summaryrefslogtreecommitdiffstats
path: root/fs/jffs2/acl.c
AgeCommit message (Collapse)Author
2014-01-25jffs2: use generic posix ACL infrastructureChristoph Hellwig
Also don't bother to set up a .get_acl method for symlinks as we do not support access control (ACLs or even mode bits) for symlinks in Linux. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2014-01-25fs: make posix_acl_create more usefulChristoph Hellwig
Rename the current posix_acl_created to __posix_acl_create and add a fully featured helper to set up the ACLs on file creation that uses get_acl(). Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2014-01-25fs: make posix_acl_chmod more usefulChristoph Hellwig
Rename the current posix_acl_chmod to __posix_acl_chmod and add a fully featured ACL chmod helper that uses the ->set_acl inode operation. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-09-21userns: Convert jffs2 to use kuid and kgid where appropriateEric W. Biederman
- General routine uid/gid conversion work - When storing posix acls treat ACL_USER and ACL_GROUP separately so I can call from_kuid or from_kgid as appropriate. - When reading posix acls treat ACL_USER and ACL_GROUP separately so I can call make_kuid or make_kgid as appropriate. Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
2012-09-18userns: Pass a userns parameter into posix_acl_to_xattr and posix_acl_from_xattrEric W. Biederman
- Pass the user namespace the uid and gid values in the xattr are stored in into posix_acl_from_xattr. - Pass the user namespace kuid and kgid values should be converted into when storing uid and gid values in an xattr in posix_acl_to_xattr. - Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to pass in &init_user_ns. In the short term this change is not strictly needed but it makes the code clearer. In the longer term this change is necessary to be able to mount filesystems outside of the initial user namespace that natively store posix acls in the linux xattr format. Cc: Theodore Tso <tytso@mit.edu> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andreas Dilger <adilger.kernel@dilger.ca> Cc: Jan Kara <jack@suse.cz> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2012-03-27jffs2: Use pr_fmt and remove jffs: from formatsJoe Perches
Use pr_fmt to prefix KBUILD_MODNAME to appropriate logging messages. Remove now unnecessary internal prefixes from formats. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2011-08-01switch posix_acl_equiv_mode() to umode_t *Al Viro
... so that &inode->i_mode could be passed to it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-08-01switch posix_acl_create() to umode_t *Al Viro
so we can pass &inode->i_mode to it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25fs: take the ACL checks to common codeChristoph Hellwig
Replace the ->check_acl method with a ->get_acl method that simply reads an ACL from disk after having a cache miss. This means we can replace the ACL checking boilerplate code with a single implementation in namei.c. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25kill boilerplates around posix_acl_create_masq()Al Viro
new helper: posix_acl_create(&acl, gfp, mode_p). Replaces acl with modified clone, on failure releases acl and replaces with NULL. Returns 0 or -ve on error. All callers of posix_acl_create_masq() switched. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25kill boilerplate around posix_acl_chmod_masq()Al Viro
new helper: posix_acl_chmod(&acl, gfp, mode). Replaces acl with modified clone or with NULL if that has failed; returns 0 or -ve on error. All callers of posix_acl_chmod_masq() switched to that - they'd been doing exactly the same thing. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25vfs: move ACL cache lookup into generic codeLinus Torvalds
This moves logic for checking the cached ACL values from low-level filesystems into generic code. The end result is a streamlined ACL check that doesn't need to load the inode->i_op->check_acl pointer at all for the common cached case. The filesystems also don't need to check for a non-blocking RCU walk case in their acl_check() functions, because that is all handled at a VFS layer. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-24fix jffs2 ACLs on big-endian with 16bit mode_tAl Viro
casting int * to mode_t * is not a good thing - on a *lot* of big-endian architectures mode_t happens to be smaller than int and there it breaks quite spectaculary... Fucked-up-by: commit cfc8dc6f6f69ede939e09c2af06a01adee577285 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20->permission() sanitizing: don't pass flags to ->check_acl()Al Viro
not used in the instances anymore. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-03-23userns: rename is_owner_or_cap to inode_owner_or_capableSerge E. Hallyn
And give it a kernel-doc comment. [akpm@linux-foundation.org: btrfs changed in linux-next] Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-01-07fs: provide rcu-walk aware permission i_opsNick Piggin
Signed-off-by: Nick Piggin <npiggin@kernel.dk>
2010-06-07Merge git://git.infradead.org/~dwmw2/mtd-2.6.35Linus Torvalds
* git://git.infradead.org/~dwmw2/mtd-2.6.35: jffs2: update ctime when changing the file's permission by setfacl jffs2: Fix NFS race by using insert_inode_locked() jffs2: Fix in-core inode leaks on error paths mtd: Fix NAND submenu mtd/r852: update card detect early. mtd/r852: Fixes in case of DMA timeout mtd/r852: register IRQ as last step drivers/mtd: Use memdup_user docbook: make mtd nand module init static
