2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
25 int cm_deleteReadOnly = 0;
26 int cm_accessPerFileCheck = 0;
28 /* called with scp write-locked, check to see if we have the ACL info we need
29 * and can get it w/o blocking for any locks.
31 * Never drops the scp lock, but may fail if the access control info comes from
32 * the parent directory, and the parent's scache entry can't be found, or it
33 * can't be locked. Thus, this must always be called in a while loop to stabilize
34 * things, since we can always lose the race condition getting to the parent vnode.
36 int cm_HaveAccessRights(struct cm_scache *scp, struct cm_user *userp, cm_req_t *reqp,
38 afs_uint32 *outRightsp)
45 int release = 0; /* Used to avoid a call to cm_HoldSCache in the directory case */
46 cm_volume_t *volp = cm_GetVolumeByFID(&scp->fid);
49 if (scp->fileType == CM_SCACHETYPE_DIRECTORY ||
50 cm_accessPerFileCheck ||
51 !volp || (volp->flags & CM_VOLUMEFLAG_DFS_VOLUME)) {
52 aclScp = scp; /* not held, not released */
54 cm_SetFid(&tfid, scp->fid.cell, scp->fid.volume, scp->parentVnode, scp->parentUnique);
55 aclScp = cm_FindSCache(&tfid);
62 if (aclScp->fid.vnode < scp->fid.vnode)
63 lock_ReleaseWrite(&scp->rw);
64 lock_ObtainWrite(&aclScp->rw);
66 if (aclScp->fid.vnode < scp->fid.vnode)
67 lock_ObtainWrite(&scp->rw);
69 /* check that we have a callback, too */
70 if (!cm_HaveCallback(aclScp)) {
78 lock_AssertWrite(&aclScp->rw);
80 /* now if rights is a subset of the public rights, we're done.
81 * Otherwise, if we an explicit acl entry, we're also in good shape,
82 * and can definitively answer.
84 #ifdef AFS_FREELANCE_CLIENT
85 if (cm_freelanceEnabled &&
86 aclScp->fid.cell==AFS_FAKE_ROOT_CELL_ID &&
87 aclScp->fid.volume==AFS_FAKE_ROOT_VOL_ID)
89 *outRightsp = aclScp->anyAccess;
92 if ((~aclScp->anyAccess & rights) == 0) {
95 /* we have to check the specific rights info */
96 code = cm_FindACLCache(aclScp, userp, &trights);
101 *outRightsp = trights;
104 if (scp->fileType > 0 && scp->fileType != CM_SCACHETYPE_DIRECTORY) {
105 /* check mode bits */
106 if ((scp->unixModeBits & 0400) == 0) {
107 osi_Log2(afsd_logp,"cm_HaveAccessRights UnixMode removing READ scp 0x%p unix 0%o",
108 scp, scp->unixModeBits);
109 *outRightsp &= ~PRSFS_READ;
111 if ((scp->unixModeBits & 0200) == 0 && (rights != (PRSFS_WRITE | PRSFS_LOCK))) {
112 osi_Log2(afsd_logp,"cm_HaveAccessRights UnixMode removing WRITE scp 0x%p unix 0%o",
113 scp, scp->unixModeBits);
114 *outRightsp &= ~PRSFS_WRITE;
116 if ((scp->unixModeBits & 0200) == 0 && !cm_deleteReadOnly && (reqp->flags & CM_REQ_SOURCE_SMB)) {
117 osi_Log2(afsd_logp,"cm_HaveAccessRights UnixMode removing DELETE scp 0x%p unix 0%o",
118 scp, scp->unixModeBits);
119 *outRightsp &= ~PRSFS_DELETE;
123 /* if the user can insert, we must assume they can read/write as well
124 * because we do not have the ability to determine if the current user
125 * is the owner of the file. We will have to make the call to the
126 * file server and let the file server tell us if the request should
129 if ((*outRightsp & PRSFS_INSERT) && (scp->creator == userp))
130 *outRightsp |= PRSFS_READ | PRSFS_WRITE;
132 /* if the user can obtain a write-lock, read-locks are implied */
133 if (*outRightsp & PRSFS_WRITE)
134 *outRightsp |= PRSFS_LOCK;
143 lock_ReleaseWrite(&aclScp->rw);
145 cm_ReleaseSCache(aclScp);
149 /* called with locked scp; ensures that we have an ACL cache entry for the
150 * user specified by the parameter "userp."
151 * In pathological race conditions, this function may return success without
152 * having loaded the entry properly (due to a racing callback revoke), so this
153 * function must also be called in a while loop to make sure that we eventually
156 long cm_GetAccessRights(struct cm_scache *scp, struct cm_user *userp,
161 cm_scache_t *aclScp = NULL;
163 cm_volume_t * volp = cm_GetVolumeByFID(&scp->fid);
165 /* pretty easy: just force a pass through the fetch status code */
167 osi_Log2(afsd_logp, "GetAccessRights scp 0x%p user 0x%p", scp, userp);
169 /* first, start by finding out whether we have a directory or something
170 * else, so we can find what object's ACL we need.
172 if (scp->fileType == CM_SCACHETYPE_DIRECTORY ||
173 cm_accessPerFileCheck ||
174 !volp || (volp->flags & CM_VOLUMEFLAG_DFS_VOLUME))
176 code = cm_SyncOp(scp, NULL, userp, reqp, 0,
177 CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS | CM_SCACHESYNC_FORCECB);
179 cm_SyncOpDone(scp, NULL, CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS);
181 osi_Log3(afsd_logp, "GetAccessRights syncop failure scp %x user %x code %x", scp, userp, code);
183 /* not a dir, use parent dir's acl */
184 cm_SetFid(&tfid, scp->fid.cell, scp->fid.volume, scp->parentVnode, scp->parentUnique);
185 lock_ReleaseWrite(&scp->rw);
186 code = cm_GetSCache(&tfid, NULL, &aclScp, userp, reqp);
188 lock_ObtainWrite(&scp->rw);
192 osi_Log2(afsd_logp, "GetAccessRights parent scp %x user %x", aclScp, userp);
193 lock_ObtainWrite(&aclScp->rw);
194 code = cm_SyncOp(aclScp, NULL, userp, reqp, 0,
195 CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS | CM_SCACHESYNC_FORCECB);
197 cm_SyncOpDone(aclScp, NULL,
198 CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS);
200 osi_Log3(afsd_logp, "GetAccessRights parent syncop failure scp %x user %x code %x", aclScp, userp, code);
201 lock_ReleaseWrite(&aclScp->rw);
202 cm_ReleaseSCache(aclScp);
203 lock_ObtainWrite(&scp->rw);