Skip to content

L
linux
Commit 5ebaa2d1 authored by NeilBrown's avatar NeilBrown Committed by Greg Kroah-Hartman
Browse files
Options

staging: lustre: replace all CFS_CAP_* macros with CAP_* 

Lustre defines a few CFS_CAP_* macros which are exactly the
same as the corresponding CAP_* macro, with one exception.

CFS_CAP_SYS_BOOT is 23
CAP_SYS_BOOT is 22.

CFS_CAP_SYS_BOOT is only used through CFS_CAP_FS_MASK and
causes capability 23 (CAP_SYS_NICE) to be dropped in certain
circumstances.
It is probable that the intention was to drop CAP_SYS_BOOT,
and this is what is now done.

CFS_CAP_CHOWN_MASK and CFS_CAP_SYS_RESOURCE_MASK are never
used, so they have been removed.
Signed-off-by: default avatarNeilBrown <neilb@suse.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent f23ccf86
Show whitespace changes
Inline Side-by-side
Showing with 30 additions and 43 deletions
drivers/staging/lustre/include/linux/libcfs/curproc.h
View file @ 5ebaa2d1
...@@ -56,25 +56,15 @@ ...@@ -56,25 +56,15 @@
typedef u32 cfs_cap_t; typedef u32 cfs_cap_t;
#define CFS_CAP_CHOWN 0 #define CFS_CAP_FS_MASK (BIT(CAP_CHOWN) | \
#define CFS_CAP_DAC_OVERRIDE 1 BIT(CAP_DAC_OVERRIDE) | \
#define CFS_CAP_DAC_READ_SEARCH 2 BIT(CAP_DAC_READ_SEARCH) | \
#define CFS_CAP_FOWNER 3 BIT(CAP_FOWNER) | \
#define CFS_CAP_FSETID 4 BIT(CAP_FSETID) | \
#define CFS_CAP_LINUX_IMMUTABLE 9 BIT(CAP_LINUX_IMMUTABLE) | \
#define CFS_CAP_SYS_ADMIN 21 BIT(CAP_SYS_ADMIN) | \
#define CFS_CAP_SYS_BOOT 23 BIT(CAP_SYS_BOOT) | \
#define CFS_CAP_SYS_RESOURCE 24 BIT(CAP_SYS_RESOURCE))
#define CFS_CAP_FS_MASK (BIT(CFS_CAP_CHOWN) | \
BIT(CFS_CAP_DAC_OVERRIDE) | \
BIT(CFS_CAP_DAC_READ_SEARCH) | \
BIT(CFS_CAP_FOWNER) | \
BIT(CFS_CAP_FSETID) | \
BIT(CFS_CAP_LINUX_IMMUTABLE) | \
BIT(CFS_CAP_SYS_ADMIN) | \
BIT(CFS_CAP_SYS_BOOT) | \
BIT(CFS_CAP_SYS_RESOURCE))
void cfs_cap_raise(cfs_cap_t cap); void cfs_cap_raise(cfs_cap_t cap);
void cfs_cap_lower(cfs_cap_t cap); void cfs_cap_lower(cfs_cap_t cap);
......
drivers/staging/lustre/lustre/include/lustre_sec.h
View file @ 5ebaa2d1
...@@ -1058,9 +1058,6 @@ int sptlrpc_current_user_desc_size(void); ...@@ -1058,9 +1058,6 @@ int sptlrpc_current_user_desc_size(void);
int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset); int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset);
int sptlrpc_unpack_user_desc(struct lustre_msg *req, int offset, int swabbed); int sptlrpc_unpack_user_desc(struct lustre_msg *req, int offset, int swabbed);
#define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN)
#define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE)
enum { enum {
LUSTRE_SEC_NONE = 0, LUSTRE_SEC_NONE = 0,
LUSTRE_SEC_REMOTE = 1, LUSTRE_SEC_REMOTE = 1,
......
