Commit 479c427d authored by Steven Whitehouse's avatar Steven Whitehouse

GFS2: Clean up ACLs

To prepare for support for caching of ACLs, this cleans up the GFS2
ACL support by pushing the xattr code back into xattr.c and changing
the acl_get function into one which only returns ACLs so that we
can drop the caching function into it shortly.
Signed-off-by: default avatarSteven Whitehouse <swhiteho@redhat.com>
parent 69dca424
...@@ -27,53 +27,40 @@ ...@@ -27,53 +27,40 @@
#include "trans.h" #include "trans.h"
#include "util.h" #include "util.h"
static int acl_get(struct gfs2_inode *ip, const char *name, static const char *gfs2_acl_name(int type)
struct posix_acl **acl, struct gfs2_ea_location *el,
char **datap, unsigned int *lenp)
{ {
char *data; switch (type) {
unsigned int len; case ACL_TYPE_ACCESS:
int error; return GFS2_POSIX_ACL_ACCESS;
case ACL_TYPE_DEFAULT:
return GFS2_POSIX_ACL_DEFAULT;
}
return NULL;
}
el->el_bh = NULL; static struct posix_acl *gfs2_acl_get(struct gfs2_inode *ip, int type)
{
struct posix_acl *acl;
const char *name;
char *data;
int len;
if (!ip->i_eattr) if (!ip->i_eattr)
return 0; return NULL;
error = gfs2_ea_find(ip, GFS2_EATYPE_SYS, name, el);
if (error)
return error;
if (!el->el_ea)
return 0;
if (!GFS2_EA_DATA_LEN(el->el_ea))
goto out;
len = GFS2_EA_DATA_LEN(el->el_ea);
data = kmalloc(len, GFP_NOFS);
error = -ENOMEM;
if (!data)
goto out;
error = gfs2_ea_get_copy(ip, el, data, len); name = gfs2_acl_name(type);
if (error < 0) if (name == NULL)
goto out_kfree; return ERR_PTR(-EINVAL);
error = 0;
if (acl) { len = gfs2_xattr_acl_get(ip, name, &data);
*acl = posix_acl_from_xattr(data, len); if (len < 0)
if (IS_ERR(*acl)) return ERR_PTR(len);
error = PTR_ERR(*acl); if (len == 0)
} return NULL;
out_kfree: acl = posix_acl_from_xattr(data, len);
if (error || !datap) {
kfree(data); kfree(data);
} else { return acl;
*datap = data;
*lenp = len;
}
out:
return error;
} }
/** /**
...@@ -86,14 +73,12 @@ static int acl_get(struct gfs2_inode *ip, const char *name, ...@@ -86,14 +73,12 @@ static int acl_get(struct gfs2_inode *ip, const char *name,
int gfs2_check_acl(struct inode *inode, int mask) int gfs2_check_acl(struct inode *inode, int mask)
{ {
struct gfs2_ea_location el; struct posix_acl *acl;
struct posix_acl *acl = NULL;
int error; int error;
error = acl_get(GFS2_I(inode), GFS2_POSIX_ACL_ACCESS, &acl, &el, NULL, NULL); acl = gfs2_acl_get(GFS2_I(inode), ACL_TYPE_ACCESS);
brelse(el.el_bh); if (IS_ERR(acl))
if (error) return PTR_ERR(acl);
return error;
if (acl) { if (acl) {
error = posix_acl_permission(inode, acl, mask); error = posix_acl_permission(inode, acl, mask);
...@@ -120,32 +105,57 @@ static int gfs2_set_mode(struct inode *inode, mode_t mode) ...@@ -120,32 +105,57 @@ static int gfs2_set_mode(struct inode *inode, mode_t mode)
return error; return error;
} }
int gfs2_acl_create(struct gfs2_inode *dip, struct gfs2_inode *ip) static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
{ {
struct gfs2_ea_location el;
struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
struct posix_acl *acl = NULL, *clone;
mode_t mode = ip->i_inode.i_mode;
char *data = NULL;
unsigned int len;
int error; int error;
int len;
char *data;
const char *name = gfs2_acl_name(type);
BUG_ON(name == NULL);
len = posix_acl_to_xattr(acl, NULL, 0);
if (len == 0)
return 0;
data = kmalloc(len, GFP_NOFS);
if (data == NULL)
return -ENOMEM;
error = posix_acl_to_xattr(acl, data, len);
if (error < 0)
goto out;
error = gfs2_xattr_set(inode, GFS2_EATYPE_SYS, name, data, len, 0);
out:
kfree(data);
return error;
}
int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode)
{
struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
struct posix_acl *acl, *clone;
mode_t mode = inode->i_mode;
int error = 0;
if (!sdp->sd_args.ar_posix_acl) if (!sdp->sd_args.ar_posix_acl)
return 0; return 0;
if (S_ISLNK(ip->i_inode.i_mode)) if (S_ISLNK(inode->i_mode))
return 0; return 0;
