[PATCH] Access Control Lists for tmpfs

Add access control lists for tmpfs. Signed-off-by: Andreas Gruenbacher <agruen@suse.de> Cc: Hugh Dickins <hugh@veritas.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Andreas Gruenbacher <agruen@suse.de> 2006-09-29 05:01:35 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-09-29 12:18:24 -0400
commit: 39f0247d3823e4e0bf8f6838a10362864b1e1053 (patch)
tree: f5808b2bb5fd719c42c7068e2dc43a4b8f402304 /mm/shmem_acl.c
parent: f0c8bd164e1a0585d7e46896553136b4f488bd19 (diff)
1 files changed, 197 insertions, 0 deletions
diff --git a/mm/shmem_acl.c b/mm/shmem_acl.c
new file mode 100644
index 000000000000..c946bf468718
--- /dev/null
+++ b/mm/shmem_acl.c
@@ -0,0 +1,197 @@
+/*
+ * mm/shmem_acl.c
+ *
+ * (C) 2005 Andreas Gruenbacher <agruen@suse.de>
+ *
+ * This file is released under the GPL.
+ */
+#include <linux/fs.h>
+#include <linux/shmem_fs.h>
+#include <linux/xattr.h>
+#include <linux/generic_acl.h>
+/**
+ * shmem_get_acl  -   generic_acl_operations->getacl() operation
+ */
+static struct posix_acl *
+shmem_get_acl(struct inode *inode, int type)
+{
+        struct posix_acl *acl = NULL;
+        spin_lock(&inode->i_lock);
+        switch(type) {
+                case ACL_TYPE_ACCESS:
+                        acl = posix_acl_dup(SHMEM_I(inode)->i_acl);
+                        break;
+                case ACL_TYPE_DEFAULT:
+                        acl = posix_acl_dup(SHMEM_I(inode)->i_default_acl);
+                        break;
+        }
+        spin_unlock(&inode->i_lock);
+        return acl;
+}
+/**
+ * shmem_get_acl  -   generic_acl_operations->setacl() operation
+ */
+static void
+shmem_set_acl(struct inode *inode, int type, struct posix_acl *acl)
+{
+        struct posix_acl *free = NULL;
+        spin_lock(&inode->i_lock);
+        switch(type) {
+                case ACL_TYPE_ACCESS:
+                        free = SHMEM_I(inode)->i_acl;
+                        SHMEM_I(inode)->i_acl = posix_acl_dup(acl);
+                        break;
+                case ACL_TYPE_DEFAULT:
+                        free = SHMEM_I(inode)->i_default_acl;
+                        SHMEM_I(inode)->i_default_acl = posix_acl_dup(acl);
+                        break;
+        }
+        spin_unlock(&inode->i_lock);
+        posix_acl_release(free);
+}
+struct generic_acl_operations shmem_acl_ops = {
+        .getacl = shmem_get_acl,
+        .setacl = shmem_set_acl,
+};
+/**
+ * shmem_list_acl_access, shmem_get_acl_access, shmem_set_acl_access,
+ * shmem_xattr_acl_access_handler  -  plumbing code to implement the
+ * system.posix_acl_access xattr using the generic acl functions.
+ */
+static size_t
+shmem_list_acl_access(struct inode *inode, char *list, size_t list_size,
+                      const char *name, size_t name_len)
+{
+        return generic_acl_list(inode, &shmem_acl_ops, ACL_TYPE_ACCESS,
+                                list, list_size);
+}
+static int
+shmem_get_acl_access(struct inode *inode, const char *name, void *buffer,
+                     size_t size)
+{
+        if (strcmp(name, "") != 0)
+                return -EINVAL;
+        return generic_acl_get(inode, &shmem_acl_ops, ACL_TYPE_ACCESS, buffer,
+                               size);
+}
+static int
+shmem_set_acl_access(struct inode *inode, const char *name, const void *value,
+                     size_t size, int flags)
+{
+        if (strcmp(name, "") != 0)
+                return -EINVAL;
+        return generic_acl_set(inode, &shmem_acl_ops, ACL_TYPE_ACCESS, value,
+                               size);
+}
+struct xattr_handler shmem_xattr_acl_access_handler = {
+        .prefix = POSIX_ACL_XATTR_ACCESS,
+        .list   = shmem_list_acl_access,
+        .get    = shmem_get_acl_access,
+        .set    = shmem_set_acl_access,
+};
+/**
+ * shmem_list_acl_default, shmem_get_acl_default, shmem_set_acl_default,
+ * shmem_xattr_acl_default_handler  -  plumbing code to implement the
+ * system.posix_acl_default xattr using the generic acl functions.