drivers/staging/lustre/lustre/llite/dir.c
View file @ 5ebaa2d1
...@@ -885,7 +885,7 @@ static int quotactl_ioctl(struct ll_sb_info *sbi, struct if_quotactl *qctl) ...@@ -885,7 +885,7 @@ static int quotactl_ioctl(struct ll_sb_info *sbi, struct if_quotactl *qctl)
switch (cmd) { switch (cmd) {
case Q_SETQUOTA: case Q_SETQUOTA:
case Q_SETINFO: case Q_SETINFO:
if (!capable(CFS_CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
break; break;
case Q_GETQUOTA: case Q_GETQUOTA:
...@@ -893,7 +893,7 @@ static int quotactl_ioctl(struct ll_sb_info *sbi, struct if_quotactl *qctl) ...@@ -893,7 +893,7 @@ static int quotactl_ioctl(struct ll_sb_info *sbi, struct if_quotactl *qctl)
!uid_eq(current_euid(), make_kuid(&init_user_ns, id))) || !uid_eq(current_euid(), make_kuid(&init_user_ns, id))) ||
(type == GRPQUOTA && (type == GRPQUOTA &&
!in_egroup_p(make_kgid(&init_user_ns, id)))) && !in_egroup_p(make_kgid(&init_user_ns, id)))) &&
!capable(CFS_CAP_SYS_ADMIN)) !capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
break; break;
case Q_GETINFO: case Q_GETINFO:
...@@ -1452,7 +1452,7 @@ static long ll_dir_ioctl(struct file *file, unsigned int cmd, unsigned long arg) ...@@ -1452,7 +1452,7 @@ static long ll_dir_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
} }
case OBD_IOC_CHANGELOG_SEND: case OBD_IOC_CHANGELOG_SEND:
case OBD_IOC_CHANGELOG_CLEAR: case OBD_IOC_CHANGELOG_CLEAR:
if (!capable(CFS_CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg, rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg,
...@@ -1556,7 +1556,7 @@ static long ll_dir_ioctl(struct file *file, unsigned int cmd, unsigned long arg) ...@@ -1556,7 +1556,7 @@ static long ll_dir_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
return rc; return rc;
} }
case LL_IOC_HSM_CT_START: case LL_IOC_HSM_CT_START:
if (!capable(CFS_CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg, rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg,
......
drivers/staging/lustre/lustre/llite/file.c
View file @ 5ebaa2d1
...@@ -1315,7 +1315,7 @@ static int ll_lov_setea(struct inode *inode, struct file *file, ...@@ -1315,7 +1315,7 @@ static int ll_lov_setea(struct inode *inode, struct file *file,
sizeof(struct lov_user_ost_data); sizeof(struct lov_user_ost_data);
int rc; int rc;
if (!capable(CFS_CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
lump = libcfs_kvzalloc(lum_size, GFP_NOFS); lump = libcfs_kvzalloc(lum_size, GFP_NOFS);
...@@ -1570,7 +1570,7 @@ int ll_fid2path(struct inode *inode, void __user *arg) ...@@ -1570,7 +1570,7 @@ int ll_fid2path(struct inode *inode, void __user *arg)
size_t outsize; size_t outsize;
int rc; int rc;
if (!capable(CFS_CAP_DAC_READ_SEARCH) && if (!capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH)) !(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
return -EPERM; return -EPERM;
...@@ -1840,7 +1840,7 @@ int ll_hsm_state_set(struct inode *inode, struct hsm_state_set *hss) ...@@ -1840,7 +1840,7 @@ int ll_hsm_state_set(struct inode *inode, struct hsm_state_set *hss)
* NOT defined in HSM_USER_MASK. * NOT defined in HSM_USER_MASK.
*/ */
if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) && if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
!capable(CFS_CAP_SYS_ADMIN)) !capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
/* Detect out-of range archive id */ /* Detect out-of range archive id */
......
