• Al Viro's avatar
    New kind of open files - "location only". · 1abf0c71
    Al Viro authored
    New flag for open(2) - O_PATH.  Semantics:
    	* pathname is resolved, but the file itself is _NOT_ opened
    as far as filesystem is concerned.
    	* almost all operations on the resulting descriptors shall
    fail with -EBADF.  Exceptions are:
    	1) operations on descriptors themselves (i.e.
    		close(), dup(), dup2(), dup3(), fcntl(fd, F_DUPFD),
    		fcntl(fd, F_DUPFD_CLOEXEC, ...), fcntl(fd, F_GETFD),
    		fcntl(fd, F_SETFD, ...))
    	2) fcntl(fd, F_GETFL), for a common non-destructive way to
    		check if descriptor is open
    	3) "dfd" arguments of ...at(2) syscalls, i.e. the starting
    		points of pathname resolution
    	* closing such descriptor does *NOT* affect dnotify or
    posix locks.
    	* permissions are checked as usual along the way to file;
    no permission checks are applied to the file itself.  Of course,
    giving such thing to syscall will result in permission checks (at
    the moment it means checking that starting point of ....at() is
    a directory and caller has exec permissions on it).
    fget() and fget_light() return NULL on such descriptors; use of
    fget_raw() and fget_raw_light() is needed to get them.  That protects
    existing code from dealing with those things.
    There are two things still missing (they come in the next commits):
    one is handling of symlinks (right now we refuse to open them that
    way; see the next commit for semantics related to those) and another
    is descriptor passing via SCM_RIGHTS datagrams.
    Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
open.c 26.8 KB