Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
linux
Commits
dd2fa29b
Commit
dd2fa29b
authored
20 years ago
by
Nathan Scott
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[XFS] Remove xfs_iaccess checks on security namespace, needs to be
done outside XFS. SGI Modid: xfs-linux:xfs-kern:170861a
parent
143b1a17
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
34 additions
and
45 deletions
+34
-45
fs/xfs/xfs_acl.c
fs/xfs/xfs_acl.c
+6
-5
fs/xfs/xfs_attr.c
fs/xfs/xfs_attr.c
+25
-39
fs/xfs/xfs_attr.h
fs/xfs/xfs_attr.h
+3
-1
No files found.
fs/xfs/xfs_acl.c
View file @
dd2fa29b
...
...
@@ -340,7 +340,6 @@ xfs_acl_vset(
xfs_acl_vremove
(
vp
,
_ACL_TYPE_ACCESS
);
}
out:
VN_RELE
(
vp
);
_ACL_FREE
(
xfs_acl
);
...
...
@@ -354,13 +353,15 @@ xfs_acl_iaccess(
cred_t
*
cr
)
{
xfs_acl_t
*
acl
;
int
error
;
int
rval
;
if
(
!
(
_ACL_ALLOC
(
acl
)))
return
-
1
;
/* If the file has no ACL return -1. */
if
(
xfs_attr_fetch
(
ip
,
SGI_ACL_FILE
,
(
char
*
)
acl
,
sizeof
(
xfs_acl_t
)))
{
rval
=
sizeof
(
xfs_acl_t
);
if
(
xfs_attr_fetch
(
ip
,
SGI_ACL_FILE
,
SGI_ACL_FILE_SIZE
,
(
char
*
)
acl
,
&
rval
,
ATTR_ROOT
|
ATTR_KERNACCESS
,
cr
))
{
_ACL_FREE
(
acl
);
return
-
1
;
}
...
...
@@ -375,9 +376,9 @@ xfs_acl_iaccess(
/* Synchronize ACL with mode bits */
xfs_acl_sync_mode
(
ip
->
i_d
.
di_mode
,
acl
);
error
=
xfs_acl_access
(
ip
->
i_d
.
di_uid
,
ip
->
i_d
.
di_gid
,
acl
,
mode
,
cr
);
rval
=
xfs_acl_access
(
ip
->
i_d
.
di_uid
,
ip
->
i_d
.
di_gid
,
acl
,
mode
,
cr
);
_ACL_FREE
(
acl
);
return
error
;
return
rval
;
}
STATIC
int
...
...
This diff is collapsed.
Click to expand it.
fs/xfs/xfs_attr.c
View file @
dd2fa29b
...
...
@@ -115,20 +115,12 @@ ktrace_t *xfs_attr_trace_buf;
* Overall external interface routines.
*========================================================================*/
/*ARGSUSED*/
STATIC
int
xfs_attr_get_int
(
xfs_inode_t
*
ip
,
char
*
name
,
char
*
value
,
int
*
valuelenp
,
int
flags
,
int
lock
,
struct
cred
*
cred
)
int
xfs_attr_fetch
(
xfs_inode_t
*
ip
,
char
*
name
,
int
namelen
,
char
*
value
,
int
*
valuelenp
,
int
flags
,
struct
cred
*
cred
)
{
xfs_da_args_t
args
;
int
error
;
int
namelen
;
ASSERT
(
MAXNAMELEN
-
1
<=
0xff
);
/* length is stored in uint8 */
namelen
=
strlen
(
name
);
if
(
namelen
>=
MAXNAMELEN
)
return
(
EFAULT
);
/* match IRIX behaviour */
XFS_STATS_INC
(
xs_attr_get
);
if
(
XFS_FORCED_SHUTDOWN
(
ip
->
i_mount
))
return
(
EIO
);
...
...
