diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2013-07-11 13:21:23 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-07-11 13:21:23 -0400 |
commit | 19d2f8e0fb7bba99cc585d2467e9fa54a84c8557 (patch) | |
tree | 10f2abe6c32e83f5a6017a2c77335a67af0f0ac4 /fs/9p | |
parent | 746919d2668037f297595da9281a22cd558f3d18 (diff) | |
parent | f2692ea8d5b535277bc06b315eabd32ef4e7a11c (diff) |
Merge tag 'for-linus-3.11-merge-window-part-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ericvh/v9fs
Pull second round of 9p patches from Eric Van Hensbergen:
"Several of these patches were rebased in order to correct style
issues. Only stylistic changes were made versus the patches which
were in linux-next for two weeks. The rebases have been in linux-next
for 3 days and have passed my regressions.
The bulk of these are RDMA fixes and improvements. There's also some
additions on the extended attributes front to support some additional
namespaces and a new option for TCP to force allocation of mount
requests from a priviledged port"
* tag 'for-linus-3.11-merge-window-part-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ericvh/v9fs:
fs/9p: Remove the unused variable "err" in v9fs_vfs_getattr()
9P: Add cancelled() to the transport functions.
9P/RDMA: count posted buffers without a pending request
9P/RDMA: Improve error handling in rdma_request
9P/RDMA: Do not free req->rc in error handling in rdma_request()
9P/RDMA: Use a semaphore to protect the RQ
9P/RDMA: Protect against duplicate replies
9P/RDMA: increase P9_RDMA_MAXSIZE to 1MB
9pnet: refactor struct p9_fcall alloc code
9P/RDMA: rdma_request() needs not allocate req->rc
9P: Fix fcall allocation for rdma
fs/9p: xattr: add trusted and security namespaces
net/9p: add privport option to 9p tcp transport
Diffstat (limited to 'fs/9p')
-rw-r--r-- | fs/9p/Kconfig | 13 | ||||
-rw-r--r-- | fs/9p/Makefile | 4 | ||||
-rw-r--r-- | fs/9p/vfs_inode.c | 2 | ||||
-rw-r--r-- | fs/9p/xattr.c | 4 | ||||
-rw-r--r-- | fs/9p/xattr.h | 2 | ||||
-rw-r--r-- | fs/9p/xattr_security.c | 80 | ||||
-rw-r--r-- | fs/9p/xattr_trusted.c | 80 |
7 files changed, 182 insertions, 3 deletions
diff --git a/fs/9p/Kconfig b/fs/9p/Kconfig index 55abfd62654a..6489e1fc1afd 100644 --- a/fs/9p/Kconfig +++ b/fs/9p/Kconfig | |||
@@ -31,3 +31,16 @@ config 9P_FS_POSIX_ACL | |||
31 | If you don't know what Access Control Lists are, say N | 31 | If you don't know what Access Control Lists are, say N |
32 | 32 | ||
33 | endif | 33 | endif |
34 | |||
35 | |||
36 | config 9P_FS_SECURITY | ||
37 | bool "9P Security Labels" | ||
38 | depends on 9P_FS | ||
39 | help | ||
40 | Security labels support alternative access control models | ||
41 | implemented by security modules like SELinux. This option | ||
42 | enables an extended attribute handler for file security | ||
43 | labels in the 9P filesystem. | ||
44 | |||
45 | If you are not using a security module that requires using | ||
46 | extended attributes for file security labels, say N. | ||
diff --git a/fs/9p/Makefile b/fs/9p/Makefile index ab8c12780634..ff7be98f84f2 100644 --- a/fs/9p/Makefile +++ b/fs/9p/Makefile | |||