error = acl_get(dip, GFS2_POSIX_ACL_DEFAULT, &acl, &el, &data, &len); acl = gfs2_acl_get(dip, ACL_TYPE_DEFAULT);
brelse(el.el_bh); if (IS_ERR(acl))
if (error) return PTR_ERR(acl);
return error;
if (!acl) { if (!acl) {
mode &= ~current_umask(); mode &= ~current_umask();
if (mode != ip->i_inode.i_mode) if (mode != inode->i_mode)
error = gfs2_set_mode(&ip->i_inode, mode); error = gfs2_set_mode(inode, mode);
return error; return error;
} }
if (S_ISDIR(inode->i_mode)) {
error = gfs2_acl_set(inode, ACL_TYPE_DEFAULT, acl);
if (error)
goto out;
}
clone = posix_acl_clone(acl, GFP_NOFS); clone = posix_acl_clone(acl, GFP_NOFS);
error = -ENOMEM; error = -ENOMEM;
if (!clone) if (!clone)
...@@ -153,43 +163,32 @@ int gfs2_acl_create(struct gfs2_inode *dip, struct gfs2_inode *ip) ...@@ -153,43 +163,32 @@ int gfs2_acl_create(struct gfs2_inode *dip, struct gfs2_inode *ip)
posix_acl_release(acl); posix_acl_release(acl);
acl = clone; acl = clone;
if (S_ISDIR(ip->i_inode.i_mode)) {
error = gfs2_xattr_set(&ip->i_inode, GFS2_EATYPE_SYS,
GFS2_POSIX_ACL_DEFAULT, data, len, 0);
if (error)
goto out;
}
error = posix_acl_create_masq(acl, &mode); error = posix_acl_create_masq(acl, &mode);
if (error < 0) if (error < 0)
goto out; goto out;
if (error == 0) if (error == 0)
goto munge; goto munge;
posix_acl_to_xattr(acl, data, len); error = gfs2_acl_set(inode, ACL_TYPE_ACCESS, acl);
error = gfs2_xattr_set(&ip->i_inode, GFS2_EATYPE_SYS,
GFS2_POSIX_ACL_ACCESS, data, len, 0);
if (error) if (error)
goto out; goto out;
munge: munge:
error = gfs2_set_mode(&ip->i_inode, mode); error = gfs2_set_mode(inode, mode);
out: out:
posix_acl_release(acl); posix_acl_release(acl);
kfree(data);
return error; return error;
} }
int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
{ {
struct posix_acl *acl = NULL, *clone; struct posix_acl *acl, *clone;
struct gfs2_ea_location el;
char *data; char *data;
unsigned int len; unsigned int len;
int error; int error;
error = acl_get(ip, GFS2_POSIX_ACL_ACCESS, &acl, &el, &data, &len); acl = gfs2_acl_get(ip, ACL_TYPE_ACCESS);
if (error) if (IS_ERR(acl))
goto out_brelse; return PTR_ERR(acl);
if (!acl) if (!acl)
return gfs2_setattr_simple(ip, attr); return gfs2_setattr_simple(ip, attr);
...@@ -202,15 +201,18 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) ...@@ -202,15 +201,18 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
error = posix_acl_chmod_masq(acl, attr->ia_mode); error = posix_acl_chmod_masq(acl, attr->ia_mode);
if (!error) { if (!error) {
len = posix_acl_to_xattr(acl, NULL, 0);
data = kmalloc(len, GFP_NOFS);
error = -ENOMEM;
if (data == NULL)
goto out;
posix_acl_to_xattr(acl, data, len); posix_acl_to_xattr(acl, data, len);
error = gfs2_ea_acl_chmod(ip, &el, attr, data); error = gfs2_xattr_acl_chmod(ip, attr, data);
kfree(data);
} }
out: out:
posix_acl_release(acl); posix_acl_release(acl);
kfree(data);
out_brelse:
brelse(el.el_bh);
return error; return error;
} }
......
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
#define GFS2_ACL_MAX_ENTRIES 25 #define GFS2_ACL_MAX_ENTRIES 25
extern int gfs2_check_acl(struct inode *inode, int mask); extern int gfs2_check_acl(struct inode *inode, int mask);
extern int gfs2_acl_create(struct gfs2_inode *dip, struct gfs2_inode *ip); extern int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode);
extern int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr); extern int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr);
extern struct xattr_handler gfs2_xattr_system_handler; extern struct xattr_handler gfs2_xattr_system_handler;
......
...@@ -871,7 +871,7 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, ...@@ -871,7 +871,7 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name,
if (error) if (error)
goto fail_gunlock2; goto fail_gunlock2;
error = gfs2_acl_create(dip, GFS2_I(inode)); error = gfs2_acl_create(dip, inode);
if (error) if (error)
goto fail_gunlock2; goto fail_gunlock2;
......