@@ -138,12 +130,11 @@ xfs_attr_get_int(xfs_inode_t *ip, char *name, char *value, int *valuelenp,
ip
->
i_d
.
di_anextents
==
0
))
return
(
ENOATTR
);
if
(
lock
)
{
if
(
!
(
flags
&
ATTR_KERNACCESS
)
)
{
xfs_ilock
(
ip
,
XFS_ILOCK_SHARED
);
/*
* Do we answer them, or ignore them?
*/
if
((
error
=
xfs_iaccess
(
ip
,
S_IRUSR
,
cred
)))
{
if
(
!
(
flags
&
ATTR_SECURE
)
&&
((
error
=
xfs_iaccess
(
ip
,
S_IRUSR
,
cred
))))
{
xfs_iunlock
(
ip
,
XFS_ILOCK_SHARED
);
return
(
XFS_ERROR
(
error
));
}
...
...
@@ -161,7 +152,6 @@ xfs_attr_get_int(xfs_inode_t *ip, char *name, char *value, int *valuelenp,
args
.
hashval
=
xfs_da_hashname
(
args
.
name
,
args
.
namelen
);
args
.
dp
=
ip
;
args
.
whichfork
=
XFS_ATTR_FORK
;
args
.
trans
=
NULL
;
/*
* Decide on what work routines to call based on the inode size.
...
...
@@ -178,7 +168,7 @@ xfs_attr_get_int(xfs_inode_t *ip, char *name, char *value, int *valuelenp,
error
=
xfs_attr_node_get
(
&
args
);
}
if
(
lock
)
if
(
!
(
flags
&
ATTR_KERNACCESS
)
)
xfs_iunlock
(
ip
,
XFS_ILOCK_SHARED
);
/*
...
...
@@ -191,21 +181,22 @@ xfs_attr_get_int(xfs_inode_t *ip, char *name, char *value, int *valuelenp,
return
(
error
);
}
int
xfs_attr_fetch
(
xfs_inode_t
*
ip
,
char
*
name
,
char
*
value
,
int
valuelen
)
{
return
xfs_attr_get_int
(
ip
,
name
,
value
,
&
valuelen
,
ATTR_ROOT
,
0
,
NULL
);
}
int
xfs_attr_get
(
bhv_desc_t
*
bdp
,
char
*
name
,
char
*
value
,
int
*
valuelenp
,
int
flags
,
struct
cred
*
cred
)
{
xfs_inode_t
*
ip
=
XFS_BHVTOI
(
bdp
);
int
namelen
;
XFS_STATS_INC
(
xs_attr_get
);
if
(
!
name
)
return
(
EINVAL
);
return
xfs_attr_get_int
(
ip
,
name
,
value
,
valuelenp
,
flags
,
1
,
cred
);
namelen
=
strlen
(
name
);
if
(
namelen
>=
MAXNAMELEN
)
return
(
EFAULT
);
/* match IRIX behaviour */
return
xfs_attr_fetch
(
ip
,
name
,
namelen
,
value
,
valuelenp
,
flags
,
cred
);
}
/*ARGSUSED*/
...
...
@@ -224,22 +215,20 @@ xfs_attr_set(bhv_desc_t *bdp, char *name, char *value, int valuelen, int flags,
int
rsvd
=
(
flags
&
ATTR_ROOT
)
!=
0
;
int
namelen
;
ASSERT
(
MAXNAMELEN
-
1
<=
0xff
);
/* length is stored in uint8 */
namelen
=
strlen
(
name
);
if
(
namelen
>=
MAXNAMELEN
)
return
EFAULT
;
/* match irix
behaviour */
return
EFAULT
;
/* match IRIX
behaviour */
XFS_STATS_INC
(
xs_attr_set
);
/*
* Do we answer them, or ignore them?
