Kernel+LibC+LibCore+UserspaceEmulator: Implement faccessat(2)

Co-Authored-By: Daniel Bertalan <dani@danielbertalan.dev>
2025-07-26 16:37:47 +00:00 · 2022-10-01 12:24:56 +00:00 · 2022-10-01 12:24:56 +00:00 · 2a502fe232
commit 2a502fe232
parent fa692e13f9
13 changed files with 89 additions and 39 deletions
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@ -523,24 +523,26 @@ ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringVie
    return {};
 }

-ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, Custody& base)
+ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, Custody& base, AccessFlags access_flags)
 {
-    auto custody = TRY(resolve_path(credentials, path, base));
+    auto should_follow_symlinks = !has_flag(access_flags, AccessFlags::DoNotFollowSymlinks);
+    auto custody = TRY(resolve_path(credentials, path, base, nullptr, should_follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));

    auto& inode = custody->inode();
    auto metadata = inode.metadata();
+    auto use_effective_ids = has_flag(access_flags, AccessFlags::EffectiveAccess) ? UseEffectiveIDs::Yes : UseEffectiveIDs::No;
    if (mode & R_OK) {
-        if (!metadata.may_read(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_read(credentials, use_effective_ids))
            return EACCES;
    }
    if (mode & W_OK) {
-        if (!metadata.may_write(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_write(credentials, use_effective_ids))
            return EACCES;
        if (custody->is_readonly())
            return EROFS;
    }
    if (mode & X_OK) {
-        if (!metadata.may_execute(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_execute(credentials, use_effective_ids))
            return EACCES;
    }
    return {};
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@ -34,6 +34,14 @@ struct UidAndGid {
    GroupID gid;
 };

+enum class AccessFlags {
+    None = 0,
+    EffectiveAccess = 1 << 0,
+    DoNotFollowSymlinks = 1 << 1,
+};
+
+AK_ENUM_BITWISE_OPERATORS(AccessFlags);
+
 class VirtualFileSystem {
 public:
    // Required to be at least 8 by POSIX
@ -63,7 +71,7 @@ public:
    ErrorOr<void> chmod(Credentials const&, Custody&, mode_t);
    ErrorOr<void> chown(Credentials const&, StringView path, UserID, GroupID, Custody& base, int options);
    ErrorOr<void> chown(Credentials const&, Custody&, UserID, GroupID);
-    ErrorOr<void> access(Credentials const&, StringView path, int mode, Custody& base);
+    ErrorOr<void> access(Credentials const&, StringView path, int mode, Custody& base, AccessFlags);
    ErrorOr<InodeMetadata> lookup_metadata(Credentials const&, StringView path, Custody& base, int options = 0);
    ErrorOr<void> utime(Credentials const&, StringView path, Custody& base, time_t atime, time_t mtime);
    ErrorOr<void> utimensat(Credentials const&, StringView path, Custody& base, timespec const& atime, timespec const& mtime, int options = 0);