From 817dcf06711f146c87653a617271eb1ca79eb142 Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Wed, 1 Feb 2006 03:06:46 -0800
Subject: [PATCH] --- yaml --- r: 19455 b: refs/heads/master c:
 ec191574b9c3cb7bfb95e4f803b63f7c8dc52690 h: refs/heads/master i:   19453:
 bbe2b2a9c364dad1126c5d1c45604673057eb8ef   19451:
 92d272eec3bad5d88a177347c5014c2a385883dc   19447:
 56f97bdca9c025c878703fb6580c9f26de382fb6   19439:
 e57bd878b00ddbd09601de95956ec57cf551985c   19423:
 ebcb45e1c0d9258ca5901459c7d8d7e3cec29b26   19391:
 ee56e90eb759b06127376c999352706343f7d496   19327:
 c0045610c8f820f73f739975e3b0864827cb5897   19199:
 bca27f50a4c6c5599eccbdda9be4f628e7b1f858   18943:
 11a33311a474987c09b9a616bf2d4afde83d697e   18431:
 6570ea6c0234c0e39c905781264dc1828eed7af4 v: v3

---
 [refs]                    |   2 +-
 trunk/fs/reiserfs/xattr.c | 103 ++++++++++----------------------------
 2 files changed, 27 insertions(+), 78 deletions(-)

diff --git a/[refs] b/[refs]
index b68f36c32580..3f3eb6374a54 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: c87d0c07ea198db1ce451421904edd60b7d385ee
+refs/heads/master: ec191574b9c3cb7bfb95e4f803b63f7c8dc52690
diff --git a/trunk/fs/reiserfs/xattr.c b/trunk/fs/reiserfs/xattr.c
index 2f085845f670..ffb79c48c5bf 100644
--- a/trunk/fs/reiserfs/xattr.c
+++ b/trunk/fs/reiserfs/xattr.c
@@ -1319,95 +1319,44 @@ int reiserfs_xattr_init(struct super_block *s, int mount_flags)
 	return err;
 }
 
-int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int reiserfs_check_acl(struct inode *inode, int mask)
 {
-	umode_t mode = inode->i_mode;
-
-	if (mask & MAY_WRITE) {
-		/*
-		 * Nobody gets write access to a read-only fs.
-		 */
-		if (IS_RDONLY(inode) &&
-		    (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
-			return -EROFS;
-
-		/*
-		 * Nobody gets write access to an immutable file.
-		 */
-		if (IS_IMMUTABLE(inode))
-			return -EACCES;
-	}
-
-	/* We don't do permission checks on the internal objects.
-	 * Permissions are determined by the "owning" object. */
-	if (is_reiserfs_priv_object(inode))
-		return 0;
-
-	if (current->fsuid == inode->i_uid) {
-		mode >>= 6;
-#ifdef CONFIG_REISERFS_FS_POSIX_ACL
-	} else if (reiserfs_posixacl(inode->i_sb) &&
-		   get_inode_sd_version(inode) != STAT_DATA_V1) {
-		struct posix_acl *acl;
-
-		/* ACL can't contain additional permissions if
-		   the ACL_MASK entry is 0 */
-		if (!(mode & S_IRWXG))
-			goto check_groups;
+	struct posix_acl *acl;
+	int error = -EAGAIN; /* do regular unix permission checks by default */
 
-		reiserfs_read_lock_xattr_i(inode);
-		reiserfs_read_lock_xattrs(inode->i_sb);
-
-		acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS);
+	reiserfs_read_lock_xattr_i(inode);
+	reiserfs_read_lock_xattrs(inode->i_sb);
 
-		reiserfs_read_unlock_xattrs(inode->i_sb);
-		reiserfs_read_unlock_xattr_i(inode);
+	acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS);
 
-		if (IS_ERR(acl)) {
-			if (PTR_ERR(acl) == -ENODATA)
-				goto check_groups;
-			return PTR_ERR(acl);
-		}
+	reiserfs_read_unlock_xattrs(inode->i_sb);
+	reiserfs_read_unlock_xattr_i(inode);
 
-		if (acl) {
-			int err = posix_acl_permission(inode, acl, mask);
+	if (acl) {
+		if (!IS_ERR(acl)) {
+			error = posix_acl_permission(inode, acl, mask);
 			posix_acl_release(acl);
-			if (err == -EACCES) {
-				goto check_capabilities;
-			}
-			return err;
-		} else {
-			goto check_groups;
-		}
-#endif
-	} else {
-	      check_groups:
-		if (in_group_p(inode->i_gid))
-			mode >>= 3;
+		} else if (PTR_ERR(acl) != -ENODATA)
+			error = PTR_ERR(acl);
 	}
 
-	/*
-	 * If the DACs are ok we don't need any capability check.
-	 */
-	if (((mode & mask & (MAY_READ | MAY_WRITE | MAY_EXEC)) == mask))
-		return 0;
+	return error;
+}
 
-      check_capabilities:
+int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
 	/*
-	 * Read/write DACs are always overridable.
-	 * Executable DACs are overridable if at least one exec bit is set.
+	 * We don't do permission checks on the internal objects.
+	 * Permissions are determined by the "owning" object.
 	 */
-	if (!(mask & MAY_EXEC) ||
-	    (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode))
-		if (capable(CAP_DAC_OVERRIDE))
-			return 0;
+	if (is_reiserfs_priv_object(inode))
+		return 0;
 
 	/*
-	 * Searching includes executable on directories, else just read.
+	 * Stat data v1 doesn't support ACLs.
 	 */
-	if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE)))
-		if (capable(CAP_DAC_READ_SEARCH))
-			return 0;
-
-	return -EACCES;
+	if (get_inode_sd_version(inode) == STAT_DATA_V1)
+		return generic_permission(inode, mask, NULL);
+	else
+		return generic_permission(inode, mask, reiserfs_check_acl);
 }