Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (34 commits) nfsd race fixes: jfs nfsd race fixes: reiserfs nfsd race fixes: ext4 nfsd race fixes: ext3 nfsd race fixes: ext2 nfsd/create race fixes, infrastructure filesystem notification: create fs/notify to contain all fs notification fs/block_dev.c: __read_mostly improvement and sb_is_blkdev_sb utilization kill ->dir_notify() filp_cachep can be static in fs/file_table.c fix f_count description in Documentation/filesystems/files.txt make INIT_FS use the __RW_LOCK_UNLOCKED initialization take init_fs to saner place kill vfs_permission pass a struct path * to may_open kill walk_init_root remove incorrect comment in inode_permission expand some comments (d_path / seq_path) correct wrong function name of d_put in kernel document and source comment fix switch_names() breakage in short-to-short case ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2008-12-31 18:57:56 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2008-12-31 18:57:56 -0500
commit: b58602a4bac012b5f4fc12fe6b46ab237b610d5d (patch)
tree: 38929e210a723f67fe2b945f37264bf3aae3c2c4 /include
parent: db200df0b3530f673d8e9f5bd535e9e10305842a (diff)
parent: 1f3403fa640f9f7b135dee79f2d39d01c8ad4a08 (diff)
7 files changed, 169 insertions, 27 deletions
diff --git a/include/linux/dcache.h b/include/linux/dcache.h
index a37359d0bad1..c66d22487bf8 100644
--- a/include/linux/dcache.h
+++ b/include/linux/dcache.h
@@ -75,14 +75,22 @@ full_name_hash(const unsigned char *name, unsigned int len)
        return end_name_hash(hash);
 }
-struct dcookie_struct;
+/*
+ * Try to keep struct dentry aligned on 64 byte cachelines (this will
-#define DNAME_INLINE_LEN_MIN 36
+ * give reasonable cacheline footprint with larger lines without the
+ * large memory footprint increase).
+ */
+#ifdef CONFIG_64BIT
+#define DNAME_INLINE_LEN_MIN 32 /* 192 bytes */
+#else
+#define DNAME_INLINE_LEN_MIN 40 /* 128 bytes */
+#endif
 struct dentry {
        atomic_t d_count;
        unsigned int d_flags;           /* protected by d_lock */
        spinlock_t d_lock;              /* per dentry lock */
+        int d_mounted;
        struct inode *d_inode;          /* Where the name belongs to - NULL is
                                         * negative */
        /*
@@ -107,10 +115,7 @@ struct dentry {
        struct dentry_operations *d_op;
        struct super_block *d_sb;       /* The root of the dentry tree */
        void *d_fsdata;                 /* fs-specific data */
-#ifdef CONFIG_PROFILING
-        struct dcookie_struct *d_cookie; /* cookie, if any */
-#endif
-        int d_mounted;
        unsigned char d_iname[DNAME_INLINE_LEN_MIN];    /* small names */
 };
@@ -177,6 +182,8 @@ d_iput:		no		no		no       yes
 #define DCACHE_INOTIFY_PARENT_WATCHED   0x0020 /* Parent inode is watched */
+#define DCACHE_COOKIE           0x0040  /* For use by dcookie subsystem */
 extern spinlock_t dcache_lock;
 extern seqlock_t rename_lock;
diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h
index 4aab6f12cfab..09d6c5bbdddd 100644
--- a/include/linux/fdtable.h
+++ b/include/linux/fdtable.h
@@ -57,8 +57,6 @@ struct files_struct {
 #define files_fdtable(files) (rcu_dereference((files)->fdt))
-extern struct kmem_cache *filp_cachep;
 struct file_operations;
 struct vfsmount;
 struct dentry;
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 001ded4845b4..e2170ee21e18 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -21,7 +21,6 @@
 /* Fixed constants first: */
 #undef NR_OPEN
-extern int sysctl_nr_open;
 #define INR_OPEN 1024           /* Initial setting for nfile rlimits */
 #define BLOCK_SIZE_BITS 10
@@ -38,21 +37,13 @@ struct files_stat_struct {
        int nr_free_files;      /* read only */
        int max_files;          /* tunable */
 };
-extern struct files_stat_struct files_stat;
-extern int get_max_files(void);
 struct inodes_stat_t {
        int nr_inodes;
        int nr_unused;
        int dummy[5];           /* padding for sysctl ABI compatibility */
 };
-extern struct inodes_stat_t inodes_stat;
-extern int leases_enable, lease_break_time;
-#ifdef CONFIG_DNOTIFY
-extern int dir_notify_enable;
-#endif
 #define NR_FILE  8192   /* this can well be larger on a larger system */
@@ -330,6 +321,15 @@ extern void __init inode_init(void);
 extern void __init inode_init_early(void);
 extern void __init files_init(unsigned long);
+extern struct files_stat_struct files_stat;
+extern int get_max_files(void);
+extern int sysctl_nr_open;
+extern struct inodes_stat_t inodes_stat;
+extern int leases_enable, lease_break_time;
+#ifdef CONFIG_DNOTIFY
+extern int dir_notify_enable;
+#endif
 struct buffer_head;
 typedef int (get_block_t)(struct inode *inode, sector_t iblock,
                        struct buffer_head *bh_result, int create);
@@ -1212,7 +1212,6 @@ extern void unlock_super(struct super_block *);
 /*
 * VFS helper functions..
 */
-extern int vfs_permission(struct nameidata *, int);
 extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
 extern int vfs_mkdir(struct inode *, struct dentry *, int);
 extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
@@ -1310,7 +1309,6 @@ struct file_operations {
        ssize_t (*sendpage) (struct file *, struct page *, int, size_t, loff_t *, int);
        unsigned long (*get_unmapped_area)(struct file *, unsigned long, unsigned long, unsigned long, unsigned long);
        int (*check_flags)(int);
-        int (*dir_notify)(struct file *filp, unsigned long arg);
        int (*flock) (struct file *, int, struct file_lock *);
        ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, loff_t *, size_t, unsigned int);
        ssize_t (*splice_read)(struct file *, loff_t *, struct pipe_inode_info *, size_t, unsigned int);
@@ -1869,7 +1867,7 @@ extern void free_write_pipe(struct file *);
 extern struct file *do_filp_open(int dfd, const char *pathname,
                int open_flag, int mode);
-extern int may_open(struct nameidata *, int, int);
+extern int may_open(struct path *, int, int);
 extern int kernel_read(struct file *, unsigned long, char *, unsigned long);
 extern struct file * open_exec(const char *);
@@ -1904,6 +1902,8 @@ extern struct inode *ilookup(struct super_block *sb, unsigned long ino);
 extern struct inode * iget5_locked(struct super_block *, unsigned long, int (*test)(struct inode *, void *), int (*set)(struct inode *, void *), void *);
 extern struct inode * iget_locked(struct super_block *, unsigned long);
+extern int insert_inode_locked4(struct inode *, unsigned long, int (*test)(struct inode *, void *), void *);
+extern int insert_inode_locked(struct inode *);
 extern void unlock_new_inode(struct inode *);
 extern void __iget(struct inode * inode);
diff --git a/include/linux/fs_struct.h b/include/linux/fs_struct.h
index 9e5a06e78d02..a97c053d3a9a 100644
--- a/include/linux/fs_struct.h
+++ b/include/linux/fs_struct.h
@@ -10,12 +10,6 @@ struct fs_struct {
        struct path root, pwd;
 };
-#define INIT_FS {                               \
-        .count          = ATOMIC_INIT(1),       \
-        .lock           = RW_LOCK_UNLOCKED,     \
-        .umask          = 0022, \
-}
 extern struct kmem_cache *fs_cachep;
 extern void exit_fs(struct task_struct *);
diff --git a/include/linux/init_task.h b/include/linux/init_task.h
index 959f5522d10a..2f3c2d4ef73b 100644
--- a/include/linux/init_task.h
+++ b/include/linux/init_task.h
@@ -12,6 +12,7 @@
 #include <net/net_namespace.h>
 extern struct files_struct init_files;
+extern struct fs_struct init_fs;
 #define INIT_KIOCTX(name, which_mm) \
 {                                                       \
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 99eb80306dc5..fc2e03579877 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -94,4 +94,9 @@ static inline char *nd_get_link(struct nameidata *nd)
        return nd->saved_names[nd->depth];
 }
+static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
+{
+        ((char *) name)[min(len, maxlen)] = '\0';
+}
 #endif /* _LINUX_NAMEI_H */
diff --git a/include/linux/security.h b/include/linux/security.h
index 3416cb85e77b..b92b5e453f64 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -335,17 +335,37 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @dir contains the inode structure of the parent directory of the new link.
