Kernel+LibC+LibCore+UserspaceEmulator: Implement `faccessat(2)`

Co-Authored-By: Daniel Bertalan <dani@danielbertalan.dev>

2 files changed, 16 insertions, 6 deletions

diff --git a/Kernel/FileSystem/VirtualFileSystem.cpp b/Kernel/FileSystem/VirtualFileSystem.cpp
index 398e8c4b8c..337cdfe8fd 100644
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@@ -523,24 +523,26 @@ ErrorOr<void> VirtualFileSystem::mkdir(Credentials const& credentials, StringVie
     return {};
 }
 
-ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, Custody& base)
+ErrorOr<void> VirtualFileSystem::access(Credentials const& credentials, StringView path, int mode, Custody& base, AccessFlags access_flags)
 {
-    auto custody = TRY(resolve_path(credentials, path, base));
+    auto should_follow_symlinks = !has_flag(access_flags, AccessFlags::DoNotFollowSymlinks);
+    auto custody = TRY(resolve_path(credentials, path, base, nullptr, should_follow_symlinks ? 0 : O_NOFOLLOW_NOERROR));
 
     auto& inode = custody->inode();
     auto metadata = inode.metadata();
+    auto use_effective_ids = has_flag(access_flags, AccessFlags::EffectiveAccess) ? UseEffectiveIDs::Yes : UseEffectiveIDs::No;
     if (mode & R_OK) {
-        if (!metadata.may_read(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_read(credentials, use_effective_ids))
             return EACCES;
     }
     if (mode & W_OK) {
-        if (!metadata.may_write(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_write(credentials, use_effective_ids))
             return EACCES;
         if (custody->is_readonly())
             return EROFS;
     }
     if (mode & X_OK) {
-        if (!metadata.may_execute(credentials, UseEffectiveIDs::No))
+        if (!metadata.may_execute(credentials, use_effective_ids))
             return EACCES;
     }
     return {};
diff --git a/Kernel/FileSystem/VirtualFileSystem.h b/Kernel/FileSystem/VirtualFileSystem.h
index 9a6be3362c..07c5af9055 100644
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@@ -34,6 +34,14 @@ struct UidAndGid {
     GroupID gid;
 };
 
+enum class AccessFlags {
+    None = 0,
+    EffectiveAccess = 1 << 0,
+    DoNotFollowSymlinks = 1 << 1,
+};
+
+AK_ENUM_BITWISE_OPERATORS(AccessFlags);
+
 class VirtualFileSystem {
 public:
     // Required to be at least 8 by POSIX
@@ -63,7 +71,7 @@ public:
     ErrorOr<void> chmod(Credentials const&, Custody&, mode_t);
     ErrorOr<void> chown(Credentials const&, StringView path, UserID, GroupID, Custody& base, int options);
     ErrorOr<void> chown(Credentials const&, Custody&, UserID, GroupID);
-    ErrorOr<void> access(Credentials const&, StringView path, int mode, Custody& base);
+    ErrorOr<void> access(Credentials const&, StringView path, int mode, Custody& base, AccessFlags);
     ErrorOr<InodeMetadata> lookup_metadata(Credentials const&, StringView path, Custody& base, int options = 0);
     ErrorOr<void> utime(Credentials const&, StringView path, Custody& base, time_t atime, time_t mtime);
     ErrorOr<void> utimensat(Credentials const&, StringView path, Custody& base, timespec const& atime, timespec const& mtime, int options = 0);