Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 00/18] Consolidate Posix ACL implementation
This series consolidates the various cut''n''pasted Posix ACL implementations into a single common one based on the ->get_acl method Linus added a while ago and a new ->set_acl counterpart. This 1600 lines of code and provides a single place to implement various nasty little gems of the semantics. Unfortunately the 9p code is still left out - it implements the ACLs in two very weird ways, one using the common code but on the client only, and one pasing things straight through to the server. We could easily convert it to the new code on the write side if ->set_acl took a dentry, but there''s no cance to do that on the ->get_acl side. Ideas how to handle it welcome. After that we''d be ready to never go into the fs for the ACL attributes and branch straight to the ACL code below the syscall, repairing the old API braindamage of overloading ACLs onto the xattrs. Btw, I''d be almost tempted to do that for all system.* attrs. Besides Posix ACLs we only have CIFS and NFSv4 ACL variants, weird advice crap in f2fs, and the magic mushroom proto name on sockets. ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 01/18] reiserfs: prefix ACL symbols with reiserfs_
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/reiserfs/xattr_acl.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index 06c04f7..6f721ea 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -16,7 +16,7 @@ static int reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct posix_acl *acl); static int -posix_acl_set(struct dentry *dentry, const char *name, const void *value, +reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *value, size_t size, int flags, int type) { struct inode *inode = dentry->d_inode; @@ -65,7 +65,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const void *value, } static int -posix_acl_get(struct dentry *dentry, const char *name, void *buffer, +reiserfs_posix_acl_get(struct dentry *dentry, const char *name, void *buffer, size_t size, int type) { struct posix_acl *acl; @@ -88,7 +88,7 @@ posix_acl_get(struct dentry *dentry, const char *name, void *buffer, /* * Convert from filesystem to in-memory representation. */ -static struct posix_acl *posix_acl_from_disk(const void *value, size_t size) +static struct posix_acl *reiserfs_posix_acl_from_disk(const void *value, size_t size) { const char *end = (char *)value + size; int n, count; @@ -158,7 +158,7 @@ static struct posix_acl *posix_acl_from_disk(const void *value, size_t size) /* * Convert from in-memory to filesystem representation. */ -static void *posix_acl_to_disk(const struct posix_acl *acl, size_t * size) +static void *reiserfs_posix_acl_to_disk(const struct posix_acl *acl, size_t * size) { reiserfs_acl_header *ext_acl; char *e; @@ -257,7 +257,7 @@ struct posix_acl *reiserfs_get_acl(struct inode *inode, int type) } else if (retval < 0) { acl = ERR_PTR(retval); } else { - acl = posix_acl_from_disk(value, retval); + acl = reiserfs_posix_acl_from_disk(value, retval); } if (!IS_ERR(acl)) set_cached_acl(inode, type, acl); @@ -307,7 +307,7 @@ reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, } if (acl) { - value = posix_acl_to_disk(acl, &size); + value = reiserfs_posix_acl_to_disk(acl, &size); if (IS_ERR(value)) return (int)PTR_ERR(value); } @@ -499,8 +499,8 @@ static size_t posix_acl_access_list(struct dentry *dentry, char *list, const struct xattr_handler reiserfs_posix_acl_access_handler = { .prefix = POSIX_ACL_XATTR_ACCESS, .flags = ACL_TYPE_ACCESS, - .get = posix_acl_get, - .set = posix_acl_set, + .get = reiserfs_posix_acl_get, + .set = reiserfs_posix_acl_set, .list = posix_acl_access_list, }; @@ -519,7 +519,7 @@ static size_t posix_acl_default_list(struct dentry *dentry, char *list, const struct xattr_handler reiserfs_posix_acl_default_handler = { .prefix = POSIX_ACL_XATTR_DEFAULT, .flags = ACL_TYPE_DEFAULT, - .get = posix_acl_get, - .set = posix_acl_set, + .get = reiserfs_posix_acl_get, + .set = reiserfs_posix_acl_set, .list = posix_acl_default_list, }; -- 1.7.10.4 _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Factor out the code to get an ACL either from the inode or disk from check_acl, so that it can be used elsewhere later on. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/namei.c | 24 +++--------------------- fs/posix_acl.c | 23 +++++++++++++++++++++++ include/linux/posix_acl.h | 2 ++ 3 files changed, 28 insertions(+), 21 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index c53d3a9..8acd1e8 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -235,27 +235,9 @@ static int check_acl(struct inode *inode, int mask) return posix_acl_permission(inode, acl, mask & ~MAY_NOT_BLOCK); } - acl = get_cached_acl(inode, ACL_TYPE_ACCESS); - - /* - * A filesystem can force a ACL callback by just never filling the - * ACL cache. But normally you''d fill the cache either at inode - * instantiation time, or on the first ->get_acl call. - * - * If the filesystem doesn''t have a get_acl() function at all, we''ll - * just create the negative cache entry. - */ - if (acl == ACL_NOT_CACHED) { - if (inode->i_op->get_acl) { - acl = inode->i_op->get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } else { - set_cached_acl(inode, ACL_TYPE_ACCESS, NULL); - return -EAGAIN; - } - } - + acl = get_acl(inode, ACL_TYPE_ACCESS); + if (IS_ERR(acl)) + return PTR_ERR(acl); if (acl) { int error = posix_acl_permission(inode, acl, mask); posix_acl_release(acl); diff --git a/fs/posix_acl.c b/fs/posix_acl.c index 8bd2135..9dd03e0 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -418,3 +418,26 @@ posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) return err; } EXPORT_SYMBOL(posix_acl_chmod); + +struct posix_acl *get_acl(struct inode *inode, int type) +{ + struct posix_acl *acl; + + acl = get_cached_acl(inode, type); + if (acl != ACL_NOT_CACHED) + return acl; + + /* + * A filesystem can force a ACL callback by just never filling the + * ACL cache. But normally you''d fill the cache either at inode + * instantiation time, or on the first ->get_acl call. + * + * If the filesystem doesn''t have a get_acl() function at all, we''ll + * just create the negative cache entry. + */ + if (!inode->i_op->get_acl) { + set_cached_acl(inode, type, NULL); + return ERR_PTR(-EAGAIN); + } + return inode->i_op->get_acl(inode, type); +} diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index 7931efe..a8d9918 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -175,4 +175,6 @@ static inline void cache_no_acl(struct inode *inode) #endif } +struct posix_acl *get_acl(struct inode *inode, int type); + #endif /* __LINUX_POSIX_ACL_H */ -- 1.7.10.4 ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
This will allow moving all the Posix ACL handling into the VFS and clean up tons of cruft in the filesystems. Signed-off-by: Christoph Hellwig <hch@lst.de> --- include/linux/fs.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/fs.h b/include/linux/fs.h index 121f11f..09f553c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1580,6 +1580,7 @@ struct inode_operations { struct file *, unsigned open_flag, umode_t create_mode, int *opened); int (*tmpfile) (struct inode *, struct dentry *, umode_t); + int (*set_acl)(struct inode *, struct posix_acl *, int); } ____cacheline_aligned; ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector, -- 1.7.10.4 ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
With the ->set_acl inode operation we can implement the Posix ACL xattr handlers in generic code instead of duplicating them all over the tree. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/xattr_acl.c | 95 +++++++++++++++++++++++++++++++++++++++ include/linux/posix_acl_xattr.h | 3 ++ 2 files changed, 98 insertions(+) diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c index 9fbea87..932ec76 100644 --- a/fs/xattr_acl.c +++ b/fs/xattr_acl.c @@ -10,6 +10,7 @@ #include <linux/posix_acl_xattr.h> #include <linux/gfp.h> #include <linux/user_namespace.h> +#include <linux/xattr.h> /* * Fix up the uids and gids in posix acl extended attributes in place. @@ -178,3 +179,97 @@ posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl, return real_size; } EXPORT_SYMBOL (posix_acl_to_xattr); + +static int +posix_acl_xattr_get(struct dentry *dentry, const char *name, + void *value, size_t size, int type) +{ + struct posix_acl *acl; + int error; + + if (!IS_POSIXACL(dentry->d_inode)) + return -EOPNOTSUPP; + + acl = get_acl(dentry->d_inode, type); + if (IS_ERR(acl)) + return PTR_ERR(acl); + if (acl == NULL) + return -ENODATA; + + error = posix_acl_to_xattr(&init_user_ns, acl, value, size); + posix_acl_release(acl); + + return error; +} + +static int +posix_acl_xattr_set(struct dentry *dentry, const char *name, + const void *value, size_t size, int flags, int type) +{ + struct inode *inode = dentry->d_inode; + struct posix_acl *acl = NULL; + int ret; + + if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) + return value ? -EACCES : 0; + if (!inode_owner_or_capable(inode)) + return -EPERM; + if (!IS_POSIXACL(inode)) + return -EOPNOTSUPP; + + if (value) { + acl = posix_acl_from_xattr(&init_user_ns, value, size); + if (IS_ERR(acl)) + return PTR_ERR(acl); + + if (acl) { + ret = posix_acl_valid(acl); + if (ret) + goto out; + } + } + + ret = inode->i_op->set_acl(inode, acl, type); +out: + posix_acl_release(acl); + return ret; +} + +static size_t +posix_acl_xattr_list(struct dentry *dentry, char *list, size_t list_size, + const char *name, size_t name_len, int type) +{ + const char *xname; + size_t size; + + if (!IS_POSIXACL(dentry->d_inode)) + return -EOPNOTSUPP; + + if (type == ACL_TYPE_ACCESS) + xname = POSIX_ACL_XATTR_ACCESS; + else + xname = POSIX_ACL_XATTR_DEFAULT; + + size = strlen(xname) + 1; + if (list && size <= list_size) + memcpy(list, xname, size); + return size; +} + +const struct xattr_handler posix_acl_access_xattr_handler = { + .prefix = POSIX_ACL_XATTR_ACCESS, + .flags = ACL_TYPE_ACCESS, + .list = posix_acl_xattr_list, + .get = posix_acl_xattr_get, + .set = posix_acl_xattr_set, +}; +EXPORT_SYMBOL_GPL(posix_acl_access_xattr_handler); + +const struct xattr_handler posix_acl_default_xattr_handler = { + .prefix = POSIX_ACL_XATTR_DEFAULT, + .flags = ACL_TYPE_DEFAULT, + .list = posix_acl_xattr_list, + .get = posix_acl_xattr_get, + .set = posix_acl_xattr_set, +}; +EXPORT_SYMBOL_GPL(posix_acl_default_xattr_handler); diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h index ad93ad0..6f14ee2 100644 --- a/include/linux/posix_acl_xattr.h +++ b/include/linux/posix_acl_xattr.h @@ -69,4 +69,7 @@ struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns, int posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl, void *buffer, size_t size); +extern const struct xattr_handler posix_acl_access_xattr_handler; +extern const struct xattr_handler posix_acl_default_xattr_handler; + #endif /* _POSIX_ACL_XATTR_H */ -- 1.7.10.4 ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 05/18] fs: make posix_acl_chmod more useful
Rename the current posix_acl_chmod to __posix_acl_chmod and add a fully featured ACL chmod helper that uses the ->set_acl inode operation. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/9p/acl.c | 2 +- fs/btrfs/acl.c | 2 +- fs/ext2/acl.c | 2 +- fs/ext3/acl.c | 2 +- fs/ext4/acl.c | 2 +- fs/f2fs/acl.c | 2 +- fs/generic_acl.c | 2 +- fs/gfs2/acl.c | 2 +- fs/hfsplus/posix_acl.c | 2 +- fs/jffs2/acl.c | 2 +- fs/jfs/acl.c | 2 +- fs/ocfs2/acl.c | 2 +- fs/posix_acl.c | 30 +++++++++++++++++++++++++++--- fs/reiserfs/xattr_acl.c | 2 +- fs/xfs/xfs_acl.c | 2 +- include/linux/posix_acl.h | 17 +++++++++++++---- 16 files changed, 54 insertions(+), 21 deletions(-) diff --git a/fs/9p/acl.c b/fs/9p/acl.c index 7af425f..f5ce5c5 100644 --- a/fs/9p/acl.c +++ b/fs/9p/acl.c @@ -156,7 +156,7 @@ int v9fs_acl_chmod(struct inode *inode, struct p9_fid *fid) return -EOPNOTSUPP; acl = v9fs_get_cached_acl(inode, ACL_TYPE_ACCESS); if (acl) { - retval = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + retval = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (retval) return retval; set_cached_acl(inode, ACL_TYPE_ACCESS, acl); diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c index 0890c83..1af04ff 100644 --- a/fs/btrfs/acl.c +++ b/fs/btrfs/acl.c @@ -256,7 +256,7 @@ int btrfs_acl_chmod(struct inode *inode) if (IS_ERR_OR_NULL(acl)) return PTR_ERR(acl); - ret = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (ret) return ret; ret = btrfs_set_acl(NULL, inode, acl, ACL_TYPE_ACCESS); diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c index 110b6b3..7006ced 100644 --- a/fs/ext2/acl.c +++ b/fs/ext2/acl.c @@ -308,7 +308,7 @@ ext2_acl_chmod(struct inode *inode) acl = ext2_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c index dbb5ad5..6691a6c 100644 --- a/fs/ext3/acl.c +++ b/fs/ext3/acl.c @@ -314,7 +314,7 @@ ext3_acl_chmod(struct inode *inode) acl = ext3_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; retry: diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c index 39a54a0..2eebe02 100644 --- a/fs/ext4/acl.c +++ b/fs/ext4/acl.c @@ -320,7 +320,7 @@ ext4_acl_chmod(struct inode *inode) acl = ext4_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; retry: diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c index d0fc287..14c4df0 100644 --- a/fs/f2fs/acl.c +++ b/fs/f2fs/acl.c @@ -311,7 +311,7 @@ int f2fs_acl_chmod(struct inode *inode) if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_KERNEL, mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, mode); if (error) return error; diff --git a/fs/generic_acl.c b/fs/generic_acl.c index b3f3676..46a5076 100644 --- a/fs/generic_acl.c +++ b/fs/generic_acl.c @@ -158,7 +158,7 @@ generic_acl_chmod(struct inode *inode) return -EOPNOTSUPP; acl = get_cached_acl(inode, ACL_TYPE_ACCESS); if (acl) { - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; set_cached_acl(inode, ACL_TYPE_ACCESS, acl); diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c index f69ac0a..3e200c7 100644 --- a/fs/gfs2/acl.c +++ b/fs/gfs2/acl.c @@ -162,7 +162,7 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) if (!acl) return gfs2_setattr_simple(inode, attr); - error = posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode); + error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode); if (error) return error; diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c index b609cc1..cab5fd6 100644 --- a/fs/hfsplus/posix_acl.c +++ b/fs/hfsplus/posix_acl.c @@ -167,7 +167,7 @@ int hfsplus_posix_acl_chmod(struct inode *inode) if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - err = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + err = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (unlikely(err)) return err; diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c index 223283c..5853969 100644 --- a/fs/jffs2/acl.c +++ b/fs/jffs2/acl.c @@ -335,7 +335,7 @@ int jffs2_acl_chmod(struct inode *inode) acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - rc = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (rc) return rc; rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, acl); diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c index d254d6d..9c0fca8 100644 --- a/fs/jfs/acl.c +++ b/fs/jfs/acl.c @@ -161,7 +161,7 @@ int jfs_acl_chmod(struct inode *inode) if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - rc = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (rc) return rc; diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c index b4f788e..73ccf0e 100644 --- a/fs/ocfs2/acl.c +++ b/fs/ocfs2/acl.c @@ -350,7 +350,7 @@ int ocfs2_acl_chmod(struct inode *inode) acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - ret = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (ret) return ret; ret = ocfs2_set_acl(NULL, inode, NULL, ACL_TYPE_ACCESS, diff --git a/fs/posix_acl.c b/fs/posix_acl.c index 9dd03e0..9f76aaa 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -338,7 +338,7 @@ static int posix_acl_create_masq(struct posix_acl *acl, umode_t *mode_p) /* * Modify the ACL for the chmod syscall. */ -static int posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) +static int __posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) { struct posix_acl_entry *group_obj = NULL, *mask_obj = NULL; struct posix_acl_entry *pa, *pe; @@ -402,12 +402,12 @@ posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) EXPORT_SYMBOL(posix_acl_create); int -posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) +__posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) { struct posix_acl *clone = posix_acl_clone(*acl, gfp); int err = -ENOMEM; if (clone) { - err = posix_acl_chmod_masq(clone, mode); + err = __posix_acl_chmod_masq(clone, mode); if (err) { posix_acl_release(clone); clone = NULL; @@ -417,6 +417,30 @@ posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) *acl = clone; return err; } +EXPORT_SYMBOL(__posix_acl_chmod); + +int +posix_acl_chmod(struct inode *inode) +{ + struct posix_acl *acl; + int ret = 0; + + if (S_ISLNK(inode->i_mode)) + return -EOPNOTSUPP; + if (!IS_POSIXACL(inode)) + return 0; + + acl = get_acl(inode, ACL_TYPE_ACCESS); + if (IS_ERR_OR_NULL(acl)) + return PTR_ERR(acl); + + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + if (ret) + return ret; + ret = inode->i_op->set_acl(inode, acl, ACL_TYPE_ACCESS); + posix_acl_release(acl); + return ret; +} EXPORT_SYMBOL(posix_acl_chmod); struct posix_acl *get_acl(struct inode *inode, int type) diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index 6f721ea..ea4e443 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -463,7 +463,7 @@ int reiserfs_acl_chmod(struct inode *inode) return 0; if (IS_ERR(acl)) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); if (error) return error; diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c index 370eb3e..4eac105 100644 --- a/fs/xfs/xfs_acl.c +++ b/fs/xfs/xfs_acl.c @@ -334,7 +334,7 @@ xfs_acl_chmod(struct inode *inode) if (IS_ERR(acl) || !acl) return PTR_ERR(acl); - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index a8d9918..8b64e78 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -89,12 +89,14 @@ extern int posix_acl_permission(struct inode *, const struct posix_acl *, int); extern struct posix_acl *posix_acl_from_mode(umode_t, gfp_t); extern int posix_acl_equiv_mode(const struct posix_acl *, umode_t *); extern int posix_acl_create(struct posix_acl **, gfp_t, umode_t *); -extern int posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); +extern int __posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); extern struct posix_acl *get_posix_acl(struct inode *, int); extern int set_posix_acl(struct inode *, int, struct posix_acl *); #ifdef CONFIG_FS_POSIX_ACL +extern int posix_acl_chmod(struct inode *); + static inline struct posix_acl **acl_by_type(struct inode *inode, int type) { switch (type) { @@ -165,15 +167,22 @@ static inline void forget_all_cached_acls(struct inode *inode) if (old_default != ACL_NOT_CACHED) posix_acl_release(old_default); } -#endif static inline void cache_no_acl(struct inode *inode) { -#ifdef CONFIG_FS_POSIX_ACL inode->i_acl = NULL; inode->i_default_acl = NULL; -#endif } +#else +static inline int posix_acl_chmod(struct inode *inode) +{ + return 0; +} + +static inline void cache_no_acl(struct inode *inode) +{ +} +#endif /* CONFIG_FS_POSIX_ACL */ struct posix_acl *get_acl(struct inode *inode, int type); -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 06/18] fs: make posix_acl_create more useful
Rename the current posix_acl_created to __posix_acl_create and add a fully featured helper to set up the ACLs on file creation that uses get_acl(). Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/9p/acl.c | 2 +- fs/btrfs/acl.c | 2 +- fs/ext2/acl.c | 2 +- fs/ext3/acl.c | 2 +- fs/ext4/acl.c | 2 +- fs/f2fs/acl.c | 2 +- fs/generic_acl.c | 2 +- fs/gfs2/acl.c | 2 +- fs/hfsplus/posix_acl.c | 2 +- fs/jffs2/acl.c | 2 +- fs/jfs/acl.c | 2 +- fs/nfs/nfs3acl.c | 2 +- fs/ocfs2/acl.c | 2 +- fs/posix_acl.c | 53 +++++++++++++++++++++++++++++++++++++++++++-- fs/reiserfs/xattr_acl.c | 2 +- fs/xfs/xfs_acl.c | 4 ++-- include/linux/posix_acl.h | 6 ++++- 17 files changed, 72 insertions(+), 19 deletions(-) diff --git a/fs/9p/acl.c b/fs/9p/acl.c index f5ce5c5..8482f2d 100644 --- a/fs/9p/acl.c +++ b/fs/9p/acl.c @@ -200,7 +200,7 @@ int v9fs_acl_mode(struct inode *dir, umode_t *modep, if (acl) { if (S_ISDIR(mode)) *dpacl = posix_acl_dup(acl); - retval = posix_acl_create(&acl, GFP_NOFS, &mode); + retval = __posix_acl_create(&acl, GFP_NOFS, &mode); if (retval < 0) return retval; if (retval > 0) diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c index 1af04ff..b56519d 100644 --- a/fs/btrfs/acl.c +++ b/fs/btrfs/acl.c @@ -222,7 +222,7 @@ int btrfs_init_acl(struct btrfs_trans_handle *trans, if (ret) goto failed; } - ret = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); + ret = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); if (ret < 0) return ret; diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c index 7006ced..6e842a7 100644 --- a/fs/ext2/acl.c +++ b/fs/ext2/acl.c @@ -268,7 +268,7 @@ ext2_init_acl(struct inode *inode, struct inode *dir) if (error) goto cleanup; } - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); if (error < 0) return error; if (error > 0) { diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c index 6691a6c..4f3d8fa 100644 --- a/fs/ext3/acl.c +++ b/fs/ext3/acl.c @@ -271,7 +271,7 @@ ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) if (error) goto cleanup; } - error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); + error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); if (error < 0) return error; diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c index 2eebe02..f827f3b 100644 --- a/fs/ext4/acl.c +++ b/fs/ext4/acl.c @@ -276,7 +276,7 @@ ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) if (error) goto cleanup; } - error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); + error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); if (error < 0) return error; diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c index 14c4df0..45e8430 100644 --- a/fs/f2fs/acl.c +++ b/fs/f2fs/acl.c @@ -285,7 +285,7 @@ int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) if (error) goto cleanup; } - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); if (error < 0) return error; if (error > 0) diff --git a/fs/generic_acl.c b/fs/generic_acl.c index 46a5076..4357f39 100644 --- a/fs/generic_acl.c +++ b/fs/generic_acl.c @@ -128,7 +128,7 @@ generic_acl_init(struct inode *inode, struct inode *dir) if (acl) { if (S_ISDIR(inode->i_mode)) set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); if (error < 0) return error; if (error > 0) diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c index 3e200c7..e82e4ac 100644 --- a/fs/gfs2/acl.c +++ b/fs/gfs2/acl.c @@ -131,7 +131,7 @@ int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode) goto out; } - error = posix_acl_create(&acl, GFP_NOFS, &mode); + error = __posix_acl_create(&acl, GFP_NOFS, &mode); if (error < 0) return error; diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c index cab5fd6..277942f 100644 --- a/fs/hfsplus/posix_acl.c +++ b/fs/hfsplus/posix_acl.c @@ -137,7 +137,7 @@ int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir) goto init_acl_cleanup; } - err = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); + err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); if (unlikely(err < 0)) return err; diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c index 5853969..4d6e31b 100644 --- a/fs/jffs2/acl.c +++ b/fs/jffs2/acl.c @@ -295,7 +295,7 @@ int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, umode_t *i_mode if (S_ISDIR(*i_mode)) set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); - rc = posix_acl_create(&acl, GFP_KERNEL, i_mode); + rc = __posix_acl_create(&acl, GFP_KERNEL, i_mode); if (rc < 0) return rc; if (rc > 0) diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c index 9c0fca8..28d529a 100644 --- a/fs/jfs/acl.c +++ b/fs/jfs/acl.c @@ -132,7 +132,7 @@ int jfs_init_acl(tid_t tid, struct inode *inode, struct inode *dir) if (rc) goto cleanup; } - rc = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); + rc = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); if (rc < 0) goto cleanup; /* posix_acl_release(NULL) is no-op */ if (rc > 0) diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c index 4a1aafb..e859675 100644 --- a/fs/nfs/nfs3acl.c +++ b/fs/nfs/nfs3acl.c @@ -428,7 +428,7 @@ int nfs3_proc_set_default_acl(struct inode *dir, struct inode *inode, if (!dfacl) return 0; acl = posix_acl_dup(dfacl); - error = posix_acl_create(&acl, GFP_KERNEL, &mode); + error = __posix_acl_create(&acl, GFP_KERNEL, &mode); if (error < 0) goto out_release_dfacl; error = nfs3_proc_setacls(inode, acl, S_ISDIR(inode->i_mode) ? diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c index 73ccf0e..c0f9d2f 100644 --- a/fs/ocfs2/acl.c +++ b/fs/ocfs2/acl.c @@ -401,7 +401,7 @@ int ocfs2_init_acl(handle_t *handle, goto cleanup; } mode = inode->i_mode; - ret = posix_acl_create(&acl, GFP_NOFS, &mode); + ret = __posix_acl_create(&acl, GFP_NOFS, &mode); if (ret < 0) return ret; diff --git a/fs/posix_acl.c b/fs/posix_acl.c index 9f76aaa..38d6a49 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -384,7 +384,7 @@ static int __posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) } int -posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) +__posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) { struct posix_acl *clone = posix_acl_clone(*acl, gfp); int err = -ENOMEM; @@ -399,7 +399,7 @@ posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) *acl = clone; return err; } -EXPORT_SYMBOL(posix_acl_create); +EXPORT_SYMBOL(__posix_acl_create); int __posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) @@ -443,6 +443,55 @@ posix_acl_chmod(struct inode *inode) } EXPORT_SYMBOL(posix_acl_chmod); +int +posix_acl_create(struct inode *dir, umode_t *mode, + struct posix_acl **default_acl, struct posix_acl **acl) +{ + struct posix_acl *p; + int ret; + + if (S_ISLNK(*mode) || !IS_POSIXACL(dir)) + goto no_acl; + + p = get_acl(dir, ACL_TYPE_DEFAULT); + if (IS_ERR(p)) + return PTR_ERR(p); + + if (!p) { + *mode &= ~current_umask(); + goto no_acl; + } + + *acl = posix_acl_clone(p, GFP_NOFS); + if (!*acl) + return -ENOMEM; + + ret = posix_acl_create_masq(*acl, mode); + if (ret < 0) { + posix_acl_release(*acl); + return -ENOMEM; + } + + if (ret == 0) { + posix_acl_release(*acl); + *acl = NULL; + } + + if (!S_ISDIR(*mode)) { + posix_acl_release(p); + *default_acl = NULL; + } else { + *default_acl = p; + } + return 0; + +no_acl: + *default_acl = NULL; + *acl = NULL; + return 0; +} +EXPORT_SYMBOL_GPL(posix_acl_create); + struct posix_acl *get_acl(struct inode *inode, int type) { struct posix_acl *acl; diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index ea4e443..d95c959 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -378,7 +378,7 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, /* Now we reconcile the new ACL and the mode, potentially modifying both */ - err = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); + err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); if (err < 0) return err; diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c index 4eac105..057ae2d 100644 --- a/fs/xfs/xfs_acl.c +++ b/fs/xfs/xfs_acl.c @@ -297,12 +297,12 @@ xfs_inherit_acl(struct inode *inode, struct posix_acl *acl) goto out; } - error = posix_acl_create(&acl, GFP_KERNEL, &mode); + error = __posix_acl_create(&acl, GFP_KERNEL, &mode); if (error < 0) return error; /* - * If posix_acl_create returns a positive value we need to + * If __posix_acl_create returns a positive value we need to * inherit a permission that can''t be represented using the Unix * mode bits and we actually need to set an ACL. */ diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index 8b64e78..9ec6b45 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -88,14 +88,18 @@ extern int posix_acl_valid(const struct posix_acl *); extern int posix_acl_permission(struct inode *, const struct posix_acl *, int); extern struct posix_acl *posix_acl_from_mode(umode_t, gfp_t); extern int posix_acl_equiv_mode(const struct posix_acl *, umode_t *); -extern int posix_acl_create(struct posix_acl **, gfp_t, umode_t *); +extern int __posix_acl_create(struct posix_acl **, gfp_t, umode_t *); extern int __posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); +extern int posix_acl_prepare(struct inode *dir, struct inode *inode, + umode_t *mode); extern struct posix_acl *get_posix_acl(struct inode *, int); extern int set_posix_acl(struct inode *, int, struct posix_acl *); #ifdef CONFIG_FS_POSIX_ACL extern int posix_acl_chmod(struct inode *); +extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **, + struct posix_acl **); static inline struct posix_acl **acl_by_type(struct inode *inode, int type) { -- 1.7.10.4 ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 07/18] btrfs: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/btrfs/acl.c | 135 ++++++++---------------------------------------------- fs/btrfs/ctree.h | 7 +-- fs/btrfs/inode.c | 7 ++- fs/btrfs/xattr.c | 5 +- fs/btrfs/xattr.h | 2 - 5 files changed, 29 insertions(+), 127 deletions(-) diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c index b56519d..c76c900 100644 --- a/fs/btrfs/acl.c +++ b/fs/btrfs/acl.c @@ -76,31 +76,10 @@ struct posix_acl *btrfs_get_acl(struct inode *inode, int type) return acl; } -static int btrfs_xattr_acl_get(struct dentry *dentry, const char *name, - void *value, size_t size, int type) -{ - struct posix_acl *acl; - int ret = 0; - - if (!IS_POSIXACL(dentry->d_inode)) - return -EOPNOTSUPP; - - acl = btrfs_get_acl(dentry->d_inode, type); - - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - ret = posix_acl_to_xattr(&init_user_ns, acl, value, size); - posix_acl_release(acl); - - return ret; -} - /* * Needs to be called with fs_mutex held */ -static int btrfs_set_acl(struct btrfs_trans_handle *trans, +static int __btrfs_set_acl(struct btrfs_trans_handle *trans, struct inode *inode, struct posix_acl *acl, int type) { int ret, size = 0; @@ -158,35 +137,9 @@ out: return ret; } -static int btrfs_xattr_acl_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) { - int ret; - struct posix_acl *acl = NULL; - - if (!inode_owner_or_capable(dentry->d_inode)) - return -EPERM; - - if (!IS_POSIXACL(dentry->d_inode)) - return -EOPNOTSUPP; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - - if (acl) { - ret = posix_acl_valid(acl); - if (ret) - goto out; - } - } - - ret = btrfs_set_acl(NULL, dentry->d_inode, acl, type); -out: - posix_acl_release(acl); - - return ret; + return __btrfs_set_acl(NULL, inode, acl, type); } /* @@ -197,83 +150,31 @@ out: int btrfs_init_acl(struct btrfs_trans_handle *trans, struct inode *inode, struct inode *dir) { - struct posix_acl *acl = NULL; + struct posix_acl *default_acl, *acl; int ret = 0; /* this happens with subvols */ if (!dir) return 0; - if (!S_ISLNK(inode->i_mode)) { - if (IS_POSIXACL(dir)) { - acl = btrfs_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } + ret = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (ret) + return ret; - if (!acl) - inode->i_mode &= ~current_umask(); + if (default_acl) { + ret = __btrfs_set_acl(trans, inode, default_acl, + ACL_TYPE_DEFAULT); + posix_acl_release(default_acl); } - if (IS_POSIXACL(dir) && acl) { - if (S_ISDIR(inode->i_mode)) { - ret = btrfs_set_acl(trans, inode, acl, - ACL_TYPE_DEFAULT); - if (ret) - goto failed; - } - ret = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); - if (ret < 0) - return ret; - - if (ret > 0) { - /* we need an acl */ - ret = btrfs_set_acl(trans, inode, acl, ACL_TYPE_ACCESS); - } else if (ret < 0) { - cache_no_acl(inode); - } - } else { - cache_no_acl(inode); + if (acl) { + if (!ret) + ret = __btrfs_set_acl(trans, inode, acl, + ACL_TYPE_ACCESS); + posix_acl_release(acl); } -failed: - posix_acl_release(acl); - - return ret; -} -int btrfs_acl_chmod(struct inode *inode) -{ - struct posix_acl *acl; - int ret = 0; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - if (!IS_POSIXACL(inode)) - return 0; - - acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR_OR_NULL(acl)) - return PTR_ERR(acl); - - ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (ret) - return ret; - ret = btrfs_set_acl(NULL, inode, acl, ACL_TYPE_ACCESS); - posix_acl_release(acl); + if (!default_acl && !acl) + cache_no_acl(inode); return ret; } - -const struct xattr_handler btrfs_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .get = btrfs_xattr_acl_get, - .set = btrfs_xattr_acl_set, -}; - -const struct xattr_handler btrfs_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .get = btrfs_xattr_acl_get, - .set = btrfs_xattr_acl_set, -}; diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h index 54ab861..7506825 100644 --- a/fs/btrfs/ctree.h +++ b/fs/btrfs/ctree.h @@ -3899,20 +3899,17 @@ do { \ /* acl.c */ #ifdef CONFIG_BTRFS_FS_POSIX_ACL struct posix_acl *btrfs_get_acl(struct inode *inode, int type); +int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); int btrfs_init_acl(struct btrfs_trans_handle *trans, struct inode *inode, struct inode *dir); -int btrfs_acl_chmod(struct inode *inode); #else #define btrfs_get_acl NULL +#define btrfs_set_acl NULL static inline int btrfs_init_acl(struct btrfs_trans_handle *trans, struct inode *inode, struct inode *dir) { return 0; } -static inline int btrfs_acl_chmod(struct inode *inode) -{ - return 0; -} #endif /* relocation.c */ diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index f1a7744..972e12b 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -4464,7 +4464,7 @@ static int btrfs_setattr(struct dentry *dentry, struct iattr *attr) err = btrfs_dirty_inode(inode); if (!err && attr->ia_valid & ATTR_MODE) - err = btrfs_acl_chmod(inode); + err = posix_acl_chmod(inode); } return err; @@ -8649,12 +8649,14 @@ static const struct inode_operations btrfs_dir_inode_operations = { .removexattr = btrfs_removexattr, .permission = btrfs_permission, .get_acl = btrfs_get_acl, + .set_acl = btrfs_set_acl, .update_time = btrfs_update_time, }; static const struct inode_operations btrfs_dir_ro_inode_operations = { .lookup = btrfs_lookup, .permission = btrfs_permission, .get_acl = btrfs_get_acl, + .set_acl = btrfs_set_acl, .update_time = btrfs_update_time, }; @@ -8724,6 +8726,7 @@ static const struct inode_operations btrfs_file_inode_operations = { .permission = btrfs_permission, .fiemap = btrfs_fiemap, .get_acl = btrfs_get_acl, + .set_acl = btrfs_set_acl, .update_time = btrfs_update_time, }; static const struct inode_operations btrfs_special_inode_operations = { @@ -8735,6 +8738,7 @@ static const struct inode_operations btrfs_special_inode_operations = { .listxattr = btrfs_listxattr, .removexattr = btrfs_removexattr, .get_acl = btrfs_get_acl, + .set_acl = btrfs_set_acl, .update_time = btrfs_update_time, }; static const struct inode_operations btrfs_symlink_inode_operations = { @@ -8749,6 +8753,7 @@ static const struct inode_operations btrfs_symlink_inode_operations = { .listxattr = btrfs_listxattr, .removexattr = btrfs_removexattr, .get_acl = btrfs_get_acl, + .set_acl = btrfs_set_acl, .update_time = btrfs_update_time, }; diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c index 05740b9..3d1c301 100644 --- a/fs/btrfs/xattr.c +++ b/fs/btrfs/xattr.c @@ -22,6 +22,7 @@ #include <linux/rwsem.h> #include <linux/xattr.h> #include <linux/security.h> +#include <linux/posix_acl_xattr.h> #include "ctree.h" #include "btrfs_inode.h" #include "transaction.h" @@ -313,8 +314,8 @@ err: */ const struct xattr_handler *btrfs_xattr_handlers[] = { #ifdef CONFIG_BTRFS_FS_POSIX_ACL - &btrfs_xattr_acl_access_handler, - &btrfs_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif NULL, }; diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h index b3cc803..5049608 100644 --- a/fs/btrfs/xattr.h +++ b/fs/btrfs/xattr.h @@ -21,8 +21,6 @@ #include <linux/xattr.h> -extern const struct xattr_handler btrfs_xattr_acl_access_handler; -extern const struct xattr_handler btrfs_xattr_acl_default_handler; extern const struct xattr_handler *btrfs_xattr_handlers[]; extern ssize_t __btrfs_getxattr(struct inode *inode, const char *name, -- 1.7.10.4 _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 08/18] ext2/3/4: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/ext2/acl.c | 176 ++++----------------------------------------- fs/ext2/acl.h | 8 +-- fs/ext2/file.c | 1 + fs/ext2/inode.c | 2 +- fs/ext2/namei.c | 2 + fs/ext2/xattr.c | 8 +-- fs/ext2/xattr.h | 2 - fs/ext3/acl.c | 213 ++++++++----------------------------------------------- fs/ext3/acl.h | 9 +-- fs/ext3/file.c | 1 + fs/ext3/inode.c | 2 +- fs/ext3/namei.c | 2 + fs/ext3/xattr.c | 8 +-- fs/ext3/xattr.h | 2 - fs/ext4/acl.c | 213 ++++++++----------------------------------------------- fs/ext4/acl.h | 9 +-- fs/ext4/file.c | 1 + fs/ext4/inode.c | 2 +- fs/ext4/namei.c | 2 + fs/ext4/xattr.c | 8 +-- fs/ext4/xattr.h | 2 - 21 files changed, 