Kernel+LibC: Add O_EXEC, move exec permission checking to VFS::open()

O_EXEC is mentioned by POSIX, so let's have it. Currently, it is only used
inside the kernel to ensure the process has the right permissions when opening
an executable.

3 files changed, 6 insertions, 4 deletions

diff --git a/Kernel/FileSystem/VirtualFileSystem.cpp b/Kernel/FileSystem/VirtualFileSystem.cpp
index 293959f8fb..a0103bc304 100644
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@@ -215,6 +215,10 @@ KResultOr<NonnullRefPtr<FileDescription>> VFS::open(StringView path, int options
             return KResult(-EISDIR);
         should_truncate_file = options & O_TRUNC;
     }
+    if (options & O_EXEC) {
+        if (!metadata.may_execute(current->process()))
+            return KResult(-EACCES);
+    }
 
     if (metadata.is_device()) {
         auto device = Device::get_device(metadata.major_device, metadata.minor_device);
diff --git a/Kernel/FileSystem/VirtualFileSystem.h b/Kernel/FileSystem/VirtualFileSystem.h
index 05997e362a..13f7b7803f 100644
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@@ -15,6 +15,7 @@
 #define O_RDONLY 0
 #define O_WRONLY 1
 #define O_RDWR 2
+#define O_EXEC 4
 #define O_CREAT 0100
 #define O_EXCL 0200
 #define O_NOCTTY 0400
diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp
index 8ab6f731a2..74dc581138 100644
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@@ -653,15 +653,12 @@ int Process::do_exec(String path, Vector<String> arguments, Vector<String> envir
     if (parts.is_empty())
         return -ENOENT;
 
-    auto result = VFS::the().open(path, 0, 0, current_directory());
+    auto result = VFS::the().open(path, O_EXEC, 0, current_directory());
     if (result.is_error())
         return result.error();
     auto description = result.value();
     auto metadata = description->metadata();
 
-    if (!metadata.may_execute(*this))
-        return -EACCES;
-
     if (!metadata.size)
         return -ENOTIMPL;