r/o bind mounts: rearrange may_open() to be r/o friendly

may_open() calls vfs_permission() before it does checks for IS_RDONLY(inode).
It checks _again_ inside of vfs_permission().

The check inside of vfs_permission() is going away eventually.  With the
mnt_want/drop_write() functions, all of the r/o checks (except for this one)
are consistently done before calling permission().  Because of this, I'd like
to use permission() to hold a debugging check to make sure that the
mnt_want/drop_write() calls are actually being made.

So, to do this:
1. remove the IS_RDONLY() check from permission()
2. enforce that you must mnt_want_write() before
   even calling permission()
3. actually add the debugging check to permission()

We need to rearrange may_open() to do r/o checks before calling permission().
Here's the patch.

Signed-off-by: Dave Hansen <haveblue@us.ibm.com>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 4 insertions, 4 deletions

diff --git a/fs/namei.c b/fs/namei.c
index 2792e0ca01d4..a29bb0f40ed5 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1604,10 +1604,6 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
 	if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
 		return -EISDIR;
 
-	error = vfs_permission(nd, acc_mode);
-	if (error)
-		return error;
-
 	/*
 	 * FIFO's, sockets and device files are special: they don't
 	 * actually live on the filesystem itself, and as such you
@@ -1622,6 +1618,10 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
 		flag &= ~O_TRUNC;
 	} else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
 		return -EROFS;
+
+	error = vfs_permission(nd, acc_mode);
+	if (error)
+		return error;
 	/*
 	 * An append-only file must be opened in append mode for writing.
 	 */