www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Miklos Szeredi <mszeredi@redhat.com>
	Fri, 29 Jul 2016 10:05:23 +0000 (12:05 +0200)
committer	Shan Hai <shan.hai@oracle.com>
	Fri, 4 Aug 2017 05:49:35 +0000 (13:49 +0800)
commit	ff88e6226fae9fa43d87569331c72d409da1d98b
tree	e4e8409ed478e91b040567bd9d076ea040420884	tree
parent	3c797c2accc43b69bbaae8f584183431aec36cd9	commit \| diff

ovl: simplify permission checking

The fact that we always do permission checking on the overlay inode and
clear MAY_WRITE for checking access to the lower inode allows cruft to be
removed from ovl_permission().

1) "default_permissions" option effectively did generic_permission() on the
overlay inode with i_mode, i_uid and i_gid updated from underlying
filesystem. This is what we do by default now. It did the update using
vfs_getattr() but that's only needed if the underlying filesystem can
change (which is not allowed). We may later introduce a "paranoia_mode"
that verifies that mode/uid/gid are not changed.

2) splitting out the IS_RDONLY() check from inode_permission() also becomes
unnecessary once we remove the MAY_WRITE from the lower inode check.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Orabug: 26401569

(backport upstream commit 9c630ebefeeee4363ffd29f2f9b18eddafc6479c)

Signed-off-by: Shan Hai <shan.hai@oracle.com>
Reviewed-by: Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com>

fs/overlayfs/inode.c		diff \| blob \| history
fs/overlayfs/overlayfs.h		diff \| blob \| history
fs/overlayfs/super.c		diff \| blob \| history