2010-06-06jffs2: update ctime when changing the file's permission by setfaclJan Kara
jffs2 didn't update the ctime of the file when its permission was changed. Steps to reproduce: # touch aaa # stat -c %Z aaa 1275289822 # setfacl -m 'u::x,g::x,o::x' aaa # stat -c %Z aaa 1275289822 <- unchanged But, according to the spec of the ctime, jffs2 must update it. Port of ext3 patch by Miao Xie <miaox@cn.fujitsu.com>. Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2010-05-21jffs2: constify xattr_handlerStephen Hemminger
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-12-16sanitize xattr handler prototypesChristoph Hellwig
Add a flags argument to struct xattr_handler and pass it to all xattr handler methods. This allows using the same methods for multiple handlers, e.g. for the ACL methods which perform exactly the same action for the access and default ACLs, just using a different underlying attribute. With a little more groundwork it'll also allow sharing the methods for the regular user/trusted/secure handlers in extN, ocfs2 and jffs2 like it's already done for xfs in this patch. Also change the inode argument to the handlers to a dentry to allow using the handlers mechnism for filesystems that require it later, e.g. cifs. [with GFS2 bits updated by Steven Whitehouse <swhiteho@redhat.com>] Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-09-08jffs2/jfs/xfs: switch over to 'check_acl' rather than 'permission()'Linus Torvalds
This avoids an indirect call in the VFS for each path component lookup. Well, at least as long as you own the directory in question, and the ACL check is unnecessary. Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-06-24Get "no acls for this inode" right, fix shmem breakageAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-06-24helpers for acl caching + switch to thoseAl Viro
helpers: get_cached_acl(inode, type), set_cached_acl(inode, type, acl), forget_cached_acl(inode, type). ubifs/xattr.c needed includes reordered, the rest is a plain switchover. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-06-24switch jffs2 to inode->i_aclAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-04-06Merge git://git.infradead.org/mtd-2.6Linus Torvalds
* git://git.infradead.org/mtd-2.6: (53 commits) [MTD] struct device - replace bus_id with dev_name(), dev_set_name() [MTD] [NOR] Fixup for Numonyx M29W128 chips [MTD] mtdpart: Make ecc_stats more realistic. powerpc/85xx: TQM8548: Update DTS file for multi-chip support powerpc: NAND: FSL UPM: document new bindings [MTD] [NAND] FSL-UPM: Add wait flags to support board/chip specific delays [MTD] [NAND] FSL-UPM: add multi chip support [MTD] [NOR] Add device parent info to physmap_of [MTD] [NAND] Add support for NAND on the Socrates board [MTD] [NAND] Add support for 4KiB pages. [MTD] sysfs support should not depend on CONFIG_PROC_FS [MTD] [NAND] Add parent info for CAFÉ controller [MTD] support driver model updates [MTD] driver model updates (part 2) [MTD] driver model updates [MTD] [NAND] move gen_nand's probe function to .devinit.text [MTD] [MAPS] move sa1100 flash's probe function to .devinit.text [MTD] fix use after free in register_mtd_blktrans [MTD] [MAPS] Drop now unused sharpsl-flash map [MTD] ofpart: Check name property to determine partition nodes. ... Manually fix trivial conflict in drivers/mtd/maps/Makefile
2009-03-31New helper - current_umask()Al Viro
current->fs->umask is what most of fs_struct users are doing. Put that into a helper function. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-03-20[JFFS2] jffs2_acl_count() tests < 0 on unsignedRoel Kluin
size_t s is unsigned and cannot be less than 0. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2008-07-26[PATCH] sanitize ->permission() prototypeAl Viro
* kill nameidata * argument; map the 3 bits in ->flags anybody cares about to new MAY_... ones and pass with the mask. * kill redundant gfs2_iop_permission() * sanitize ecryptfs_permission() * fix remaining places where ->permission() instances might barf on new MAY_... found in mask. The obvious next target in that direction is permission(9) folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-01-08[JFFS2] Add missing call to posix_acl_releaseJulia Lawall
posix_acl_clone does a memory allocation and sets a reference count, so posix_acl_release is needed afterwards to free it. The problem was fixed using the following semantic patch. (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ type T; identifier E; expression E1, E2; int ret; statement S; @@ T E; <+... ( E = \(posix_acl_clone\|posix_acl_alloc\|posix_acl_dup\)(...); if (E == NULL) S | if ((E = \(posix_acl_clone\|posix_acl_alloc\|posix_acl_dup\)(...)) == NULL) S ) ... when != E2 = E when strict ( posix_acl_release(E); | E1 = E; | + posix_acl_release(E); return; | + posix_acl_release(E); return ret; ) ...+> // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-11-06[JFFS2] make jffs2_get_acl() staticAdrian Bunk
jffs2_get_acl() can now become static again. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-10-27[JFFS2] Prevent return of initialised variable in jffs2_init_acl_post()David Woodhouse
Spotted by the Coverity checker, and pointed out by Adrian Bunk. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-10-20[JFFS2] Tidy up fix for ACL/permissions problem.KaiGai Kohei
