aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/jfs/xattr.c51
1 files changed, 9 insertions, 42 deletions
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 9dde36a1eb5d..952da5f917cd 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -758,36 +758,23 @@ static int can_set_system_xattr(struct inode *inode, const char *name,
758static int can_set_xattr(struct inode *inode, const char *name, 758static int can_set_xattr(struct inode *inode, const char *name,
759 const void *value, size_t value_len) 759 const void *value, size_t value_len)
760{ 760{
761 if (IS_RDONLY(inode)) 761 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
762 return -EROFS;
763
764 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
765 return -EPERM;
766
767 if(strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN) == 0)
768 /*
769 * "system.*"
770 */
771 return can_set_system_xattr(inode, name, value, value_len); 762 return can_set_system_xattr(inode, name, value, value_len);
772 763
773 if(strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) == 0) 764 /*
774 return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM); 765 * Don't allow setting an attribute in an unknown namespace.
775 766 */
776#ifdef CONFIG_JFS_SECURITY 767 if (strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) &&
777 if (strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) 768 strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) &&
778 == 0) 769 strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) &&
779 return 0; /* Leave it to the security module */ 770 strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN))
780#endif
781
782 if((strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) != 0) &&
783 (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) != 0))
784 return -EOPNOTSUPP; 771 return -EOPNOTSUPP;
785 772
786 if (!S_ISREG(inode->i_mode) && 773 if (!S_ISREG(inode->i_mode) &&
787 (!S_ISDIR(inode->i_mode) || inode->i_mode &S_ISVTX)) 774 (!S_ISDIR(inode->i_mode) || inode->i_mode &S_ISVTX))
788 return -EPERM; 775 return -EPERM;
789 776
790 return permission(inode, MAY_WRITE, NULL); 777 return 0;
791} 778}
792 779
793int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name, 780int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name,
@@ -957,22 +944,6 @@ int jfs_setxattr(struct dentry *dentry, const char *name, const void *value,
957 return rc; 944 return rc;
958} 945}
959 946
960static int can_get_xattr(struct inode *inode, const char *name)
961{
962#ifdef CONFIG_JFS_SECURITY
963 if(strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) == 0)
964 return 0;
965#endif
966
967 if(strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) == 0)
968 return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM);
969
970 if(strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN) == 0)
971 return 0;
972
973 return permission(inode, MAY_READ, NULL);
974}
975
976ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data, 947ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data,
977 size_t buf_size) 948 size_t buf_size)
978{ 949{
@@ -983,12 +954,8 @@ ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data,
983 ssize_t size; 954 ssize_t size;
984 int namelen = strlen(name); 955 int namelen = strlen(name);
985 char *os2name = NULL; 956 char *os2name = NULL;
986 int rc;
987 char *value; 957 char *value;
988 958
989 if ((rc = can_get_xattr(inode, name)))
990 return rc;
991
992 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { 959 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) {
993 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1, 960 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1,
994 GFP_KERNEL); 961 GFP_KERNEL);