Commit 582aa64a authored Dec 11, 2012 by Jeff Layton Committed by Al Viro Dec 20, 2012

vfs: remove unneeded permission check from path_init

When path_init is called with a valid dfd, that code checks permissions
on the open directory fd and returns an error if the check fails. This
permission check is redundant, however.

Both callers of path_init immediately call link_path_walk afterward. The
first thing that link_path_walk does for pathnames that do not consist
only of slashes is to check for exec permissions at the starting point of
the path walk. And this check in path_init() is on the path taken only
when *name != '/' && *name != '\0'.

In most cases, these checks are very quick, but when the dfd is for a
file on a NFS mount with the actimeo=0, each permission check goes
out onto the wire. The result is 2 identical ACCESS calls.

Given that these codepaths are fairly "hot", I think it makes sense to
eliminate the permission check in path_init and simply assume that the
caller will eventually check the permissions before proceeding.

Reported-by: Dave Wysochanski <dwysocha@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

parent 1e75529e

fs/namei.c

+1 −6

Original line number	Diff line number	Diff line
		@@ -1903,6 +1903,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
		get_fs_pwd(current->fs, &nd->path);
		}
		} else {
		/* Caller must check execute permissions on the starting path component */
		struct fd f = fdget_raw(dfd);
		struct dentry *dentry;

		@@ -1916,12 +1917,6 @@ static int path_init(int dfd, const char *name, unsigned int flags,
		fdput(f);
		return -ENOTDIR;
		}

		retval = inode_permission(dentry->d_inode, MAY_EXEC);
		if (retval) {
		fdput(f);
		return retval;
		}
		}

		nd->path = f.file->f_path;

Admin message