fs/ext2/acl.c

   1 /*
   2  * linux/fs/ext2/acl.c
   3  *
   4  * Copyright (C) 1993, 1994, 1995
   5  * Remy Card (card@masi.ibp.fr)
   6  * Laboratoire MASI - Institut Blaise Pascal
   7  * Universite Pierre et Marie Curie (Paris VI)
   8  */
   9
  10 /*
  11  * This file will contain the Access Control Lists management for the
  12  * second extended file system.
  13  */
  14
  15 #include <linux/errno.h>
  16 #include <linux/fs.h>
  17 #include <linux/ext2_fs.h>
  18 #include <linux/sched.h>
  19 #include <linux/stat.h>
  20
  21 /*
  22  * ext2_permission ()
  23  *
  24  * Check for access rights
  25  */
  26 int ext2_permission (struct inode * inode, int mask)
  27 {
  28         unsigned short mode = inode->i_mode;
  29
  30         /*
  31          * Nobody gets write access to a file on a readonly-fs
  32          */
  33         if ((mask & S_IWOTH) &&
  34             (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)) &&
  35             IS_RDONLY(inode))
  36                 return -EROFS;
  37         /*
  38          * Nobody gets write access to an immutable file
  39          */
  40         if ((mask & S_IWOTH) && IS_IMMUTABLE(inode))
  41                 return -EACCES;
  42
  43         /*
  44          * If no ACL, checks using the file mode
  45          */
  46         else if (current->fsuid == inode->i_uid)
  47                 mode >>= 6;
  48         else if (in_group_p (inode->i_gid))
  49                 mode >>= 3;
  50         /*
  51          * Access is always granted for root. We now check last,
  52          * though, for BSD process accounting correctness
  53          */
  54         if (((mode & mask & S_IRWXO) == mask) || capable(CAP_DAC_OVERRIDE))
  55                 return 0;
  56         if ((mask == S_IROTH) ||
  57             (S_ISDIR(mode)  && !(mask & ~(S_IROTH | S_IXOTH))))
  58                 if (capable(CAP_DAC_READ_SEARCH))
  59                         return 0;
  60         return -EACCES;
  61 }