...@@ -186,7 +186,7 @@ static int ea_find_i(struct gfs2_inode *ip, struct buffer_head *bh, ...@@ -186,7 +186,7 @@ static int ea_find_i(struct gfs2_inode *ip, struct buffer_head *bh,
return 0; return 0;
} }
int gfs2_ea_find(struct gfs2_inode *ip, int type, const char *name, static int gfs2_ea_find(struct gfs2_inode *ip, int type, const char *name,
struct gfs2_ea_location *el) struct gfs2_ea_location *el)
{ {
struct ea_find ef; struct ea_find ef;
...@@ -516,7 +516,7 @@ static int ea_get_unstuffed(struct gfs2_inode *ip, struct gfs2_ea_header *ea, ...@@ -516,7 +516,7 @@ static int ea_get_unstuffed(struct gfs2_inode *ip, struct gfs2_ea_header *ea,
return error; return error;
} }
int gfs2_ea_get_copy(struct gfs2_inode *ip, struct gfs2_ea_location *el, static int gfs2_ea_get_copy(struct gfs2_inode *ip, struct gfs2_ea_location *el,
char *data, size_t size) char *data, size_t size)
{ {
int ret; int ret;
...@@ -534,6 +534,36 @@ int gfs2_ea_get_copy(struct gfs2_inode *ip, struct gfs2_ea_location *el, ...@@ -534,6 +534,36 @@ int gfs2_ea_get_copy(struct gfs2_inode *ip, struct gfs2_ea_location *el,
return len; return len;
} }
int gfs2_xattr_acl_get(struct gfs2_inode *ip, const char *name, char **ppdata)
{
struct gfs2_ea_location el;
int error;
int len;
char *data;
error = gfs2_ea_find(ip, GFS2_EATYPE_SYS, name, &el);
if (error)
return error;
if (!el.el_ea)
goto out;
if (!GFS2_EA_DATA_LEN(el.el_ea))
goto out;
len = GFS2_EA_DATA_LEN(el.el_ea);
data = kmalloc(len, GFP_NOFS);
error = -ENOMEM;
if (data == NULL)
goto out;
error = gfs2_ea_get_copy(ip, &el, data, len);
if (error == 0)
error = len;
*ppdata = data;
out:
brelse(el.el_bh);
return error;
}
/** /**
* gfs2_xattr_get - Get a GFS2 extended attribute * gfs2_xattr_get - Get a GFS2 extended attribute
* @inode: The inode * @inode: The inode
...@@ -1259,22 +1289,26 @@ static int ea_acl_chmod_unstuffed(struct gfs2_inode *ip, ...@@ -1259,22 +1289,26 @@ static int ea_acl_chmod_unstuffed(struct gfs2_inode *ip,
return error; return error;
} }
int gfs2_ea_acl_chmod(struct gfs2_inode *ip, struct gfs2_ea_location *el, int gfs2_xattr_acl_chmod(struct gfs2_inode *ip, struct iattr *attr, char *data)
struct iattr *attr, char *data)
{ {
struct gfs2_ea_location el;
struct buffer_head *dibh; struct buffer_head *dibh;
int error; int error;
if (GFS2_EA_IS_STUFFED(el->el_ea)) { error = gfs2_ea_find(ip, GFS2_EATYPE_SYS, GFS2_POSIX_ACL_ACCESS, &el);
if (error)
return error;
if (GFS2_EA_IS_STUFFED(el.el_ea)) {
error = gfs2_trans_begin(GFS2_SB(&ip->i_inode), RES_DINODE + RES_EATTR, 0); error = gfs2_trans_begin(GFS2_SB(&ip->i_inode), RES_DINODE + RES_EATTR, 0);
if (error) if (error)
return error; return error;
gfs2_trans_add_bh(ip->i_gl, el->el_bh, 1); gfs2_trans_add_bh(ip->i_gl, el.el_bh, 1);
memcpy(GFS2_EA2DATA(el->el_ea), data, memcpy(GFS2_EA2DATA(el.el_ea), data,
GFS2_EA_DATA_LEN(el->el_ea)); GFS2_EA_DATA_LEN(el.el_ea));
} else } else
error = ea_acl_chmod_unstuffed(ip, el->el_ea, data); error = ea_acl_chmod_unstuffed(ip, el.el_ea, data);
if (error) if (error)
return error; return error;
......
...@@ -62,11 +62,7 @@ extern int gfs2_ea_dealloc(struct gfs2_inode *ip); ...@@ -62,11 +62,7 @@ extern int gfs2_ea_dealloc(struct gfs2_inode *ip);
/* Exported to acl.c */ /* Exported to acl.c */
extern int gfs2_ea_find(struct gfs2_inode *ip, int type, const char *name, extern int gfs2_xattr_acl_get(struct gfs2_inode *ip, const char *name, char **data);
struct gfs2_ea_location *el); extern int gfs2_xattr_acl_chmod(struct gfs2_inode *ip, struct iattr *attr, char *data);
extern int gfs2_ea_get_copy(struct gfs2_inode *ip, struct gfs2_ea_location *el,
char *data, size_t size);
extern int gfs2_ea_acl_chmod(struct gfs2_inode *ip, struct gfs2_ea_location *el,
struct iattr *attr, char *data);
#endif /* __EATTR_DOT_H__ */ #endif /* __EATTR_DOT_H__ */
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment