do_faccessat

Name:access() needs to use the real uid/gid, not the effective uid/gid.* We do this by temporarily clearing all FS-related capabilities and* switching the fsuid/fsgid around to the real ones.

Proto:long do_faccessat(int dfd, const char __user *filename, int mode)

Type:long

Parameter:

Type	Parameter	Name
int	dfd
const char __user *	filename
int	mode

355

lookup_flags = llow links at the end

357

If mode & ~S_IRWXO Then Return -EINVAL

360

override_cred = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification

361

If Not override_cred Then Return -ENOMEM

364

UID for VFS ops = real UID of the task

365

GID for VFS ops = real GID of the task

367

If Not issecure(When set, setuid to/from uid 0 does not trigger capability-"fixup".When unset, to provide compatiblility with old programs relying onset*uid to gain/lose privilege, transitions to/from uid 0 causecapabilities to be gained/lost. ) Then

369

root_uid = make_kuid( user_ns the caps and keyrings are relative to. , 0)

370

If Not uid_eq( real UID of the task , root_uid) Then cap_clear( caps we can actually use )

372

Else caps we can actually use = caps we're permitted

394

Can we skip RCU deletion? = 1

396

old_cred = verride_creds - Override the current process's subjective credentials*@new: The credentials to be assigned* Install a set of temporary override subjective credentials on the current* process, returning the old set for later reversion.

397

retry :

398

res = user_path_at(dfd, filename, lookup_flags, & path)

399

If res Then Go to out

402

inode = d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper

404

If mode & MAY_EXEC && S_ISREG(i_mode) Then

409

res = -EACCES

410

If path_noexec( & path) Then Go to out_path_release

414

res = inode_permission(inode, mode | MAY_ACCESS)

416

If res || Not (mode & S_IWOTH) || special_file(i_mode) Then Go to out_path_release

428

If __mnt_is_readonly(mnt) Then res = -EROFS

431

out_path_release :

432

path_put( & path)

433

If ry_estale - determine whether the caller should retry an operation*@error: the error that would currently be returned*@flags: flags being used for next lookup attempt* Check to see if the error code was -ESTALE, and then determine whether Then

434

lookup_flags |= ll ->d_revalidate() to trust no cache

435

Go to retry

437

out :

438

vert_creds - Revert a temporary subjective credentials override*@old: The credentials to be restored* Revert a temporary set of override subjective credentials to an old set,* discarding the override set.

439

put_cred - Release a reference to a set of credentials*@cred: The credentials to release* Release a reference to a set of credentials, deleting them when the last ref* is released

440

Return res

**Caller**
Name	Describe
SYSCALL_DEFINE3
SYSCALL_DEFINE2
ksys_access

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report