Re: access(2) using effective uid instead of real one?
2009/8/11 Matthew Dillon <dillon@apollo.backplane.com>:
> :It is admittedly easier and more explicit to do it as Alex and you sugge=
st.
> :
> :To implement faccessat, which can check either real of effective ids
> :based on a flag argument, do you prefer:
> :
> :1/ Pass this "effective vs real" flag to VOP_ACCESS (either in a_mode
> :or as a new arg).
> :
> :2/ Adding a new VOP_FACCESSAT operation.
> :
> :The more general question is: can we break the VOP API (assuming we
> :change all in-tree clients)?
> :
> :Cheers,
> :Nicolas
>
> =A0 =A0Definitely (1). =A0I'd say just pass the new flags straight throug=
h
> =A0 =A0as a new argument to the base vop_access structure, but change the
> =A0 =A0VOP_ACCESS macro in sys/vfsops.h:
>
> #define VOP_ACCESS(vp, mode, cred) =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0\
> =A0 =A0 =A0 =A0vop_access(*(vp)->v_ops, vp, mode, 0, cred)
> #define VOP_ACCESS_FLAGS(vp, mode, flags, cred) =A0 =A0 =A0 =A0 \
> =A0 =A0 =A0 =A0vop_access(*(vp)->v_ops, vp, mode, flags, cred)
>
> =A0 =A0 Add a new flags element to struct vop_access_args and pass and
> =A0 =A0 initialize the new element in the vop_access() function in
> =A0 =A0 vfs_vopops.c
Thanks Matt and Simon for the feedback.
I'll try first to refactor the various access implementations to call
vop_helper_access() if possible.
討論串 (同標題文章)
完整討論串 (本文為第 9 之 9 篇):