 *      @new_dentry contains the dentry structure for the new link.
 *      Return 0 if permission is granted.
+ * @path_link:
+ *      Check permission before creating a new hard link to a file.
+ *      @old_dentry contains the dentry structure for an existing link
+ *      to the file.
+ *      @new_dir contains the path structure of the parent directory of
+ *      the new link.
+ *      @new_dentry contains the dentry structure for the new link.
+ *      Return 0 if permission is granted.
 * @inode_unlink:
 *      Check the permission to remove a hard link to a file.
 *      @dir contains the inode structure of parent directory of the file.
 *      @dentry contains the dentry structure for file to be unlinked.
 *      Return 0 if permission is granted.
+ * @path_unlink:
+ *      Check the permission to remove a hard link to a file.
+ *      @dir contains the path structure of parent directory of the file.
+ *      @dentry contains the dentry structure for file to be unlinked.
+ *      Return 0 if permission is granted.
 * @inode_symlink:
 *      Check the permission to create a symbolic link to a file.
 *      @dir contains the inode structure of parent directory of the symbolic link.
 *      @dentry contains the dentry structure of the symbolic link.
 *      @old_name contains the pathname of file.
 *      Return 0 if permission is granted.
+ * @path_symlink:
+ *      Check the permission to create a symbolic link to a file.
+ *      @dir contains the path structure of parent directory of
+ *      the symbolic link.
+ *      @dentry contains the dentry structure of the symbolic link.
+ *      @old_name contains the pathname of file.
+ *      Return 0 if permission is granted.
 * @inode_mkdir:
 *      Check permissions to create a new directory in the existing directory
 *      associated with inode strcture @dir.
@@ -353,11 +373,25 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @dentry contains the dentry structure of new directory.
 *      @mode contains the mode of new directory.
 *      Return 0 if permission is granted.
+ * @path_mkdir:
+ *      Check permissions to create a new directory in the existing directory
+ *      associated with path strcture @path.
+ *      @dir containst the path structure of parent of the directory
+ *      to be created.
+ *      @dentry contains the dentry structure of new directory.
+ *      @mode contains the mode of new directory.
+ *      Return 0 if permission is granted.
 * @inode_rmdir:
 *      Check the permission to remove a directory.
 *      @dir contains the inode structure of parent of the directory to be removed.
 *      @dentry contains the dentry structure of directory to be removed.
 *      Return 0 if permission is granted.
+ * @path_rmdir:
+ *      Check the permission to remove a directory.
+ *      @dir contains the path structure of parent of the directory to be
+ *      removed.
+ *      @dentry contains the dentry structure of directory to be removed.
+ *      Return 0 if permission is granted.
 * @inode_mknod:
 *      Check permissions when creating a special file (or a socket or a fifo
 *      file created via the mknod system call).  Note that if mknod operation
@@ -368,6 +402,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @mode contains the mode of the new file.
 *      @dev contains the device number.
 *      Return 0 if permission is granted.
+ * @path_mknod:
+ *      Check permissions when creating a file. Note that this hook is called
+ *      even if mknod operation is being done for a regular file.
+ *      @dir contains the path structure of parent of the new file.
+ *      @dentry contains the dentry structure of the new file.
+ *      @mode contains the mode of the new file.
+ *      @dev contains the undecoded device number. Use new_decode_dev() to get
+ *      the decoded device number.
+ *      Return 0 if permission is granted.
 * @inode_rename:
 *      Check for permission to rename a file or directory.
 *      @old_dir contains the inode structure for parent of the old link.
@@ -375,6 +418,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @new_dir contains the inode structure for parent of the new link.
 *      @new_dentry contains the dentry structure of the new link.
 *      Return 0 if permission is granted.
+ * @path_rename:
+ *      Check for permission to rename a file or directory.
+ *      @old_dir contains the path structure for parent of the old link.
+ *      @old_dentry contains the dentry structure of the old link.
+ *      @new_dir contains the path structure for parent of the new link.
+ *      @new_dentry contains the dentry structure of the new link.
+ *      Return 0 if permission is granted.
 * @inode_readlink:
 *      Check the permission to read the symbolic link.
 *      @dentry contains the dentry structure for the file link.
@@ -403,6 +453,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @dentry contains the dentry structure for the file.
