diff options
author | Christoph Hellwig <hch@lst.de> | 2006-01-09 23:52:00 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-01-10 11:01:30 -0500 |
commit | 3542c6e18f6470bad2bde1e94331e4f488a8d3f1 (patch) | |
tree | 3f6cea6d0c3554439b76c219573e7633b2ba97c3 /fs/xfs | |
parent | b98932cb514eef404c6168c9a15cf28851498dea (diff) |
[PATCH] remove xfs xattr permission checks
remove checks now in the VFS
XFS has an additional xattr interface through obscure ioctl. it requires
raised capabilities but we need to add some read-only/immutable checks anyway
Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Nathan Scott <nathans@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/xfs')
-rw-r--r-- | fs/xfs/linux-2.6/xfs_ioctl.c | 5 | ||||
-rw-r--r-- | fs/xfs/xfs_attr.c | 29 |
2 files changed, 8 insertions, 26 deletions
diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c index b78b5eb9e96..f98c5be3dfe 100644 --- a/fs/xfs/linux-2.6/xfs_ioctl.c +++ b/fs/xfs/linux-2.6/xfs_ioctl.c | |||
@@ -530,6 +530,8 @@ xfs_attrmulti_attr_set( | |||
530 | char *kbuf; | 530 | char *kbuf; |
531 | int error = EFAULT; | 531 | int error = EFAULT; |
532 | 532 | ||
533 | if (IS_RDONLY(&vp->v_inode)) | ||
534 | return -EROFS; | ||
533 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) | 535 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) |
534 | return EPERM; | 536 | return EPERM; |
535 | if (len > XATTR_SIZE_MAX) | 537 | if (len > XATTR_SIZE_MAX) |
@@ -557,6 +559,9 @@ xfs_attrmulti_attr_remove( | |||
557 | { | 559 | { |
558 | int error; | 560 | int error; |
559 | 561 | ||
562 | |||
563 | if (IS_RDONLY(&vp->v_inode)) | ||
564 | return -EROFS; | ||
560 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) | 565 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) |
561 | return EPERM; | 566 | return EPERM; |
562 | 567 | ||
diff --git a/fs/xfs/xfs_attr.c b/fs/xfs/xfs_attr.c index 5484eeb460c..1a11c2b5170 100644 --- a/fs/xfs/xfs_attr.c +++ b/fs/xfs/xfs_attr.c | |||
@@ -117,11 +117,6 @@ xfs_attr_fetch(xfs_inode_t *ip, const char *name, int namelen, | |||
117 | ip->i_d.di_anextents == 0)) | 117 | ip->i_d.di_anextents == 0)) |
118 | return(ENOATTR); | 118 | return(ENOATTR); |
119 | 119 | ||
120 | if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) { | ||
121 | if ((error = xfs_iaccess(ip, S_IRUSR, cred))) | ||
122 | return(XFS_ERROR(error)); | ||
123 | } | ||
124 | |||
125 | /* | 120 | /* |
126 | * Fill in the arg structure for this request. | 121 | * Fill in the arg structure for this request. |
127 | */ | 122 | */ |
@@ -425,7 +420,7 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f | |||
425 | struct cred *cred) | 420 | struct cred *cred) |
426 | { | 421 | { |
427 | xfs_inode_t *dp; | 422 | xfs_inode_t *dp; |
428 | int namelen, error; | 423 | int namelen; |
429 | 424 | ||
430 | namelen = strlen(name); | 425 | namelen = strlen(name); |
431 | if (namelen >= MAXNAMELEN) | 426 | if (namelen >= MAXNAMELEN) |
@@ -437,14 +432,6 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f | |||
437 | if (XFS_FORCED_SHUTDOWN(dp->i_mount)) | 432 | if (XFS_FORCED_SHUTDOWN(dp->i_mount)) |
438 | return (EIO); | 433 | return (EIO); |
439 | 434 | ||
440 | xfs_ilock(dp, XFS_ILOCK_SHARED); | ||
441 | if (!(flags & ATTR_SECURE) && | ||
442 | (error = xfs_iaccess(dp, S_IWUSR, cred))) { | ||
443 | xfs_iunlock(dp, XFS_ILOCK_SHARED); | ||
444 | return(XFS_ERROR(error)); | ||
445 | } | ||
446 | xfs_iunlock(dp, XFS_ILOCK_SHARED); | ||
447 | |||
448 | return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags); | 435 | return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags); |
449 | } | 436 | } |
450 | 437 | ||
@@ -579,7 +566,7 @@ int | |||
579 | xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) | 566 | xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) |
580 | { | 567 | { |
581 | xfs_inode_t *dp; | 568 | xfs_inode_t *dp; |
582 | int namelen, error; | 569 | int namelen; |
583 | 570 | ||
584 | namelen = strlen(name); | 571 | namelen = strlen(name); |
585 | if (namelen >= MAXNAMELEN) | 572 | if (namelen >= MAXNAMELEN) |
@@ -592,11 +579,7 @@ xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) | |||
592 | return (EIO); | 579 | return (EIO); |
593 | 580 | ||
594 | xfs_ilock(dp, XFS_ILOCK_SHARED); | 581 | xfs_ilock(dp, XFS_ILOCK_SHARED); |
595 | if (!(flags & ATTR_SECURE) && | 582 | if (XFS_IFORK_Q(dp) == 0 || |
596 | (error = xfs_iaccess(dp, S_IWUSR, cred))) { | ||
597 | xfs_iunlock(dp, XFS_ILOCK_SHARED); | ||
598 | return(XFS_ERROR(error)); | ||
599 | } else if (XFS_IFORK_Q(dp) == 0 || | ||
600 | (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS && | 583 | (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS && |
601 | dp->i_d.di_anextents == 0)) { | 584 | dp->i_d.di_anextents == 0)) { |
602 | xfs_iunlock(dp, XFS_ILOCK_SHARED); | 585 | xfs_iunlock(dp, XFS_ILOCK_SHARED); |
@@ -668,12 +651,6 @@ xfs_attr_list(bhv_desc_t *bdp, char *buffer, int bufsize, int flags, | |||
668 | return (EIO); | 651 | return (EIO); |
669 | 652 | ||
670 | xfs_ilock(dp, XFS_ILOCK_SHARED); | 653 | xfs_ilock(dp, XFS_ILOCK_SHARED); |
671 | if (!(flags & ATTR_SECURE) && | ||
672 | (error = xfs_iaccess(dp, S_IRUSR, cred))) { | ||
673 | xfs_iunlock(dp, XFS_ILOCK_SHARED); | ||
674 | return(XFS_ERROR(error)); | ||
675 | } | ||
676 | |||
677 | /* | 654 | /* |
678 | * Decide on what work routines to call based on the inode size. | 655 | * Decide on what work routines to call based on the inode size. |
679 | */ | 656 | */ |