+ */
+static size_t
+shmem_list_acl_default(struct inode *inode, char *list, size_t list_size,
+                       const char *name, size_t name_len)
+{
+        return generic_acl_list(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT,
+                                list, list_size);
+}
+static int
+shmem_get_acl_default(struct inode *inode, const char *name, void *buffer,
+                      size_t size)
+{
+        if (strcmp(name, "") != 0)
+                return -EINVAL;
+        return generic_acl_get(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT, buffer,
+                               size);
+}
+static int
+shmem_set_acl_default(struct inode *inode, const char *name, const void *value,
+                      size_t size, int flags)
+{
+        if (strcmp(name, "") != 0)
+                return -EINVAL;
+        return generic_acl_set(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT, value,
+                               size);
+}
+struct xattr_handler shmem_xattr_acl_default_handler = {
+        .prefix = POSIX_ACL_XATTR_DEFAULT,
+        .list   = shmem_list_acl_default,
+        .get    = shmem_get_acl_default,
+        .set    = shmem_set_acl_default,
+};
+/**
+ * shmem_acl_init  -  Inizialize the acl(s) of a new inode
+ */
+int
+shmem_acl_init(struct inode *inode, struct inode *dir)
+{
+        return generic_acl_init(inode, dir, &shmem_acl_ops);
+}
+/**
+ * shmem_acl_destroy_inode  -  destroy acls hanging off the in-memory inode
+ *
+ * This is done before destroying the actual inode.
+ */
+void
+shmem_acl_destroy_inode(struct inode *inode)
+{
+        if (SHMEM_I(inode)->i_acl)
+                posix_acl_release(SHMEM_I(inode)->i_acl);
+        SHMEM_I(inode)->i_acl = NULL;
+        if (SHMEM_I(inode)->i_default_acl)
+                posix_acl_release(SHMEM_I(inode)->i_default_acl);
+        SHMEM_I(inode)->i_default_acl = NULL;
+}
+/**
+ * shmem_check_acl  -  check_acl() callback for generic_permission()
+ */
+static int
+shmem_check_acl(struct inode *inode, int mask)
+{
+        struct posix_acl *acl = shmem_get_acl(inode, ACL_TYPE_ACCESS);
+        if (acl) {
+                int error = posix_acl_permission(inode, acl, mask);
+                posix_acl_release(acl);
+                return error;
+        }
+        return -EAGAIN;
+}
+/**
+ * shmem_permission  -  permission() inode operation
+ */
+int
+shmem_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+        return generic_permission(inode, mask, shmem_check_acl);
+}
author	Andreas Gruenbacher <agruen@suse.de>	2006-09-29 05:01:35 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-09-29 12:18:24 -0400
commit	39f0247d3823e4e0bf8f6838a10362864b1e1053 (patch)
tree	f5808b2bb5fd719c42c7068e2dc43a4b8f402304 /mm/shmem_acl.c
parent	f0c8bd164e1a0585d7e46896553136b4f488bd19 (diff)

diff --git a/mm/shmem_acl.c b/mm/shmem_acl.c new file mode 100644 index 000000000000..c946bf468718 --- /dev/null +++ b/mm/shmem_acl.c
@@ -0,0 +1,197 @@
	1	/*
	2	* mm/shmem_acl.c
	3	*
	4	* (C) 2005 Andreas Gruenbacher <agruen@suse.de>
	5	*
	6	* This file is released under the GPL.
	7	*/
	8
	9	#include <linux/fs.h>
	10	#include <linux/shmem_fs.h>
	11	#include <linux/xattr.h>
	12	#include <linux/generic_acl.h>
	13
	14	/**
	15	* shmem_get_acl - generic_acl_operations->getacl() operation
	16	*/
	17	static struct posix_acl *
	18	shmem_get_acl(struct inode *inode, int type)
	19	{
	20	struct posix_acl *acl = NULL;
	21
	22	spin_lock(&inode->i_lock);
	23	switch(type) {
	24	case ACL_TYPE_ACCESS:
	25	acl = posix_acl_dup(SHMEM_I(inode)->i_acl);
	26	break;
	27
	28	case ACL_TYPE_DEFAULT:
	29	acl = posix_acl_dup(SHMEM_I(inode)->i_default_acl);
	30	break;
	31	}
	32	spin_unlock(&inode->i_lock);
	33
	34	return acl;
	35	}
	36
	37	/**
	38	* shmem_get_acl - generic_acl_operations->setacl() operation
	39	*/
	40	static void
	41	shmem_set_acl(struct inode inode, int type, struct posix_acl acl)
	42	{
	43	struct posix_acl *free = NULL;
	44
	45	spin_lock(&inode->i_lock);
	46	switch(type) {
	47	case ACL_TYPE_ACCESS:
	48	free = SHMEM_I(inode)->i_acl;
	49	SHMEM_I(inode)->i_acl = posix_acl_dup(acl);
	50	break;
	51
	52	case ACL_TYPE_DEFAULT:
	53	free = SHMEM_I(inode)->i_default_acl;
	54	SHMEM_I(inode)->i_default_acl = posix_acl_dup(acl);
	55	break;
	56	}
	57	spin_unlock(&inode->i_lock);
	58	posix_acl_release(free);
	59	}
	60
	61	struct generic_acl_operations shmem_acl_ops = {
	62	.getacl = shmem_get_acl,
	63	.setacl = shmem_set_acl,
	64	};
	65
	66	/**
	67	* shmem_list_acl_access, shmem_get_acl_access, shmem_set_acl_access,
	68	* shmem_xattr_acl_access_handler - plumbing code to implement the
	69	* system.posix_acl_access xattr using the generic acl functions.
	70	*/
	71
	72	static size_t
	73	shmem_list_acl_access(struct inode inode, char list, size_t list_size,
	74	const char *name, size_t name_len)
	75	{
	76	return generic_acl_list(inode, &shmem_acl_ops, ACL_TYPE_ACCESS,
	77	list, list_size);
	78	}
	79
	80	static int
	81	shmem_get_acl_access(struct inode inode, const char name, void *buffer,
	82	size_t size)
	83	{
	84	if (strcmp(name, "") != 0)
	85	return -EINVAL;
	86	return generic_acl_get(inode, &shmem_acl_ops, ACL_TYPE_ACCESS, buffer,
	87	size);
	88	}
	89
	90	static int
	91	shmem_set_acl_access(struct inode inode, const char name, const void *value,
	92	size_t size, int flags)
	93	{
	94	if (strcmp(name, "") != 0)
	95	return -EINVAL;
	96	return generic_acl_set(inode, &shmem_acl_ops, ACL_TYPE_ACCESS, value,
	97	size);
	98	}
	99
	100	struct xattr_handler shmem_xattr_acl_access_handler = {
	101	.prefix = POSIX_ACL_XATTR_ACCESS,
	102	.list = shmem_list_acl_access,
	103	.get = shmem_get_acl_access,
	104	.set = shmem_set_acl_access,
	105	};
	106
	107	/**
	108	* shmem_list_acl_default, shmem_get_acl_default, shmem_set_acl_default,
	109	* shmem_xattr_acl_default_handler - plumbing code to implement the
	110	* system.posix_acl_default xattr using the generic acl functions.
	111	*/
	112
	113	static size_t
	114	shmem_list_acl_default(struct inode inode, char list, size_t list_size,
	115	const char *name, size_t name_len)
	116	{
	117	return generic_acl_list(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT,
	118	list, list_size);
	119	}
	120
	121	static int
	122	shmem_get_acl_default(struct inode inode, const char name, void *buffer,
	123	size_t size)
	124	{
	125	if (strcmp(name, "") != 0)
	126	return -EINVAL;
	127	return generic_acl_get(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT, buffer,
	128	size);
	129	}
	130
	131	static int
	132	shmem_set_acl_default(struct inode inode, const char name, const void *value,
	133	size_t size, int flags)
	134	{
	135	if (strcmp(name, "") != 0)
	136	return -EINVAL;
	137	return generic_acl_set(inode, &shmem_acl_ops, ACL_TYPE_DEFAULT, value,
	138	size);
	139	}
	140
	141	struct xattr_handler shmem_xattr_acl_default_handler = {
	142	.prefix = POSIX_ACL_XATTR_DEFAULT,
	143	.list = shmem_list_acl_default,
	144	.get = shmem_get_acl_default,
	145	.set = shmem_set_acl_default,
	146	};
	147
	148	/**
	149	* shmem_acl_init - Inizialize the acl(s) of a new inode
	150	*/
	151	int
	152	shmem_acl_init(struct inode inode, struct inode dir)
	153	{
	154	return generic_acl_init(inode, dir, &shmem_acl_ops);
	155	}
	156
	157	/**
	158	* shmem_acl_destroy_inode - destroy acls hanging off the in-memory inode
	159	*
	160	* This is done before destroying the actual inode.
	161	*/
	162
	163	void
	164	shmem_acl_destroy_inode(struct inode *inode)
	165	{
	166	if (SHMEM_I(inode)->i_acl)
	167	posix_acl_release(SHMEM_I(inode)->i_acl);
	168	SHMEM_I(inode)->i_acl = NULL;
	169	if (SHMEM_I(inode)->i_default_acl)
	170	posix_acl_release(SHMEM_I(inode)->i_default_acl);
	171	SHMEM_I(inode)->i_default_acl = NULL;
	172	}
	173
	174	/**
	175	* shmem_check_acl - check_acl() callback for generic_permission()
	176	*/
	177	static int
	178	shmem_check_acl(struct inode *inode, int mask)
	179	{
	180	struct posix_acl *acl = shmem_get_acl(inode, ACL_TYPE_ACCESS);
	181
	182	if (acl) {
	183	int error = posix_acl_permission(inode, acl, mask);
	184	posix_acl_release(acl);
	185	return error;
	186	}
	187	return -EAGAIN;
	188	}
	189
	190	/**
	191	* shmem_permission - permission() inode operation
	192	*/
	193	int
	194	shmem_permission(struct inode inode, int mask, struct nameidata nd)
	195	{
	196	return generic_permission(inode, mask, shmem_check_acl);
	197	}