if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
return;
+ if (!check_access(mdr, ref, MAY_READ))
+ return;
+
// note which caps are requested, so we return at least a snapshot
// value for them. (currently this matters for xattrs and inline data)
mdr->getattr_caps = mask;
return;
}
+ // check for nothing (not read or write); this still applies the
+ // path check.
+ if (!check_access(mdr, in, 0))
+ return;
+
CDentry *dn = in->get_projected_parent_dn();
CInode *diri = dn ? dn->get_dir()->inode : NULL;
if (dn && (want_parent || want_dentry)) {
rdlocks.insert(&dn->lock);
if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
return;
+
+ // need read access to directory inode
+ if (!check_access(mdr, diri, MAY_READ))
+ return;
}
if (want_parent) {
if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
return;
+ int mask = MAY_READ;
+ if (cmode & CEPH_FILE_MODE_WR)
+ mask |= MAY_WRITE;
+ if (!check_access(mdr, cur, mask))
+ return;
+
if (cur->is_file() || cur->is_dir()) {
if (mdr->snapid == CEPH_NOSNAP) {
// register new cap
if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
return;
+ if (!check_access(mdr, cur, MAY_WRITE))
+ return;
+
// trunc from bigger -> smaller?
inode_t *pi = cur->get_projected_inode();
projects / ceph.git / commitdiff