*/
dp
=
XFS_BHVTOI
(
bdp
);
mp
=
dp
->
i_mount
;
if
(
XFS_FORCED_SHUTDOWN
(
mp
))
return
(
EIO
);
xfs_ilock
(
dp
,
XFS_ILOCK_SHARED
);
if
((
error
=
xfs_iaccess
(
dp
,
S_IWUSR
,
cred
)))
{
if
(
!
(
flags
&
ATTR_SECURE
)
&&
(
error
=
xfs_iaccess
(
dp
,
S_IWUSR
,
cred
)))
{
xfs_iunlock
(
dp
,
XFS_ILOCK_SHARED
);
return
(
XFS_ERROR
(
error
));
}
...
...
@@ -489,16 +478,14 @@ xfs_attr_remove(bhv_desc_t *bdp, char *name, int flags, struct cred *cred)
XFS_STATS_INC
(
xs_attr_remove
);
/*
* Do we answer them, or ignore them?
*/
dp
=
XFS_BHVTOI
(
bdp
);
mp
=
dp
->
i_mount
;
if
(
XFS_FORCED_SHUTDOWN
(
mp
))
return
(
EIO
);
xfs_ilock
(
dp
,
XFS_ILOCK_SHARED
);
if
((
error
=
xfs_iaccess
(
dp
,
S_IWUSR
,
cred
)))
{
if
(
!
(
flags
&
ATTR_SECURE
)
&&
(
error
=
xfs_iaccess
(
dp
,
S_IWUSR
,
cred
)))
{
xfs_iunlock
(
dp
,
XFS_ILOCK_SHARED
);
return
(
XFS_ERROR
(
error
));
}
else
if
(
XFS_IFORK_Q
(
dp
)
==
0
||
...
...
@@ -683,11 +670,10 @@ xfs_attr_list(bhv_desc_t *bdp, char *buffer, int bufsize, int flags,
if
(
XFS_FORCED_SHUTDOWN
(
dp
->
i_mount
))
return
(
EIO
);
/*
* Do they have permission?
*/
xfs_ilock
(
dp
,
XFS_ILOCK_SHARED
);
if
((
error
=
xfs_iaccess
(
dp
,
S_IRUSR
,
cred
)))
{
if
(
!
(
flags
&
ATTR_SECURE
)
&&
(
error
=
xfs_iaccess
(
dp
,
S_IRUSR
,
cred
)))
{
xfs_iunlock
(
dp
,
XFS_ILOCK_SHARED
);
return
(
XFS_ERROR
(
error
));
}
...
...
This diff is collapsed.
Click to expand it.
fs/xfs/xfs_attr.h
View file @
dd2fa29b
...
...
@@ -92,6 +92,7 @@ extern int attr_generic_list(struct vnode *, void *, size_t, int, ssize_t *);
#define ATTR_REPLACE 0x0020
/* pure set: fail if attr does not exist */
#define ATTR_SYSTEM 0x0100
/* use attrs in system (pseudo) namespace */
#define ATTR_KERNACCESS 0x0400
/* [kernel] iaccess, inode held io-locked */
#define ATTR_KERNOTIME 0x1000
/* [kernel] don't update inode timestamps */
#define ATTR_KERNOVAL 0x2000
/* [kernel] get attr size only, not value */
#define ATTR_KERNAMELS 0x4000
/* [kernel] list attr names (simple list) */
...
...
@@ -186,6 +187,7 @@ int xfs_attr_inactive(struct xfs_inode *dp);
int
xfs_attr_node_get
(
struct
xfs_da_args
*
);
int
xfs_attr_leaf_get
(
struct
xfs_da_args
*
);
int
xfs_attr_shortform_getvalue
(
struct
xfs_da_args
*
);
int
xfs_attr_fetch
(
struct
xfs_inode
*
,
char
*
,
char
*
,
int
);
int
xfs_attr_fetch
(
struct
xfs_inode
*
,
char
*
,
int
,
char
*
,
int
*
,
int
,
struct
cred
*
);
#endif
/* __XFS_ATTR_H__ */
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment