells | 18ac618 | 2018-10-20 00:57:59 +0100 | [diff] [blame] | 179 | if (afs_cb_is_broken(cb_break, vnode, vnode->cb_interest)) |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 180 | goto someone_else_changed_it; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 181 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 182 | /* We need a ref on any permits list we want to copy as we'll have to |
| 183 | * drop the lock to do memory allocation. |
| 184 | */ |
David Howells | fe342cf | 2018-04-09 21:12:31 +0100 | [diff] [blame] | 185 | if (permits && !refcount_inc_not_zero(&permits->usage)) |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 186 | goto someone_else_changed_it; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 187 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 188 | rcu_read_unlock(); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 189 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 190 | /* Speculatively create a new list with the revised permission set. We |
| 191 | * discard this if we find an extant match already in the hash, but |
| 192 | * it's easier to compare with memcmp this way. |
| 193 | * |
| 194 | * We fill in the key pointers at this time, but we don't get the refs |
| 195 | * yet. |
| 196 | */ |
| 197 | size++; |
| 198 | new = kzalloc(sizeof(struct afs_permits) + |
| 199 | sizeof(struct afs_permit) * size, GFP_NOFS); |
| 200 | if (!new) |
David Howells | 1bcab12 | 2017-12-01 11:40:43 +0000 | [diff] [blame] | 201 | goto out_put; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 202 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 203 | refcount_set(&new->usage, 1); |
| 204 | new->nr_permits = size; |
| 205 | i = j = 0; |
| 206 | if (permits) { |
| 207 | for (i = 0; i < permits->nr_permits; i++) { |
| 208 | if (j == i && permits->permits[i].key > key) { |
| 209 | new->permits[j].key = key; |
| 210 | new->permits[j].access = caller_access; |
| 211 | j++; |
| 212 | } |
| 213 | new->permits[j].key = permits->permits[i].key; |
| 214 | new->permits[j].access = permits->permits[i].access; |
| 215 | j++; |
| 216 | } |
| 217 | } |
| 218 | |
| 219 | if (j == i) { |
| 220 | new->permits[j].key = key; |
| 221 | new->permits[j].access = caller_access; |
| 222 | } |
| 223 | |
| 224 | afs_hash_permits(new); |
| 225 | |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 226 | /* Now see if the permit list we want is actually already available */ |
| 227 | spin_lock(&afs_permits_lock); |
| 228 | |
| 229 | hash_for_each_possible(afs_permits_cache, xpermits, hash_node, new->h) { |
| 230 | if (xpermits->h != new->h || |
| 231 | xpermits->invalidated || |
| 232 | xpermits->nr_permits != new->nr_permits || |
| 233 | memcmp(xpermits->permits, new->permits, |
| 234 | new->nr_permits * sizeof(struct afs_permit)) != 0) |
| 235 | continue; |
| 236 | |
| 237 | if (refcount_inc_not_zero(&xpermits->usage)) { |
| 238 | replacement = xpermits; |
| 239 | goto found; |
| 240 | } |
| 241 | |
| 242 | break; |
| 243 | } |
| 244 | |
| 245 | for (i = 0; i < new->nr_permits; i++) |
| 246 | key_get(new->permits[i].key); |
| 247 | hash_add_rcu(afs_permits_cache, &new->hash_node, new->h); |
| 248 | replacement = new; |
| 249 | new = NULL; |
| 250 | |
| 251 | found: |
| 252 | spin_unlock(&afs_permits_lock); |
| 253 | |
| 254 | kfree(new); |
| 255 | |
| 256 | spin_lock(&vnode->lock); |
David Howells | 1bcab12 | 2017-12-01 11:40:43 +0000 | [diff] [blame] | 257 | zap = rcu_access_pointer(vnode->permit_cache); |
David Howells | 18ac618 | 2018-10-20 00:57:59 +0100 | [diff] [blame] | 258 | if (!afs_cb_is_broken(cb_break, vnode, vnode->cb_interest) && |
David Howells | 1bcab12 | 2017-12-01 11:40:43 +0000 | [diff] [blame] | 259 | zap == permits) |
| 260 | rcu_assign_pointer(vnode->permit_cache, replacement); |
| 261 | else |
| 262 | zap = replacement; |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 263 | spin_unlock(&vnode->lock); |
David Howells | 1bcab12 | 2017-12-01 11:40:43 +0000 | [diff] [blame] | 264 | afs_put_permits(zap); |
| 265 | out_put: |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 266 | afs_put_permits(permits); |
| 267 | return; |
| 268 | |
| 269 | someone_else_changed_it_unlock: |
| 270 | spin_unlock(&vnode->lock); |
| 271 | someone_else_changed_it: |
| 272 | /* Someone else changed the cache under us - don't recheck at this |
| 273 | * time. |
| 274 | */ |
David Howells | fe342cf | 2018-04-09 21:12:31 +0100 | [diff] [blame] | 275 | rcu_read_unlock(); |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 276 | return; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 277 | } |
| 278 | |
| 279 | /* |
| 280 | * check with the fileserver to see if the directory or parent directory is |
| 281 | * permitted to be accessed with this authorisation, and if so, what access it |
| 282 | * is granted |
| 283 | */ |
David Howells | 0fafdc9 | 2017-11-13 16:59:50 +0000 | [diff] [blame] | 284 | int afs_check_permit(struct afs_vnode *vnode, struct key *key, |
| 285 | afs_access_t *_access) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 286 | { |
| 287 | struct afs_permits *permits; |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 288 | bool valid = false; |
| 289 | int i, ret; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 290 | |
David Howells | 3b6492d | 2018-10-20 00:57:57 +0100 | [diff] [blame] | 291 | _enter("{%llx:%llu},%x", |
David Howells | 416351f | 2007-05-09 02:33:45 -0700 | [diff] [blame] | 292 | vnode->fid.vid, vnode->fid.vnode, key_serial(key)); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 293 | |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 294 | /* check the permits to see if we've got one yet */ |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 295 | if (key == vnode->volume->cell->anonymous_key) { |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 296 | _debug("anon"); |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 297 | *_access = vnode->status.anon_access; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 298 | valid = true; |
| 299 | } else { |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 300 | rcu_read_lock(); |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 301 | permits = rcu_dereference(vnode->permit_cache); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 302 | if (permits) { |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 303 | for (i = 0; i < permits->nr_permits; i++) { |
| 304 | if (permits->permits[i].key < key) |
| 305 | continue; |
| 306 | if (permits->permits[i].key > key) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 307 | break; |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 308 | |
| 309 | *_access = permits->permits[i].access; |
| 310 | valid = !permits->invalidated; |
| 311 | break; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 312 | } |
| 313 | } |
| 314 | rcu_read_unlock(); |
| 315 | } |
| 316 | |
| 317 | if (!valid) { |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 318 | /* Check the status on the file we're actually interested in |
| 319 | * (the post-processing will cache the result). |
| 320 | */ |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 321 | _debug("no valid permit"); |
| 322 | |
David Howells | a58823a | 2019-05-09 15:16:10 +0100 | [diff] [blame^] | 323 | ret = afs_fetch_status(vnode, key, false, _access); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 324 | if (ret < 0) { |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 325 | *_access = 0; |
| 326 | _leave(" = %d", ret); |
| 327 | return ret; |
| 328 | } |
| 329 | } |
| 330 | |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 331 | _leave(" = 0 [access %x]", *_access); |
| 332 | return 0; |
| 333 | } |
| 334 | |
| 335 | /* |
| 336 | * check the permissions on an AFS file |
| 337 | * - AFS ACLs are attached to directories only, and a file is controlled by its |
| 338 | * parent directory's ACL |
| 339 | */ |
Al Viro | 10556cb2 | 2011-06-20 19:28:19 -0400 | [diff] [blame] | 340 | int afs_permission(struct inode *inode, int mask) |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 341 | { |
| 342 | struct afs_vnode *vnode = AFS_FS_I(inode); |
Andrew Morton | 6975945 | 2008-02-08 04:20:53 -0800 | [diff] [blame] | 343 | afs_access_t uninitialized_var(access); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 344 | struct key *key; |