@@ -11,7 +11,9 @@ obj-$(CONFIG_9P_FS) := 9p.o | |||
11 | v9fs.o \ | 11 | v9fs.o \ |
12 | fid.o \ | 12 | fid.o \ |
13 | xattr.o \ | 13 | xattr.o \ |
14 | xattr_user.o | 14 | xattr_user.o \ |
15 | xattr_trusted.o | ||
15 | 16 | ||
16 | 9p-$(CONFIG_9P_FSCACHE) += cache.o | 17 | 9p-$(CONFIG_9P_FSCACHE) += cache.o |
17 | 9p-$(CONFIG_9P_FS_POSIX_ACL) += acl.o | 18 | 9p-$(CONFIG_9P_FS_POSIX_ACL) += acl.o |
19 | 9p-$(CONFIG_9P_FS_SECURITY) += xattr_security.o | ||
diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c index d86edc8d3fd0..25b018efb8ab 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c | |||
@@ -1054,13 +1054,11 @@ static int | |||
1054 | v9fs_vfs_getattr(struct vfsmount *mnt, struct dentry *dentry, | 1054 | v9fs_vfs_getattr(struct vfsmount *mnt, struct dentry *dentry, |
1055 | struct kstat *stat) | 1055 | struct kstat *stat) |
1056 | { | 1056 | { |
1057 | int err; | ||
1058 | struct v9fs_session_info *v9ses; | 1057 | struct v9fs_session_info *v9ses; |
1059 | struct p9_fid *fid; | 1058 | struct p9_fid *fid; |
1060 | struct p9_wstat *st; | 1059 | struct p9_wstat *st; |
1061 | 1060 | ||
1062 | p9_debug(P9_DEBUG_VFS, "dentry: %p\n", dentry); | 1061 | p9_debug(P9_DEBUG_VFS, "dentry: %p\n", dentry); |
1063 | err = -EPERM; | ||
1064 | v9ses = v9fs_dentry2v9ses(dentry); | 1062 | v9ses = v9fs_dentry2v9ses(dentry); |
1065 | if (v9ses->cache == CACHE_LOOSE || v9ses->cache == CACHE_FSCACHE) { | 1063 | if (v9ses->cache == CACHE_LOOSE || v9ses->cache == CACHE_FSCACHE) { |
1066 | generic_fillattr(dentry->d_inode, stat); | 1064 | generic_fillattr(dentry->d_inode, stat); |
diff --git a/fs/9p/xattr.c b/fs/9p/xattr.c index c45e016b190f..3c28cdfb8c47 100644 --- a/fs/9p/xattr.c +++ b/fs/9p/xattr.c | |||
@@ -167,9 +167,13 @@ ssize_t v9fs_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size) | |||
167 | 167 | ||
168 | const struct xattr_handler *v9fs_xattr_handlers[] = { | 168 | const struct xattr_handler *v9fs_xattr_handlers[] = { |
169 | &v9fs_xattr_user_handler, | 169 | &v9fs_xattr_user_handler, |
170 | &v9fs_xattr_trusted_handler, | ||
170 | #ifdef CONFIG_9P_FS_POSIX_ACL | 171 | #ifdef CONFIG_9P_FS_POSIX_ACL |
171 | &v9fs_xattr_acl_access_handler, | 172 | &v9fs_xattr_acl_access_handler, |
172 | &v9fs_xattr_acl_default_handler, | 173 | &v9fs_xattr_acl_default_handler, |
173 | #endif | 174 | #endif |
175 | #ifdef CONFIG_9P_FS_SECURITY | ||
176 | &v9fs_xattr_security_handler, | ||
177 | #endif | ||
174 | NULL | 178 | NULL |
175 | }; | 179 | }; |
diff --git a/fs/9p/xattr.h b/fs/9p/xattr.h index eec348a3df71..d3e2ea3840be 100644 --- a/fs/9p/xattr.h +++ b/fs/9p/xattr.h | |||
@@ -20,6 +20,8 @@ | |||
20 | 20 | ||
21 | extern const struct xattr_handler *v9fs_xattr_handlers[]; | 21 | extern const struct xattr_handler *v9fs_xattr_handlers[]; |
22 | extern struct xattr_handler v9fs_xattr_user_handler; | 22 | extern struct xattr_handler v9fs_xattr_user_handler; |
23 | extern struct xattr_handler v9fs_xattr_trusted_handler; | ||
24 | extern struct xattr_handler v9fs_xattr_security_handler; | ||
23 | extern const struct xattr_handler v9fs_xattr_acl_access_handler; | 25 | extern const struct xattr_handler v9fs_xattr_acl_access_handler; |
24 | extern const struct xattr_handler v9fs_xattr_acl_default_handler; | 26 | extern const struct xattr_handler v9fs_xattr_acl_default_handler; |
25 | 27 | ||
diff --git a/fs/9p/xattr_security.c b/fs/9p/xattr_security.c new file mode 100644 index 000000000000..cb247a142a6e --- /dev/null +++ b/fs/9p/xattr_security.c | |||
@@ -0,0 +1,80 @@ | |||
1 | /* | ||
2 | * Copyright IBM Corporation, 2010 | ||
3 | * Author Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> | ||
4 | * | ||
5 | * This program is free software; you can redistribute it and/or modify it | ||
6 | * under the terms of version 2.1 of the GNU Lesser General Public License | ||
7 | * as published by the Free Software Foundation. | ||
8 | * | ||
9 | * This program is distributed in the hope that it would be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||
12 | * | ||
13 | */ | ||
14 | |||
15 | |||
16 | #include <linux/module.h> | ||
17 | #include <linux/string.h> | ||
18 | #include <linux/fs.h> | ||
19 | #include <linux/slab.h> | ||
20 | #include "xattr.h" | ||
21 | |||
22 | static int v9fs_xattr_security_get(struct dentry *dentry, const char *name, | ||
23 | void *buffer, size_t size, int type) | ||
24 | { | ||
25 | int retval; | ||
26 | char *full_name; | ||
27 | size_t name_len; | ||
28 | size_t prefix_len = XATTR_SECURITY_PREFIX_LEN; | ||
29 | |||
30 | if (name == NULL) | ||
31 | return -EINVAL; | ||
32 | |||
33 | if (strcmp(name, "") == 0) | ||
34 | return -EINVAL; | ||
35 | |||
36 | name_len = strlen(name); | ||
37 | full_name = kmalloc(prefix_len + name_len + 1 , GFP_KERNEL); | ||
38 | if (!full_name) | ||
39 | return -ENOMEM; | ||
40 | memcpy(full_name, XATTR_SECURITY_PREFIX, prefix_len); | ||
41 | memcpy(full_name+prefix_len, name, name_len); | ||
42 | full_name[prefix_len + name_len] = '\0'; | ||
43 | |||
44 | retval = v9fs_xattr_get(dentry, full_name, buffer, size); | ||
45 | kfree(full_name); | ||
46 | return retval; | ||
47 | } | ||
48 | |||
49 | static int v9fs_xattr_security_set(struct dentry *dentry, const char *name, | ||
50 | const void *value, size_t size, int flags, int type) | ||
51 | { | ||
52 | int retval; | ||
53 | char *full_name; | ||
54 | size_t name_len; | ||
55 | size_t prefix_len = XATTR_SECURITY_PREFIX_LEN; | ||
56 | |||
57 | if (name == NULL) | ||
58 | return -EINVAL; | ||
59 | |||
60 | if (strcmp(name, "") == 0) | ||
61 | return -EINVAL; | ||
62 | |||
63 | name_len = strlen(name); | ||
64 | full_name = kmalloc(prefix_len + name_len + 1 , GFP_KERNEL); | ||
65 | if (!full_name) | ||
66 | return -ENOMEM; | ||
67 | memcpy(full_name, XATTR_SECURITY_PREFIX, prefix_len); | ||
68 | memcpy(full_name + prefix_len, name, name_len); | ||
69 | full_name[prefix_len + name_len] = '\0'; | ||
70 | |||
71 | retval = v9fs_xattr_set(dentry, full_name, value, size, flags); | ||
72 | kfree(full_name); | ||
73 | return retval; | ||
74 | } | ||
75 | |||
76 | struct xattr_handler v9fs_xattr_security_handler = { | ||