drivers/staging/lustre/lustre/llite/llite_lib.c
View file @ 5ebaa2d1
...@@ -1450,7 +1450,7 @@ int ll_setattr_raw(struct dentry *dentry, struct iattr *attr, bool hsm_import) ...@@ -1450,7 +1450,7 @@ int ll_setattr_raw(struct dentry *dentry, struct iattr *attr, bool hsm_import)
/* POSIX: check before ATTR_*TIME_SET set (from setattr_prepare) */ /* POSIX: check before ATTR_*TIME_SET set (from setattr_prepare) */
if (attr->ia_valid & TIMES_SET_FLAGS) { if (attr->ia_valid & TIMES_SET_FLAGS) {
if ((!uid_eq(current_fsuid(), inode->i_uid)) && if ((!uid_eq(current_fsuid(), inode->i_uid)) &&
!capable(CFS_CAP_FOWNER)) !capable(CAP_FOWNER))
return -EPERM; return -EPERM;
} }
...@@ -2597,7 +2597,7 @@ int ll_getparent(struct file *file, struct getparent __user *arg) ...@@ -2597,7 +2597,7 @@ int ll_getparent(struct file *file, struct getparent __user *arg)
u32 linkno; u32 linkno;
int rc; int rc;
if (!capable(CFS_CAP_DAC_READ_SEARCH) && if (!capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH)) !(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
return -EPERM; return -EPERM;
......
drivers/staging/lustre/lustre/llite/xattr.c
View file @ 5ebaa2d1
...@@ -75,7 +75,7 @@ static int xattr_type_filter(struct ll_sb_info *sbi, ...@@ -75,7 +75,7 @@ static int xattr_type_filter(struct ll_sb_info *sbi,
return -EOPNOTSUPP; return -EOPNOTSUPP;
if (handler->flags == XATTR_TRUSTED_T && if (handler->flags == XATTR_TRUSTED_T &&
!capable(CFS_CAP_SYS_ADMIN)) !capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
return 0; return 0;
......
drivers/staging/lustre/lustre/obdclass/linux/linux-module.c
View file @ 5ebaa2d1
...@@ -251,7 +251,7 @@ static long obd_class_ioctl(struct file *filp, unsigned int cmd, ...@@ -251,7 +251,7 @@ static long obd_class_ioctl(struct file *filp, unsigned int cmd,
int err = 0; int err = 0;
/* Allow non-root access for OBD_IOC_PING_TARGET - used by lfs check */ /* Allow non-root access for OBD_IOC_PING_TARGET - used by lfs check */
if (!capable(CFS_CAP_SYS_ADMIN) && (cmd != OBD_IOC_PING_TARGET)) if (!capable(CAP_SYS_ADMIN) && (cmd != OBD_IOC_PING_TARGET))
return err = -EACCES; return err = -EACCES;
if ((cmd & 0xffffff00) == ((int)'T') << 8) /* ignore all tty ioctls */ if ((cmd & 0xffffff00) == ((int)'T') << 8) /* ignore all tty ioctls */
return err = -ENOTTY; return err = -ENOTTY;
......
drivers/staging/lustre/lustre/obdclass/llog.c
View file @ 5ebaa2d1
...@@ -483,12 +483,12 @@ int llog_open(const struct lu_env *env, struct llog_ctxt *ctxt, ...@@ -483,12 +483,12 @@ int llog_open(const struct lu_env *env, struct llog_ctxt *ctxt,
(*lgh)->lgh_ctxt = ctxt; (*lgh)->lgh_ctxt = ctxt;
(*lgh)->lgh_logops = ctxt->loc_logops; (*lgh)->lgh_logops = ctxt->loc_logops;
raised = cfs_cap_raised(CFS_CAP_SYS_RESOURCE); raised = cfs_cap_raised(CAP_SYS_RESOURCE);
if (!raised) if (!raised)
cfs_cap_raise(CFS_CAP_SYS_RESOURCE); cfs_cap_raise(CAP_SYS_RESOURCE);
rc = ctxt->loc_logops->lop_open(env, *lgh, logid, name, open_param); rc = ctxt->loc_logops->lop_open(env, *lgh, logid, name, open_param);
if (!raised) if (!raised)
cfs_cap_lower(CFS_CAP_SYS_RESOURCE); cfs_cap_lower(CAP_SYS_RESOURCE);
if (rc) { if (rc) {
llog_free_handle(*lgh); llog_free_handle(*lgh);
*lgh = NULL; *lgh = NULL;
......