[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem with standard permissions on newly-created inodes, when POSIX ACLs are enabled. This cleans it up...] The attached patch separate jffs2_init_acl() into two parts. The one is jffs2_init_acl_pre() called from jffs2_new_inode(). It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL objects associated with the new inode just before when inode meta infomation is written to the medium. The other is jffs2_init_acl_post() called from jffs2_symlink(), jffs2_mkdir(), jffs2_mknod() and jffs2_do_create(). It actually writes in-memory ACL objects into the medium next to the success of writing meta-information. In the current implementation, we have to write a same inode meta infomation twice when inode->i_mode is updated by the default ACL. However, we can avoid the behavior by putting an updated i_mode before it is written at first, as jffs2_init_acl_pre() doing. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-08-22[JFFS2] Fix ACL vs. mode handling.David Woodhouse
When POSIX ACL support was enabled, we weren't writing correct legacy modes to the medium on inode creation, or when the ACL was set. This meant that the permissions would be incorrect after the file system was remounted. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-07-17Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid checkSatyam Sharma
Introduce is_owner_or_cap() macro in fs.h, and convert over relevant users to it. This is done because we want to avoid bugs in the future where we check for only effective fsuid of the current task against a file's owning uid, without simultaneously checking for CAP_FOWNER as well, thus violating its semantics. [ XFS uses special macros and structures, and in general looked ... untouchable, so we leave it alone -- but it has been looked over. ] The (current->fsuid != inode->i_uid) check in generic_permission() and exec_permission_lite() is left alone, because those operations are covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone. Signed-off-by: Satyam Sharma <ssatyam@cse.iitk.ac.in> Cc: Al Viro <viro@ftp.linux.org.uk> Acked-by: Serge E. Hallyn <serge@hallyn.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-04-25[JFFS2] Tidy up licensing/copyright boilerplate.David Woodhouse
In particular, remove the bit in the LICENCE file about contacting Red Hat for alternative arrangements. Their errant IS department broke that arrangement a long time ago -- the policy of collecting copyright assignments from contributors came to an end when the plug was pulled on the servers hosting the project, without notice or reason. We do still dual-license it for use with eCos, with the GPL+exception licence approved by the FSF as being GPL-compatible. It's just that nobody has the right to license it differently. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-12-04[PATCH] severing fs.h, radix-tree.h -> sched.hAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-07-02[JFFS2][XATTR] Fix memory leak in POSIX-ACL supportKaiGai Kohei
jffs2_clear_acl() which releases acl caches allocated by kmalloc() was defined but it was never called. Thus, we faced to the risk of memory leaking. This patch plugs jffs2_clear_acl() into jffs2_do_clear_inode(). It ensures to release acl cache when inode is cleared. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-06-27[JFFS2][XATTR] Fix ACL bug when updating null xattr by null ACL.KaiGai Kohei
This patch enable to handle the case when updating null xattr by null ACL. When we try to set NULL into NULL xattr, xattr subsystem returns -ENODATA. This patch enables to handle this error code. [2/3] jffs2-xattr-v6-02-fix_posixacl_bug.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-13[JFFS2][XATTR] remove redundant pointer cast in acl.cKaiGai Kohei
remove redundant pointer cast in acl.c. [10/10] jffs2-xattr-v5.1-10-remove_pointer_cast.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] Unify each file header part with any jffs2 file.KaiGai Kohei
Unify each file header part with any jffs2 file. [7/10] jffs2-xattr-v5.1-07-unify_file_header.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] remove typedef from posix_acl related definition.KaiGai Kohei
jffs2_acl_header, jffs2_acl_entry and jffs2_acl_entry_short were redefined with using 'struct' instead of 'typedef' in kernel implementation. [1/10] jffs2-xattr-v5.1-01-remove_typedef_kernel.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] XATTR support on JFFS2 (version. 5)KaiGai Kohei
This attached patches provide xattr support including POSIX-ACL and SELinux support on JFFS2 (version.5). There are some significant differences from previous version posted at last December. The biggest change is addition of EBS(Erase Block Summary) support. Currently, both kernel and usermode utility (sumtool) can recognize xattr nodes which have JFFS2_NODETYPE_XATTR/_XREF nodetype. In addition, some bugs are fixed. - A potential race condition was fixed. - Unexpected fail when updating a xattr by same name/value pair was fixed. - A bug when removing xattr name/value pair was fixed. The fundamental structures (such as using two new nodetypes and exclusion mechanism by rwsem) are unchanged. But most of implementation were reviewed and updated if necessary. Espacially, we had to change several internal implementations related to load_xattr_datum() to avoid a potential race condition. [1/2] xattr_on_jffs2.kernel.version-5.patch [2/2] xattr_on_jffs2.utils.version-5.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>