77 | .prefix = XATTR_SECURITY_PREFIX, | ||
78 | .get = v9fs_xattr_security_get, | ||
79 | .set = v9fs_xattr_security_set, | ||
80 | }; | ||
diff --git a/fs/9p/xattr_trusted.c b/fs/9p/xattr_trusted.c new file mode 100644 index 000000000000..e30d33b8a3fb --- /dev/null +++ b/fs/9p/xattr_trusted.c | |||
@@ -0,0 +1,80 @@ | |||
1 | /* | ||
2 | * Copyright IBM Corporation, 2010 | ||
3 | * Author Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> | ||
4 | * | ||
5 | * This program is free software; you can redistribute it and/or modify it | ||
6 | * under the terms of version 2.1 of the GNU Lesser General Public License | ||
7 | * as published by the Free Software Foundation. | ||
8 | * | ||
9 | * This program is distributed in the hope that it would be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||
12 | * | ||
13 | */ | ||
14 | |||
15 | |||
16 | #include <linux/module.h> | ||
17 | #include <linux/string.h> | ||
18 | #include <linux/fs.h> | ||
19 | #include <linux/slab.h> | ||
20 | #include "xattr.h" | ||
21 | |||
22 | static int v9fs_xattr_trusted_get(struct dentry *dentry, const char *name, | ||
23 | void *buffer, size_t size, int type) | ||
24 | { | ||
25 | int retval; | ||
26 | char *full_name; | ||
27 | size_t name_len; | ||
28 | size_t prefix_len = XATTR_TRUSTED_PREFIX_LEN; | ||
29 | |||
30 | if (name == NULL) | ||
31 | return -EINVAL; | ||
32 | |||
33 | if (strcmp(name, "") == 0) | ||
34 | return -EINVAL; | ||
35 | |||
36 | name_len = strlen(name); | ||
37 | full_name = kmalloc(prefix_len + name_len + 1 , GFP_KERNEL); | ||
38 | if (!full_name) | ||
39 | return -ENOMEM; | ||
40 | memcpy(full_name, XATTR_TRUSTED_PREFIX, prefix_len); | ||
41 | memcpy(full_name+prefix_len, name, name_len); | ||
42 | full_name[prefix_len + name_len] = '\0'; | ||
43 | |||
44 | retval = v9fs_xattr_get(dentry, full_name, buffer, size); | ||
45 | kfree(full_name); | ||
46 | return retval; | ||
47 | } | ||
48 | |||
49 | static int v9fs_xattr_trusted_set(struct dentry *dentry, const char *name, | ||
50 | const void *value, size_t size, int flags, int type) | ||
51 | { | ||
52 | int retval; | ||
53 | char *full_name; | ||
54 | size_t name_len; | ||
55 | size_t prefix_len = XATTR_TRUSTED_PREFIX_LEN; | ||
56 | |||
57 | if (name == NULL) | ||
58 | return -EINVAL; | ||
59 | |||
60 | if (strcmp(name, "") == 0) | ||
61 | return -EINVAL; | ||
62 | |||
63 | name_len = strlen(name); | ||
64 | full_name = kmalloc(prefix_len + name_len + 1 , GFP_KERNEL); | ||
65 | if (!full_name) | ||
66 | return -ENOMEM; | ||
67 | memcpy(full_name, XATTR_TRUSTED_PREFIX, prefix_len); | ||
68 | memcpy(full_name + prefix_len, name, name_len); | ||
69 | full_name[prefix_len + name_len] = '\0'; | ||
70 | |||
71 | retval = v9fs_xattr_set(dentry, full_name, value, size, flags); | ||
72 | kfree(full_name); | ||
73 | return retval; | ||
74 | } | ||
75 | |||
76 | struct xattr_handler v9fs_xattr_trusted_handler = { | ||
77 | .prefix = XATTR_TRUSTED_PREFIX, | ||
78 | .get = v9fs_xattr_trusted_get, | ||
79 | .set = v9fs_xattr_trusted_set, | ||
80 | }; | ||