drivers/staging/lustre/lustre/obdecho/echo_client.c
View file @ 5ebaa2d1
...@@ -1502,7 +1502,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len, ...@@ -1502,7 +1502,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
switch (cmd) { switch (cmd) {
case OBD_IOC_CREATE: /* may create echo object */ case OBD_IOC_CREATE: /* may create echo object */
if (!capable(CFS_CAP_SYS_ADMIN)) { if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM; rc = -EPERM;
goto out; goto out;
} }
...@@ -1511,7 +1511,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len, ...@@ -1511,7 +1511,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
goto out; goto out;
case OBD_IOC_DESTROY: case OBD_IOC_DESTROY:
if (!capable(CFS_CAP_SYS_ADMIN)) { if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM; rc = -EPERM;
goto out; goto out;
} }
...@@ -1534,7 +1534,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len, ...@@ -1534,7 +1534,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
goto out; goto out;
case OBD_IOC_SETATTR: case OBD_IOC_SETATTR:
if (!capable(CFS_CAP_SYS_ADMIN)) { if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM; rc = -EPERM;
goto out; goto out;
} }
...@@ -1547,7 +1547,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len, ...@@ -1547,7 +1547,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
goto out; goto out;
case OBD_IOC_BRW_WRITE: case OBD_IOC_BRW_WRITE:
if (!capable(CFS_CAP_SYS_ADMIN)) { if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM; rc = -EPERM;
goto out; goto out;
} }
......
drivers/staging/lustre/lustre/osc/osc_cache.c
View file @ 5ebaa2d1
...@@ -2345,7 +2345,7 @@ int osc_prep_async_page(struct osc_object *osc, struct osc_page *ops, ...@@ -2345,7 +2345,7 @@ int osc_prep_async_page(struct osc_object *osc, struct osc_page *ops,
oap->oap_obj_off = offset; oap->oap_obj_off = offset;
LASSERT(!(offset & ~PAGE_MASK)); LASSERT(!(offset & ~PAGE_MASK));
if (capable(CFS_CAP_SYS_RESOURCE)) if (capable(CAP_SYS_RESOURCE))
oap->oap_brw_flags = OBD_BRW_NOQUOTA; oap->oap_brw_flags = OBD_BRW_NOQUOTA;
INIT_LIST_HEAD(&oap->oap_pending_item); INIT_LIST_HEAD(&oap->oap_pending_item);
...@@ -2384,7 +2384,7 @@ int osc_queue_async_io(const struct lu_env *env, struct cl_io *io, ...@@ -2384,7 +2384,7 @@ int osc_queue_async_io(const struct lu_env *env, struct cl_io *io,
/* Set the OBD_BRW_SRVLOCK before the page is queued. */ /* Set the OBD_BRW_SRVLOCK before the page is queued. */
brw_flags |= ops->ops_srvlock ? OBD_BRW_SRVLOCK : 0; brw_flags |= ops->ops_srvlock ? OBD_BRW_SRVLOCK : 0;
if (capable(CFS_CAP_SYS_RESOURCE)) { if (capable(CAP_SYS_RESOURCE)) {
brw_flags |= OBD_BRW_NOQUOTA; brw_flags |= OBD_BRW_NOQUOTA;
cmd |= OBD_BRW_NOQUOTA; cmd |= OBD_BRW_NOQUOTA;
} }
......
drivers/staging/lustre/lustre/osc/osc_page.c
View file @ 5ebaa2d1
...@@ -307,7 +307,7 @@ void osc_page_submit(const struct lu_env *env, struct osc_page *opg, ...@@ -307,7 +307,7 @@ void osc_page_submit(const struct lu_env *env, struct osc_page *opg,
oap->oap_count = opg->ops_to - opg->ops_from; oap->oap_count = opg->ops_to - opg->ops_from;
oap->oap_brw_flags = brw_flags | OBD_BRW_SYNC; oap->oap_brw_flags = brw_flags | OBD_BRW_SYNC;
if (capable(CFS_CAP_SYS_RESOURCE)) { if (capable(CAP_SYS_RESOURCE)) {
oap->oap_brw_flags |= OBD_BRW_NOQUOTA; oap->oap_brw_flags |= OBD_BRW_NOQUOTA;
oap->oap_cmd |= OBD_BRW_NOQUOTA; oap->oap_cmd |= OBD_BRW_NOQUOTA;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7