From: Herbert Poetzl <herbert@13thfloor.at>
Support readonly mount --bind.
fs/ext2/ioctl.c | 5 ++--
fs/ext3/ioctl.c | 5 ++--
fs/namei.c | 54 ++++++++++++++++++++++++++++++++++++++++++--------
fs/namespace.c | 12 ++++++++---
fs/open.c | 25 ++++++++++++-----------
fs/reiserfs/ioctl.c | 5 ++--
include/linux/mount.h | 9 +++++---
7 files changed, 83 insertions(+), 32 deletions(-)
diff -puN fs/ext2/ioctl.c~readonly-bind-mounts fs/ext2/ioctl.c
--- 25/fs/ext2/ioctl.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/ext2/ioctl.c 2003-10-02 01:43:39.000000000 -0700
@@ -10,6 +10,7 @@
#include "ext2.h"
#include <linux/time.h>
#include <linux/sched.h>
+#include <linux/mount.h>
#include <asm/current.h>
#include <asm/uaccess.h>
@@ -29,7 +30,7 @@ int ext2_ioctl (struct inode * inode, st
case EXT2_IOC_SETFLAGS: {
unsigned int oldflags;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
@@ -68,7 +69,7 @@ int ext2_ioctl (struct inode * inode, st
case EXT2_IOC_SETVERSION:
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
return -EPERM;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if (get_user(inode->i_generation, (int *) arg))
return -EFAULT;
diff -puN fs/ext3/ioctl.c~readonly-bind-mounts fs/ext3/ioctl.c
--- 25/fs/ext3/ioctl.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/ext3/ioctl.c 2003-10-02 01:43:39.000000000 -0700
@@ -12,6 +12,7 @@
#include <linux/ext3_fs.h>
#include <linux/ext3_jbd.h>
#include <linux/time.h>
+#include <linux/mount.h>
#include <asm/uaccess.h>
@@ -34,7 +35,7 @@ int ext3_ioctl (struct inode * inode, st
unsigned int oldflags;
unsigned int jflag;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
@@ -110,7 +111,7 @@ flags_err:
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
return -EPERM;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if (get_user(generation, (int *) arg))
return -EFAULT;
diff -puN fs/namei.c~readonly-bind-mounts fs/namei.c
--- 25/fs/namei.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/namei.c 2003-10-02 01:43:39.000000000 -0700
@@ -208,10 +208,14 @@ int permission(struct inode * inode,int
{
int retval;
int submask;
+ umode_t mode = inode->i_mode;
/* Ordinary permission routines do not understand MAY_APPEND. */
submask = mask & ~MAY_APPEND;
+ if (nd && (mask & MAY_WRITE) && MNT_IS_RDONLY(nd->mnt) &&
+ (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
+ return -EROFS;
if (inode->i_op && inode->i_op->permission)
retval = inode->i_op->permission(inode, submask, nd);
else
@@ -1055,6 +1059,24 @@ static inline int may_create(struct inod
return permission(dir,MAY_WRITE | MAY_EXEC, nd);
}
+static inline int mnt_may_create(struct vfsmount *mnt, struct inode *dir, struct dentry *child) {
+ if (child->d_inode)
+ return -EEXIST;
+ if (IS_DEADDIR(dir))
+ return -ENOENT;
+ if (mnt->mnt_flags & MNT_RDONLY)
+ return -EROFS;
+ return 0;
+}
+
+static inline int mnt_may_unlink(struct vfsmount *mnt, struct inode *dir, struct dentry *child) {
+ if (!child->d_inode)
+ return -ENOENT;
+ if (mnt->mnt_flags & MNT_RDONLY)
+ return -EROFS;
+ return 0;
+}
+
/*
* Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security
* reasons.
@@ -1176,7 +1198,8 @@ int may_open(struct nameidata *nd, int a
return -EACCES;
flag &= ~O_TRUNC;
- } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
+ } else if ((IS_RDONLY(inode) || MNT_IS_RDONLY(nd->mnt)) &&
+ (flag & FMODE_WRITE))
return -EROFS;
/*
* An append-only file must be opened in append mode for writing.
