From Shubham Bhagat <shubhambhagat111@xxxxxxxxx>:
Shubham Bhagat has uploaded this change for review. (
https://review.haiku-os.org/c/haiku/+/3151 ;)
Change subject: xfs: Check Permissions
......................................................................
xfs: Check Permissions
Implemented the xfs_access hook and we now check for permissions where
required.
---
M src/add-ons/kernel/file_systems/xfs/Inode.cpp
M src/add-ons/kernel/file_systems/xfs/Inode.h
M src/add-ons/kernel/file_systems/xfs/kernel_interface.cpp
3 files changed, 25 insertions(+), 8 deletions(-)
git pull ssh://git.haiku-os.org:22/haiku refs/changes/51/3151/1
diff --git a/src/add-ons/kernel/file_systems/xfs/Inode.cpp
b/src/add-ons/kernel/file_systems/xfs/Inode.cpp
index e7b6077..d872052 100644
--- a/src/add-ons/kernel/file_systems/xfs/Inode.cpp
+++ b/src/add-ons/kernel/file_systems/xfs/Inode.cpp
@@ -182,6 +182,18 @@
status_t
+Inode::CheckPermissions(int accessMode) const
+{
+ // you never have write access to a read-only volume
+ if ((accessMode & W_OK) != 0 && fVolume->IsReadOnly())
+ return B_READ_ONLY_DEVICE;
+
+ return check_access_permissions(accessMode, Mode(),
(uint32)fNode->GroupId(),
+ (uint32)fNode->UserId());
+}
+
+
+status_t
Inode::GetFromDisk()
{
xfs_agnumber_t agNo = INO_TO_AGNO(fId, fVolume);
diff --git a/src/add-ons/kernel/file_systems/xfs/Inode.h
b/src/add-ons/kernel/file_systems/xfs/Inode.h
index 62f40ea..6337a5e 100644
--- a/src/add-ons/kernel/file_systems/xfs/Inode.h
+++ b/src/add-ons/kernel/file_systems/xfs/Inode.h
@@ -190,6 +190,7 @@
void GetAccessTime(struct
timespec& timestamp) const
{
fNode->GetAccessTime(timestamp); }
+ status_t CheckPermissions(int
accessMode) const;
uint32 UserId() const { return
fNode->UserId(); }
uint32 GroupId() const {
return fNode->GroupId(); }
bool HasFileTypeField()
const;
diff --git a/src/add-ons/kernel/file_systems/xfs/kernel_interface.cpp
b/src/add-ons/kernel/file_systems/xfs/kernel_interface.cpp
index c7e3fd8..d8c2071 100644
--- a/src/add-ons/kernel/file_systems/xfs/kernel_interface.cpp
+++ b/src/add-ons/kernel/file_systems/xfs/kernel_interface.cpp
@@ -211,14 +211,16 @@
if (!directory->IsDirectory())
return B_NOT_A_DIRECTORY;
- //TODO: pretend everything is accessible. We should actually checking
- //for permission here.
+ status_t status = directory->CheckPermissions(X_OK);
+ if (status < B_OK)
+ return status;
+
DirectoryIterator* iterator =
new(std::nothrow) DirectoryIterator(directory);
if (iterator == NULL)
return B_NO_MEMORY;
- status_t status = iterator->Init();
+ status = iterator->Init();
if (status != B_OK) {
delete iterator;
return status;
@@ -308,9 +310,8 @@
static status_t
xfs_access(fs_volume *_volume, fs_vnode *_node, int accessMode)
{
- //TODO: pretend everything is accessible. We should actually checking
- //for permission here.
- return B_OK;
+ Inode* inode = (Inode*)_node->private_node;
+ return inode->CheckPermissions(accessMode);
}
@@ -350,8 +351,11 @@
static status_t
xfs_open_dir(fs_volume * /*_volume*/, fs_vnode *_node, void **_cookie)
{
- Inode* inode = (Inode*)_node->private_node;
TRACE("XFS_OPEN_DIR: (%ld)\n", inode->ID());
+ Inode* inode = (Inode*)_node->private_node;
+ status_t status = inode->CheckPermissions(R_OK);
+ if (status < B_OK)
+ return status;
if (!inode->IsDirectory())
return B_NOT_A_DIRECTORY;
@@ -361,7 +365,7 @@
delete iterator;
return B_NO_MEMORY;
}
- status_t status = iterator->Init();
+ status = iterator->Init();
*_cookie = iterator;
return status;
}
--
To view, visit https://review.haiku-os.org/c/haiku/+/3151
To unsubscribe, or for help writing mail filters, visit
https://review.haiku-os.org/settings
Gerrit-Project: haiku
Gerrit-Branch: master
Gerrit-Change-Id: Idaa71f300e0a73951d13073b66cb9ff37dbfa3ec
Gerrit-Change-Number: 3151
Gerrit-PatchSet: 1
Gerrit-Owner: Shubham Bhagat <shubhambhagat111@xxxxxxxxx>
Gerrit-MessageType: newchange