| 345 | int ret; |
| 346 | |
Al Viro | 10556cb2 | 2011-06-20 19:28:19 -0400 | [diff] [blame] | 347 | if (mask & MAY_NOT_BLOCK) |
Nick Piggin | b74c79e | 2011-01-07 17:49:58 +1100 | [diff] [blame] | 348 | return -ECHILD; |
| 349 | |
David Howells | 3b6492d | 2018-10-20 00:57:57 +0100 | [diff] [blame] | 350 | _enter("{{%llx:%llu},%lx},%x,", |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 351 | vnode->fid.vid, vnode->fid.vnode, vnode->flags, mask); |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 352 | |
| 353 | key = afs_request_key(vnode->volume->cell); |
| 354 | if (IS_ERR(key)) { |
| 355 | _leave(" = %ld [key]", PTR_ERR(key)); |
| 356 | return PTR_ERR(key); |
| 357 | } |
| 358 | |
David Howells | c435ee3 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 359 | ret = afs_validate(vnode, key); |
| 360 | if (ret < 0) |
| 361 | goto error; |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 362 | |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 363 | /* check the permits to see if we've got one yet */ |
| 364 | ret = afs_check_permit(vnode, key, &access); |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 365 | if (ret < 0) |
| 366 | goto error; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 367 | |
| 368 | /* interpret the access mask */ |
| 369 | _debug("REQ %x ACC %x on %s", |
| 370 | mask, access, S_ISDIR(inode->i_mode) ? "dir" : "file"); |
| 371 | |
| 372 | if (S_ISDIR(inode->i_mode)) { |
David Howells | 378831e | 2018-05-16 21:25:46 +0100 | [diff] [blame] | 373 | if (mask & (MAY_EXEC | MAY_READ | MAY_CHDIR)) { |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 374 | if (!(access & AFS_ACE_LOOKUP)) |
| 375 | goto permission_denied; |
David Howells | 378831e | 2018-05-16 21:25:46 +0100 | [diff] [blame] | 376 | } |
| 377 | if (mask & MAY_WRITE) { |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 378 | if (!(access & (AFS_ACE_DELETE | /* rmdir, unlink, rename from */ |
Marc Dionne | fd24982 | 2017-07-06 15:50:18 +0100 | [diff] [blame] | 379 | AFS_ACE_INSERT))) /* create, mkdir, symlink, rename to */ |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 380 | goto permission_denied; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 381 | } |
| 382 | } else { |
| 383 | if (!(access & AFS_ACE_LOOKUP)) |
| 384 | goto permission_denied; |
Marc Dionne | 627f469 | 2017-03-16 16:27:44 +0000 | [diff] [blame] | 385 | if ((mask & MAY_EXEC) && !(inode->i_mode & S_IXUSR)) |
| 386 | goto permission_denied; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 387 | if (mask & (MAY_EXEC | MAY_READ)) { |
| 388 | if (!(access & AFS_ACE_READ)) |
| 389 | goto permission_denied; |
Marc Dionne | 627f469 | 2017-03-16 16:27:44 +0000 | [diff] [blame] | 390 | if (!(inode->i_mode & S_IRUSR)) |
| 391 | goto permission_denied; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 392 | } else if (mask & MAY_WRITE) { |
| 393 | if (!(access & AFS_ACE_WRITE)) |
| 394 | goto permission_denied; |
Marc Dionne | 627f469 | 2017-03-16 16:27:44 +0000 | [diff] [blame] | 395 | if (!(inode->i_mode & S_IWUSR)) |
| 396 | goto permission_denied; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 397 | } |
| 398 | } |
| 399 | |
| 400 | key_put(key); |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 401 | _leave(" = %d", ret); |
| 402 | return ret; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 403 | |
| 404 | permission_denied: |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 405 | ret = -EACCES; |
| 406 | error: |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 407 | key_put(key); |
David Howells | 260a980 | 2007-04-26 15:59:35 -0700 | [diff] [blame] | 408 | _leave(" = %d", ret); |
| 409 | return ret; |
David Howells | 00d3b7a | 2007-04-26 15:57:07 -0700 | [diff] [blame] | 410 | } |
David Howells | be080a6 | 2017-11-02 15:27:49 +0000 | [diff] [blame] | 411 | |
| 412 | void __exit afs_clean_up_permit_cache(void) |
| 413 | { |
| 414 | int i; |
| 415 | |
| 416 | for (i = 0; i < HASH_SIZE(afs_permits_cache); i++) |
| 417 | WARN_ON_ONCE(!hlist_empty(&afs_permits_cache[i])); |
| 418 | |
| 419 | } |