aboutsummaryrefslogtreecommitdiffstats
path: root/fs/xfs/xfs_attr.c
diff options
context:
space:
mode:
authorChristoph Hellwig <hch@infradead.org>2008-05-19 02:34:34 -0400
committerNiv Sardi <xaiki@debian.org>2008-07-28 02:58:13 -0400
commit911ee3de3d1cb6620e2ac4e0678ff434867e2644 (patch)
tree3ecde1181f6e312073893feee10893fd5be7d9ce /fs/xfs/xfs_attr.c
parentd748c62367eb630cc30b91d561a5362f597a0892 (diff)
[XFS] Kill attr_capable checks as already done in xattr_permission.
No need for addition permission checks in the xattr handler, fs/xattr.c:xattr_permission() already does them, and in fact slightly more strict then what was in the attr_capable handlers. SGI-PV: 981809 SGI-Modid: xfs-linux-melb:xfs-kern:31164a Signed-off-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Tim Shimmin <tes@sgi.com> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Diffstat (limited to 'fs/xfs/xfs_attr.c')
-rw-r--r--fs/xfs/xfs_attr.c41
1 files changed, 0 insertions, 41 deletions
diff --git a/fs/xfs/xfs_attr.c b/fs/xfs/xfs_attr.c
index df151a859186..86d8619f279c 100644
--- a/fs/xfs/xfs_attr.c
+++ b/fs/xfs/xfs_attr.c
@@ -2622,43 +2622,6 @@ attr_lookup_namespace(
2622 return NULL; 2622 return NULL;
2623} 2623}
2624 2624
2625/*
2626 * Some checks to prevent people abusing EAs to get over quota:
2627 * - Don't allow modifying user EAs on devices/symlinks;
2628 * - Don't allow modifying user EAs if sticky bit set;
2629 */
2630STATIC int
2631attr_user_capable(
2632 bhv_vnode_t *vp,
2633 cred_t *cred)
2634{
2635 struct inode *inode = vn_to_inode(vp);
2636
2637 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
2638 return -EPERM;
2639 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) &&
2640 !capable(CAP_SYS_ADMIN))
2641 return -EPERM;
2642 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
2643 (current_fsuid(cred) != inode->i_uid) && !capable(CAP_FOWNER))
2644 return -EPERM;
2645 return 0;
2646}
2647
2648STATIC int
2649attr_trusted_capable(
2650 bhv_vnode_t *vp,
2651 cred_t *cred)
2652{
2653 struct inode *inode = vn_to_inode(vp);
2654
2655 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
2656 return -EPERM;
2657 if (!capable(CAP_SYS_ADMIN))
2658 return -EPERM;
2659 return 0;
2660}
2661
2662STATIC int 2625STATIC int
2663attr_system_set( 2626attr_system_set(
2664 bhv_vnode_t *vp, char *name, void *data, size_t size, int xflags) 2627 bhv_vnode_t *vp, char *name, void *data, size_t size, int xflags)
@@ -2709,7 +2672,6 @@ struct attrnames attr_system = {
2709 .attr_get = attr_system_get, 2672 .attr_get = attr_system_get,
2710 .attr_set = attr_system_set, 2673 .attr_set = attr_system_set,
2711 .attr_remove = attr_system_remove, 2674 .attr_remove = attr_system_remove,
2712 .attr_capable = (attrcapable_t)fs_noerr,
2713}; 2675};
2714 2676
2715struct attrnames attr_trusted = { 2677struct attrnames attr_trusted = {
@@ -2719,7 +2681,6 @@ struct attrnames attr_trusted = {
2719 .attr_get = attr_generic_get, 2681 .attr_get = attr_generic_get,
2720 .attr_set = attr_generic_set, 2682 .attr_set = attr_generic_set,
2721 .attr_remove = attr_generic_remove, 2683 .attr_remove = attr_generic_remove,
2722 .attr_capable = attr_trusted_capable,
2723}; 2684};
2724 2685
2725struct attrnames attr_secure = { 2686struct attrnames attr_secure = {
@@ -2729,7 +2690,6 @@ struct attrnames attr_secure = {
2729 .attr_get = attr_generic_get, 2690 .attr_get = attr_generic_get,
2730 .attr_set = attr_generic_set, 2691 .attr_set = attr_generic_set,
2731 .attr_remove = attr_generic_remove, 2692 .attr_remove = attr_generic_remove,
2732 .attr_capable = (attrcapable_t)fs_noerr,
2733}; 2693};
2734 2694
2735struct attrnames attr_user = { 2695struct attrnames attr_user = {
@@ -2738,7 +2698,6 @@ struct attrnames attr_user = {
2738 .attr_get = attr_generic_get, 2698 .attr_get = attr_generic_get,
2739 .attr_set = attr_generic_set, 2699 .attr_set = attr_generic_set,
2740 .attr_remove = attr_generic_remove, 2700 .attr_remove = attr_generic_remove,
2741 .attr_capable = attr_user_capable,
2742}; 2701};
2743 2702
2744struct attrnames *attr_namespaces[] = 2703struct attrnames *attr_namespaces[] =