From 6dbae353c6c0b0f00aceef22171de1b10899182f Mon Sep 17 00:00:00 2001
From: Marc Fiuczynski <mef@cs.princeton.edu>
Date: Thu, 24 Feb 2005 14:05:51 +0000
Subject: [PATCH] PL4425: added explicit support to retain filesharing model
 leveraged by proper.

Did a bit of cleanup in the filesystem specific permission functions, which
did redundant checks for readonly bind mounts.
---
 fs/ext2/acl.c | 25 +++++++++++++++----------
 fs/ext3/acl.c | 25 +++++++++++++++----------
 fs/namei.c    | 44 ++++++++++++++++++++++++++++++++------------
 3 files changed, 62 insertions(+), 32 deletions(-)

diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index c6e8f53d4..9c3e032a3 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -282,19 +282,24 @@ ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
 	return error;
 }
 
-int
-ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int
+ext2_check_acl(struct inode *inode, int mask)
 {
-	int mode = inode->i_mode;
+	struct posix_acl *acl = ext2_get_acl(inode, ACL_TYPE_ACCESS);
 
-#warning MEF Get new BME patch, which I believe pushes these checks higher
-	/* Nobody gets write access to a read-only fs */
-	if ((mask & MAY_WRITE) && (IS_RDONLY(inode) ||
-	    (nd && MNT_IS_RDONLY(nd->mnt))) &&
-	    (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
-		return -EROFS;
+	if (acl) {
+		int error = posix_acl_permission(inode, acl, mask);
+		posix_acl_release(acl);
+		return error;
+	}
 
-	return generic_permission(inode, mask, 0);
+	return -EAGAIN;
+}
+
+int
+ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+	return generic_permission(inode, mask, ext2_check_acl);
 }
 
 /*
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index a85b755a6..0425fc8e7 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -287,19 +287,24 @@ ext3_set_acl(handle_t *handle, struct inode *inode, int type,
 	return error;
 }
 
-int
-ext3_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int
+ext3_check_acl(struct inode *inode, int mask)
 {
-	int mode = inode->i_mode;
+	struct posix_acl *acl = ext3_get_acl(inode, ACL_TYPE_ACCESS);
 
-#warning MEF Need new BME patch for 2.6.10
-	/* Nobody gets write access to a read-only fs */
-	if ((mask & MAY_WRITE) && (IS_RDONLY(inode) ||
-	    (nd && MNT_IS_RDONLY(nd->mnt))) &&
-	    (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
-		return -EROFS;
+	if (acl) {
+		int error = posix_acl_permission(inode, acl, mask);
+		posix_acl_release(acl);
+		return error;
+	}
 
-	return generic_permission(inode, mask, 0);
+	return -EAGAIN;
+}
+
+int
+ext3_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+	return generic_permission(inode, mask, ext3_check_acl);
 }
 
 /*
diff --git a/fs/namei.c b/fs/namei.c
index 6e7463615..8a716a83b 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -172,10 +172,6 @@ int generic_permission(struct inode *inode, int mask,
 {
 	umode_t			mode = inode->i_mode;
 
-	/* Prevent vservers from escaping chroot() barriers */
-	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
-		return -EACCES;
-
 	if (mask & MAY_WRITE) {
 		/*
 		 * Nobody gets write access to a read-only fs.
@@ -232,16 +228,23 @@ int generic_permission(struct inode *inode, int mask,
 	return -EACCES;
 }
 
+#warning MEF: need to make CONFIG_VSERVER_FILESHARING a Kconfig option
+#define CONFIG_VSERVER_FILESHARING 1
+
 static inline int xid_permission(struct inode *inode, int mask, struct nameidata *nd)
 {
-	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN)) {
-		vxwprintk(1, "xid=%d did hit the barrier.",
-			vx_current_xid());
-		return -EACCES;
-	}
 	if (inode->i_xid == 0)
 		return 0;
-	if (vx_check(inode->i_xid, VX_ADMIN|VX_WATCH|VX_IDENT))
+
+#ifdef CONFIG_VSERVER_FILESHARING
+	/* MEF: PlanetLab FS module assumes that any file that can be
+	 * named (e.g., via a cross mount) is not hidden from another
+	 * context or the admin context.
+	 */
+	if (vx_check(inode->i_xid,VX_STATIC|VX_DYNAMIC))
+		return 0;
+#endif
+	if (vx_check(inode->i_xid,VX_ADMIN|VX_WATCH|VX_IDENT))
 		return 0;
 
 	vxwprintk(1, "xid=%d denied access to %p[#%d,%lu] »%s«.",
@@ -256,6 +259,10 @@ int permission(struct inode * inode,int mask, struct nameidata *nd)
 	int submask;
  	umode_t	mode = inode->i_mode;
 
+	/* Prevent vservers from escaping chroot() barriers */
+	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+		return -EACCES;
+
 	/* Ordinary permission routines do not understand MAY_APPEND. */
 	submask = mask & ~MAY_APPEND;
 
@@ -677,14 +684,27 @@ static int do_lookup(struct nameidata *nd, struct qstr *name,
 	inode = dentry->d_inode;
 	if (!inode)
 		goto done;
-	if (!vx_check(inode->i_xid, VX_WATCH|VX_HOSTID|VX_IDENT))
-		goto hidden;
 	if (inode->i_sb->s_magic == PROC_SUPER_MAGIC) {
 		struct proc_dir_entry *de = PDE(inode);
 
 		if (de && !vx_hide_check(0, de->vx_flags))
 			goto hidden;
 	}
+#ifdef CONFIG_VSERVER_FILESHARING
+	/* MEF: PlanetLab FS module assumes that any file that can be
+	 * named (e.g., via a cross mount) is not hidden from another
+	 * context or the admin context.
+	 */
+	if (vx_check(inode->i_xid,VX_STATIC|VX_DYNAMIC|VX_ADMIN)) {
+		/* do nothing */
+	}
+	else /* do the following check */
+#endif
+	if (!vx_check(inode->i_xid, 
+		      VX_WATCH|
+		      VX_HOSTID|
+		      VX_IDENT))
+		goto hidden;
 done:
 	path->mnt = mnt;
 	path->dentry = dentry;
-- 
2.47.0