 *      @attr is the iattr structure containing the new file attributes.
 *      Return 0 if permission is granted.
+ * @path_truncate:
+ *      Check permission before truncating a file.
+ *      @path contains the path structure for the file.
+ *      @length is the new length of the file.
+ *      @time_attrs is the flags passed to do_truncate().
+ *      Return 0 if permission is granted.
 * @inode_getattr:
 *      Check permission before obtaining file attributes.
 *      @mnt is the vfsmount where the dentry was looked up
@@ -1331,6 +1387,22 @@ struct security_operations {
                                   struct super_block *newsb);
        int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts);
+#ifdef CONFIG_SECURITY_PATH
+        int (*path_unlink) (struct path *dir, struct dentry *dentry);
+        int (*path_mkdir) (struct path *dir, struct dentry *dentry, int mode);
+        int (*path_rmdir) (struct path *dir, struct dentry *dentry);
+        int (*path_mknod) (struct path *dir, struct dentry *dentry, int mode,
+                           unsigned int dev);
+        int (*path_truncate) (struct path *path, loff_t length,
+                              unsigned int time_attrs);
+        int (*path_symlink) (struct path *dir, struct dentry *dentry,
+                             const char *old_name);
+        int (*path_link) (struct dentry *old_dentry, struct path *new_dir,
+                          struct dentry *new_dentry);
+        int (*path_rename) (struct path *old_dir, struct dentry *old_dentry,
+                            struct path *new_dir, struct dentry *new_dentry);
+#endif
        int (*inode_alloc_security) (struct inode *inode);
        void (*inode_free_security) (struct inode *inode);
        int (*inode_init_security) (struct inode *inode, struct inode *dir,
@@ -2705,6 +2777,71 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
 #endif  /* CONFIG_SECURITY_NETWORK_XFRM */
+#ifdef CONFIG_SECURITY_PATH
+int security_path_unlink(struct path *dir, struct dentry *dentry);
+int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode);
+int security_path_rmdir(struct path *dir, struct dentry *dentry);
+int security_path_mknod(struct path *dir, struct dentry *dentry, int mode,
+                        unsigned int dev);
+int security_path_truncate(struct path *path, loff_t length,
+                           unsigned int time_attrs);
+int security_path_symlink(struct path *dir, struct dentry *dentry,
+                          const char *old_name);
+int security_path_link(struct dentry *old_dentry, struct path *new_dir,
+                       struct dentry *new_dentry);
+int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
+                         struct path *new_dir, struct dentry *new_dentry);
+#else   /* CONFIG_SECURITY_PATH */
+static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
+{
+        return 0;
+}
+static inline int security_path_mkdir(struct path *dir, struct dentry *dentry,
+                                      int mode)
+{
+        return 0;
+}
+static inline int security_path_rmdir(struct path *dir, struct dentry *dentry)
+{
+        return 0;
+}
+static inline int security_path_mknod(struct path *dir, struct dentry *dentry,
+                                      int mode, unsigned int dev)
+{
+        return 0;
+}
+static inline int security_path_truncate(struct path *path, loff_t length,
+                                         unsigned int time_attrs)
+{
+        return 0;
+}
+static inline int security_path_symlink(struct path *dir, struct dentry *dentry,
+                                        const char *old_name)
+{
+        return 0;
+}
+static inline int security_path_link(struct dentry *old_dentry,
+                                     struct path *new_dir,
+                                     struct dentry *new_dentry)
+{
+        return 0;
+}
+static inline int security_path_rename(struct path *old_dir,
+                                       struct dentry *old_dentry,
+                                       struct path *new_dir,
+                                       struct dentry *new_dentry)
+{
+        return 0;
+}
+#endif  /* CONFIG_SECURITY_PATH */
 #ifdef CONFIG_KEYS
 #ifdef CONFIG_SECURITY
author	Linus Torvalds <torvalds@linux-foundation.org>	2008-12-31 18:57:56 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2008-12-31 18:57:56 -0500
commit	b58602a4bac012b5f4fc12fe6b46ab237b610d5d (patch)
tree	38929e210a723f67fe2b945f37264bf3aae3c2c4 /include
parent	db200df0b3530f673d8e9f5bd535e9e10305842a (diff)
parent	1f3403fa640f9f7b135dee79f2d39d01c8ad4a08 (diff)