[PATCH] add a file_permission helper

	/* Allow ioctls if we have write-permissions even if read-only open.

	 * Needed so that programs such as fdrawcmd still can work on write

	 * protected disks */

	if (filp->f_mode & 2

	    || permission(filp->f_dentry->d_inode, 2, NULL) == 0)

	if ((filp->f_mode & FMODE_WRITE) || !file_permission(filp, MAY_WRITE))

		filp->private_data = (void *)8;

	if (UFDCS->rawcmd == 1)

		/* if the binary is not readable than enforce mm->dumpable=0

		   regardless of the interpreter's permissions */

		if (permission(bprm->file->f_dentry->d_inode, MAY_READ, NULL))

		if (file_permission(bprm->file, MAY_READ))

			bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;

		allow_write_access(bprm->file);

	flush_thread();

	if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || 

	    permission(bprm->file->f_dentry->d_inode,MAY_READ, NULL) ||

	    file_permission(bprm->file, MAY_READ) ||

	    (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) {

		suid_keys(current);

		current->mm->dumpable = suid_dumpable;

	return permission(nd->dentry->d_inode, mask, nd);

}

/**

 * file_permission  -  check for additional access rights to a given file

 * @file:	file to check access rights for

 * @mask:	right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)

 *

 * Used to check for read/write/execute permissions on an already opened

 * file.

 *

 * Note:

 *	Do not use this function in new code.  All access checks should

 *	be done using vfs_permission().

 */

int file_permission(struct file *file, int mask)

{

	return permission(file->f_dentry->d_inode, mask, NULL);

}

/*

 * get_write_access() gets write permission for a file.

 * put_write_access() releases this write permission.

EXPORT_SYMBOL(path_walk);

EXPORT_SYMBOL(permission);

EXPORT_SYMBOL(vfs_permission);

EXPORT_SYMBOL(file_permission);

EXPORT_SYMBOL(unlock_rename);

EXPORT_SYMBOL(vfs_create);

EXPORT_SYMBOL(vfs_follow_link);

#define NCP_PACKET_SIZE_INTERNAL 65536

static int

ncp_get_fs_info(struct ncp_server* server, struct inode* inode, struct ncp_fs_info __user *arg)

ncp_get_fs_info(struct ncp_server * server, struct file *file,

		struct ncp_fs_info __user *arg)

{

	struct inode *inode = file->f_dentry->d_inode;

	struct ncp_fs_info info;

	if ((permission(inode, MAY_WRITE, NULL) != 0)

	if ((file_permission(file, MAY_WRITE) != 0)

	    && (current->uid != server->m.mounted_uid)) {

		return -EACCES;

	}

}

static int

ncp_get_fs_info_v2(struct ncp_server* server, struct inode* inode, struct ncp_fs_info_v2 __user * arg)

ncp_get_fs_info_v2(struct ncp_server * server, struct file *file,

		   struct ncp_fs_info_v2 __user * arg)

{

	struct inode *inode = file->f_dentry->d_inode;

	struct ncp_fs_info_v2 info2;

	if ((permission(inode, MAY_WRITE, NULL) != 0)

	if ((file_permission(file, MAY_WRITE) != 0)

	    && (current->uid != server->m.mounted_uid)) {

		return -EACCES;

	}

	switch (cmd) {

	case NCP_IOC_NCPREQUEST:

		if ((permission(inode, MAY_WRITE, NULL) != 0)

		if ((file_permission(filp, MAY_WRITE) != 0)

		    && (current->uid != server->m.mounted_uid)) {

			return -EACCES;

		}

		return ncp_conn_logged_in(inode->i_sb);

	case NCP_IOC_GET_FS_INFO:

		return ncp_get_fs_info(server, inode, argp);

		return ncp_get_fs_info(server, filp, argp);

	case NCP_IOC_GET_FS_INFO_V2:

		return ncp_get_fs_info_v2(server, inode, argp);

		return ncp_get_fs_info_v2(server, filp, argp);

	case NCP_IOC_GETMOUNTUID2:

		{

			unsigned long tmp = server->m.mounted_uid;

			if (   (permission(inode, MAY_READ, NULL) != 0)

			if ((file_permission(filp, MAY_READ) != 0)

			    && (current->uid != server->m.mounted_uid))

			{

				return -EACCES;

		{

			struct ncp_setroot_ioctl sr;

			if (   (permission(inode, MAY_READ, NULL) != 0)

			if ((file_permission(filp, MAY_READ) != 0)

			    && (current->uid != server->m.mounted_uid))

			{

				return -EACCES;

#ifdef CONFIG_NCPFS_PACKET_SIGNING	

	case NCP_IOC_SIGN_INIT:

		if ((permission(inode, MAY_WRITE, NULL) != 0)

		if ((file_permission(filp, MAY_WRITE) != 0)

		    && (current->uid != server->m.mounted_uid))

		{

			return -EACCES;

		return 0;		

        case NCP_IOC_SIGN_WANTED:

		if (   (permission(inode, MAY_READ, NULL) != 0)

		if ((file_permission(filp, MAY_READ) != 0)

		    && (current->uid != server->m.mounted_uid))

		{

			return -EACCES;

		{

			int newstate;

			if (   (permission(inode, MAY_WRITE, NULL) != 0)

			if ((file_permission(filp, MAY_WRITE) != 0)

			    && (current->uid != server->m.mounted_uid))

			{

				return -EACCES;

#ifdef CONFIG_NCPFS_IOCTL_LOCKING

	case NCP_IOC_LOCKUNLOCK:

		if (   (permission(inode, MAY_WRITE, NULL) != 0)

		if ((file_permission(filp, MAY_WRITE) != 0)

		    && (current->uid != server->m.mounted_uid))

		{

			return -EACCES;

#endif /* CONFIG_NCPFS_NLS */

	case NCP_IOC_SETDENTRYTTL:

		if ((permission(inode, MAY_WRITE, NULL) != 0) &&

		if ((file_permission(filp, MAY_WRITE) != 0) &&

				 (current->uid != server->m.mounted_uid))

			return -EACCES;

		{

           so we have this out of switch */

	if (cmd == NCP_IOC_GETMOUNTUID) {

		__kernel_uid_t uid = 0;

		if ((permission(inode, MAY_READ, NULL) != 0)

		if ((file_permission(filp, MAY_READ) != 0)

		    && (current->uid != server->m.mounted_uid)) {

			return -EACCES;

		}