@@ -1402,23 +1425,28 @@ do_link:
struct dentry *lookup_create(struct nameidata *nd, int is_dir)
{
struct dentry *dentry;
+ int error;
down(&nd->dentry->d_inode->i_sem);
- dentry = ERR_PTR(-EEXIST);
+ error = -EEXIST;
if (nd->last_type != LAST_NORM)
- goto fail;
+ goto out;
nd->flags &= ~LOOKUP_PARENT;
dentry = lookup_hash(&nd->last, nd->dentry);
if (IS_ERR(dentry))
+ goto ret;
+ error = mnt_may_create(nd->mnt, nd->dentry->d_inode, dentry);
+ if (error)
goto fail;
+ error = -ENOENT;
if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode)
- goto enoent;
+ goto fail;
+ret:
return dentry;
-enoent:
- dput(dentry);
- dentry = ERR_PTR(-ENOENT);
fail:
- return dentry;
+ dput(dentry);
+out:
+ return ERR_PTR(error);
}
int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
@@ -1647,7 +1675,11 @@ asmlinkage long sys_rmdir(const char __u
dentry = lookup_hash(&nd.last, nd.dentry);
error = PTR_ERR(dentry);
if (!IS_ERR(dentry)) {
+ error = mnt_may_unlink(nd.mnt, nd.dentry->d_inode, dentry);
+ if (error)
+ goto exit2;
error = vfs_rmdir(nd.dentry->d_inode, dentry);
+ exit2:
dput(dentry);
}
up(&nd.dentry->d_inode->i_sem);
@@ -1719,6 +1751,9 @@ asmlinkage long sys_unlink(const char __
/* Why not before? Because we want correct error value */
if (nd.last.name[nd.last.len])
goto slashes;
+ error = mnt_may_unlink(nd.mnt, nd.dentry->d_inode, dentry);
+ if (error)
+ goto exit2;
inode = dentry->d_inode;
if (inode)
atomic_inc(&inode->i_count);
@@ -2083,6 +2118,9 @@ static inline int do_rename(const char *
error = -EINVAL;
if (old_dentry == trap)
goto exit4;
+ error = -EROFS;
+ if (MNT_IS_RDONLY(newnd.mnt))
+ goto exit4;
new_dentry = lookup_hash(&newnd.last, new_dir);
error = PTR_ERR(new_dentry);
if (IS_ERR(new_dentry))
diff -puN fs/namespace.c~readonly-bind-mounts fs/namespace.c
--- 25/fs/namespace.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/namespace.c 2003-10-02 01:43:39.000000000 -0700
@@ -225,7 +225,8 @@ static int show_vfsmnt(struct seq_file *
seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
seq_putc(m, ' ');
mangle(m, mnt->mnt_sb->s_type->name);
- seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
+ seq_puts(m, (MNT_IS_RDONLY(mnt) ||
+ (mnt->mnt_sb->s_flags & MS_RDONLY)) ? " ro" : " rw");
for (fs_infop = fs_info; fs_infop->flag; fs_infop++) {
if (mnt->mnt_sb->s_flags & fs_infop->flag)
seq_puts(m, fs_infop->str);
@@ -516,11 +517,13 @@ out_unlock:
/*
* do loopback mount.
*/
-static int do_loopback(struct nameidata *nd, char *old_name, int recurse)
+static int do_loopback(struct nameidata *nd, char *old_name, unsigned long flags, int mnt_flags)
{
struct nameidata old_nd;
struct vfsmount *mnt = NULL;
+ int recurse = flags & MS_REC;
int err = mount_is_safe(nd);
+
if (err)
return err;
if (!old_name || !*old_name)
@@ -547,6 +550,7 @@ static int do_loopback(struct nameidata
spin_unlock(&vfsmount_lock);
} else
mntput(mnt);
+ mnt->mnt_flags = mnt_flags;
}
up_write(¤t->namespace->sem);
@@ -750,6 +754,8 @@ long do_mount(char * dev_name, char * di
return -EINVAL;
/* Separate the per-mountpoint flags */
+ if (flags & MS_RDONLY)
+ mnt_flags |= MNT_RDONLY;
if (flags & MS_NOSUID)
mnt_flags |= MNT_NOSUID;
if (flags & MS_NODEV)
@@ -771,7 +777,7 @@ long do_mount(char * dev_name, char * di
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
data_page);
else if (flags & MS_BIND)
- retval = do_loopback(&nd, dev_name, flags & MS_REC);
+ retval = do_loopback(&nd, dev_name, flags, mnt_flags);
else if (flags & MS_MOVE)
retval = do_move_mount(&nd, dev_name);
else
diff -puN fs/open.c~readonly-bind-mounts fs/open.c
--- 25/fs/open.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/open.c 2003-10-02 01:43:39.000000000 -0700
@@ -224,7 +224,7 @@ static inline long do_sys_truncate(const
goto dput_and_out;
error = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
goto dput_and_out;
error = -EPERM;
@@ -348,7 +348,7 @@ asmlinkage long sys_utime(char __user *
inode = nd.dentry->d_inode;
error = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
goto dput_and_out;
error = -EPERM;
@@ -401,7 +401,7 @@ long do_utimes(char __user * filename, s
inode = nd.dentry->d_inode;
error = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
goto dput_and_out;
error = -EPERM;
@@ -478,8 +478,9 @@ asmlinkage long sys_access(const char __
if (!res) {
res = permission(nd.dentry->d_inode, mode, &nd);
/* SuS v2 requires we report a read only fs too */
- if(!res && (mode & S_IWOTH) && IS_RDONLY(nd.dentry->d_inode)
- && !special_file(nd.dentry->d_inode->i_mode))
+ if (!res && (mode & S_IWOTH)
+ && !special_file(nd.dentry->d_inode->i_mode)
+ && (IS_RDONLY(nd.dentry->d_inode) || MNT_IS_RDONLY(nd.mnt)))
res = -EROFS;
path_release(&nd);
}
@@ -584,7 +585,7 @@ asmlinkage long sys_fchmod(unsigned int
inode = dentry->d_inode;
err = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(file->f_vfsmnt))
goto out_putf;
err = -EPERM;
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
@@ -616,7 +617,7 @@ asmlinkage long sys_chmod(const char __u
inode = nd.dentry->d_inode;
error = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
goto dput_and_out;
error = -EPERM;
@@ -637,7 +638,7 @@ out:
return error;
}
-static int chown_common(struct dentry * dentry, uid_t user, gid_t group)
+static int chown_common(struct vfsmount *mnt, struct dentry * dentry, uid_t user, gid_t group)
{
struct inode * inode;
int error;
@@ -649,7 +650,7 @@ static int chown_common(struct dentry *
goto out;
}
error = -EROFS;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt))
goto out;
error = -EPERM;
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
@@ -679,7 +680,7 @@ asmlinkage long sys_chown(const char __u
error = user_path_walk(filename, &nd);
if (!error) {
- error = chown_common(nd.dentry, user, group);
+ error = chown_common(nd.mnt, nd.dentry, user, group);
path_release(&nd);
}
return error;
@@ -692,7 +693,7 @@ asmlinkage long sys_lchown(const char __
error = user_path_walk_link(filename, &nd);
if (!error) {
- error = chown_common(nd.dentry, user, group);
+ error = chown_common(nd.mnt, nd.dentry, user, group);
path_release(&nd);
}
return error;
@@ -706,7 +707,7 @@ asmlinkage long sys_fchown(unsigned int
file = fget(fd);
if (file) {
- error = chown_common(file->f_dentry, user, group);
+ error = chown_common(file->f_vfsmnt, file->f_dentry, user, group);
fput(file);
}
return error;
diff -puN fs/reiserfs/ioctl.c~readonly-bind-mounts fs/reiserfs/ioctl.c
--- 25/fs/reiserfs/ioctl.c~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/fs/reiserfs/ioctl.c 2003-10-02 01:43:39.000000000 -0700
@@ -5,6 +5,7 @@
#include <linux/fs.h>
#include <linux/reiserfs_fs.h>
#include <linux/time.h>
+#include <linux/mount.h>
#include <asm/uaccess.h>
#include <linux/pagemap.h>
#include <linux/smp_lock.h>
@@ -38,7 +39,7 @@ int reiserfs_ioctl (struct inode * inode
i_attrs_to_sd_attrs( inode, ( __u16 * ) &flags );
return put_user(flags, (int *) arg);
case REISERFS_IOC_SETFLAGS: {
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
@@ -70,7 +71,7 @@ int reiserfs_ioctl (struct inode * inode
case REISERFS_IOC_SETVERSION:
if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
return -EPERM;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || MNT_IS_RDONLY(filp->f_vfsmnt))
return -EROFS;
if (get_user(inode->i_generation, (int *) arg))
return -EFAULT;
diff -puN include/linux/mount.h~readonly-bind-mounts include/linux/mount.h
--- 25/include/linux/mount.h~readonly-bind-mounts 2003-10-02 01:43:39.000000000 -0700
+++ 25-akpm/include/linux/mount.h 2003-10-02 01:43:39.000000000 -0700
@@ -14,9 +14,10 @@
#include <linux/list.h>
-#define MNT_NOSUID 1
-#define MNT_NODEV 2
-#define MNT_NOEXEC 4
+#define MNT_RDONLY 1
+#define MNT_NOSUID 2
+#define MNT_NODEV 4
+#define MNT_NOEXEC 8
struct vfsmount
{
@@ -33,6 +34,8 @@ struct vfsmount
struct list_head mnt_list;
};
+#define MNT_IS_RDONLY(m) ((m)->mnt_flags & MNT_RDONLY)
+
static inline struct vfsmount *mntget(struct vfsmount *mnt)
{
if (mnt)
_