100 insertions(+), 573 deletions(-) diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c index 6e842a7..f04a295 100644 --- a/fs/ext2/acl.c +++ b/fs/ext2/acl.c @@ -189,8 +189,8 @@ ext2_get_acl(struct inode *inode, int type) /* * inode->i_mutex: down */ -static int -ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl) +int +ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type) { int name_index; void *value = NULL; @@ -250,169 +250,21 @@ ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl) int ext2_init_acl(struct inode *inode, struct inode *dir) { - struct posix_acl *acl = NULL; - int error = 0; - - if (!S_ISLNK(inode->i_mode)) { - if (test_opt(dir->i_sb, POSIX_ACL)) { - acl = ext2_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (!acl) - inode->i_mode &= ~current_umask(); - } - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { - if (S_ISDIR(inode->i_mode)) { - error = ext2_set_acl(inode, ACL_TYPE_DEFAULT, acl); - if (error) - goto cleanup; - } - error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); - if (error < 0) - return error; - if (error > 0) { - /* This is an extended ACL */ - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); - } - } -cleanup: - posix_acl_release(acl); - return error; -} - -/* - * Does chmod for an inode that may have an Access Control List. The - * inode->i_mode field must be updated to the desired value by the caller - * before calling this function. - * Returns 0 on success, or a negative error number. - * - * We change the ACL rather than storing some ACL entries in the file - * mode permission bits (which would be more efficient), because that - * would break once additional permissions (like ACL_APPEND, ACL_DELETE - * for directories) are added. There are no more bits available in the - * file mode. - * - * inode->i_mutex: down - */ -int -ext2_acl_chmod(struct inode *inode) -{ - struct posix_acl *acl; - int error; + struct posix_acl *default_acl, *acl; + int error; - if (!test_opt(inode->i_sb, POSIX_ACL)) - return 0; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - acl = ext2_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); if (error) return error; - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); - posix_acl_release(acl); - return error; -} - -/* - * Extended attribut handlers - */ -static size_t -ext2_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_size, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_size) - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); - return size; -} -static size_t -ext2_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_size, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_size) - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); - return size; -} - -static int -ext2_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, - size_t size, int type) -{ - struct posix_acl *acl; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return -EOPNOTSUPP; - - acl = ext2_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int -ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int type) -{ - struct posix_acl *acl; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(dentry->d_inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - error = posix_acl_valid(acl); - if (error) - goto release_and_out; - } - } else - acl = NULL; - - error = ext2_set_acl(dentry->d_inode, type, acl); - -release_and_out: - posix_acl_release(acl); + if (default_acl) { + error = ext2_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); + posix_acl_release(default_acl); + } + if (acl) { + if (!error) + error = ext2_set_acl(inode, acl, ACL_TYPE_ACCESS); + posix_acl_release(acl); + } return error; } - -const struct xattr_handler ext2_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = ext2_xattr_list_acl_access, - .get = ext2_xattr_get_acl, - .set = ext2_xattr_set_acl, -}; - -const struct xattr_handler ext2_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = ext2_xattr_list_acl_default, - .get = ext2_xattr_get_acl, - .set = ext2_xattr_set_acl, -}; diff --git a/fs/ext2/acl.h b/fs/ext2/acl.h index 503bfb0..44937f9 100644 --- a/fs/ext2/acl.h +++ b/fs/ext2/acl.h @@ -55,7 +55,7 @@ static inline int ext2_acl_count(size_t size) /* acl.c */ extern struct posix_acl *ext2_get_acl(struct inode *inode, int type); -extern int ext2_acl_chmod (struct inode *); +extern int ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int ext2_init_acl (struct inode *, struct inode *); #else @@ -63,12 +63,6 @@ extern int ext2_init_acl (struct inode *, struct inode *); #define ext2_get_acl NULL #define ext2_set_acl NULL -static inline int -ext2_acl_chmod (struct inode *inode) -{ - return 0; -} - static inline int ext2_init_acl (struct inode *inode, struct inode *dir) { return 0; diff --git a/fs/ext2/file.c b/fs/ext2/file.c index a5b3a5d..44c36e5 100644 --- a/fs/ext2/file.c +++ b/fs/ext2/file.c @@ -103,5 +103,6 @@ const struct inode_operations ext2_file_inode_operations = { #endif .setattr = ext2_setattr, .get_acl = ext2_get_acl, + .set_acl = ext2_set_acl, .fiemap = ext2_fiemap, }; diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c index 8a33764..1be8866 100644 --- a/fs/ext2/inode.c +++ b/fs/ext2/inode.c @@ -1566,7 +1566,7 @@ int ext2_setattr(struct dentry *dentry, struct iattr *iattr) } setattr_copy(inode, iattr); if (iattr->ia_valid & ATTR_MODE) - error = ext2_acl_chmod(inode); + error = posix_acl_chmod(inode); mark_inode_dirty(inode); return error; diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c index 256dd5f..c268d0a 100644 --- a/fs/ext2/namei.c +++ b/fs/ext2/namei.c @@ -421,6 +421,7 @@ const struct inode_operations ext2_dir_inode_operations = { #endif .setattr = ext2_setattr, .get_acl = ext2_get_acl, + .set_acl = ext2_set_acl, .tmpfile = ext2_tmpfile, }; @@ -433,4 +434,5 @@ const struct inode_operations ext2_special_inode_operations = { #endif .setattr = ext2_setattr, .get_acl = ext2_get_acl, + .set_acl = ext2_set_acl, }; diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c index 2d7557d..9142614 100644 --- a/fs/ext2/xattr.c +++ b/fs/ext2/xattr.c @@ -103,8 +103,8 @@ static struct mb_cache *ext2_xattr_cache; static const struct xattr_handler *ext2_xattr_handler_map[] = { [EXT2_XATTR_INDEX_USER] = &ext2_xattr_user_handler, #ifdef CONFIG_EXT2_FS_POSIX_ACL - [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext2_xattr_acl_access_handler, - [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext2_xattr_acl_default_handler, + [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, + [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, #endif [EXT2_XATTR_INDEX_TRUSTED] = &ext2_xattr_trusted_handler, #ifdef CONFIG_EXT2_FS_SECURITY @@ -116,8 +116,8 @@ const struct xattr_handler *ext2_xattr_handlers[] = { &ext2_xattr_user_handler, &ext2_xattr_trusted_handler, #ifdef CONFIG_EXT2_FS_POSIX_ACL - &ext2_xattr_acl_access_handler, - &ext2_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif #ifdef CONFIG_EXT2_FS_SECURITY &ext2_xattr_security_handler, diff --git a/fs/ext2/xattr.h b/fs/ext2/xattr.h index 5e41ccc..60edf29 100644 --- a/fs/ext2/xattr.h +++ b/fs/ext2/xattr.h @@ -57,8 +57,6 @@ struct ext2_xattr_entry { extern const struct xattr_handler ext2_xattr_user_handler; extern const struct xattr_handler ext2_xattr_trusted_handler; -extern const struct xattr_handler ext2_xattr_acl_access_handler; -extern const struct xattr_handler ext2_xattr_acl_default_handler; extern const struct xattr_handler ext2_xattr_security_handler; extern ssize_t ext2_listxattr(struct dentry *, char *, size_t); diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c index 4f3d8fa..e9cb33f 100644 --- a/fs/ext3/acl.c +++ b/fs/ext3/acl.c @@ -190,7 +190,7 @@ ext3_get_acl(struct inode *inode, int type) * inode->i_mutex: down unless called from ext3_new_inode */ static int -ext3_set_acl(handle_t *handle, struct inode *inode, int type, +__ext3_set_acl(handle_t *handle, struct inode *inode, int type, struct posix_acl *acl) { int name_index; @@ -243,204 +243,49 @@ ext3_set_acl(handle_t *handle, struct inode *inode, int type, return error; } -/* - * Initialize the ACLs of a new inode. Called from ext3_new_inode. - * - * dir->i_mutex: down - * inode->i_mutex: up (access to inode is still exclusive) - */ -int -ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) -{ - struct posix_acl *acl = NULL; - int error = 0; - - if (!S_ISLNK(inode->i_mode)) { - if (test_opt(dir->i_sb, POSIX_ACL)) { - acl = ext3_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (!acl) - inode->i_mode &= ~current_umask(); - } - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { - if (S_ISDIR(inode->i_mode)) { - error = ext3_set_acl(handle, inode, - ACL_TYPE_DEFAULT, acl); - if (error) - goto cleanup; - } - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); - if (error < 0) - return error; - - if (error > 0) { - /* This is an extended ACL */ - error = ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); - } - } -cleanup: - posix_acl_release(acl); - return error; -} - -/* - * Does chmod for an inode that may have an Access Control List. The - * inode->i_mode field must be updated to the desired value by the caller - * before calling this function. - * Returns 0 on success, or a negative error number. - * - * We change the ACL rather than storing some ACL entries in the file - * mode permission bits (which would be more efficient), because that - * would break once additional permissions (like ACL_APPEND, ACL_DELETE - * for directories) are added. There are no more bits available in the - * file mode. - * - * inode->i_mutex: down - */ int -ext3_acl_chmod(struct inode *inode) +ext3_set_acl(struct inode *inode, struct posix_acl *acl, int type) { - struct posix_acl *acl; handle_t *handle; - int retries = 0; - int error; + int error, retries = 0; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - if (!test_opt(inode->i_sb, POSIX_ACL)) - return 0; - acl = ext3_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (error) - return error; retry: - handle = ext3_journal_start(inode, - EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); - if (IS_ERR(handle)) { - error = PTR_ERR(handle); - ext3_std_error(inode->i_sb, error); - goto out; - } - error = ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); + handle = ext3_journal_start(inode, EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); + if (IS_ERR(handle)) + return PTR_ERR(handle); + error = __ext3_set_acl(handle, inode, type, acl); ext3_journal_stop(handle); - if (error == -ENOSPC && - ext3_should_retry_alloc(inode->i_sb, &retries)) + if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, &retries)) goto retry; -out: - posix_acl_release(acl); return error; } /* - * Extended attribute handlers + * Initialize the ACLs of a new inode. Called from ext3_new_inode. + * + * dir->i_mutex: down + * inode->i_mutex: up (access to inode is still exclusive) */ -static size_t -ext3_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_len, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); - return size; -} - -static size_t -ext3_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_len, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); - return size; -} - -static int -ext3_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, - size_t size, int type) +int +ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) { - struct posix_acl *acl; + struct posix_acl *default_acl, *acl; int error; - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return -EOPNOTSUPP; - - acl = ext3_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int -ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int type) -{ - struct inode *inode = dentry->d_inode; - handle_t *handle; - struct posix_acl *acl; - int error, retries = 0; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(inode->i_sb, POSIX_ACL)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - error = posix_acl_valid(acl); - if (error) - goto release_and_out; - } - } else - acl = NULL; - -retry: - handle = ext3_journal_start(inode, EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); - if (IS_ERR(handle)) - return PTR_ERR(handle); - error = ext3_set_acl(handle, inode, type, acl); - ext3_journal_stop(handle); - if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, &retries)) - goto retry; + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (error) + return error; -release_and_out: - posix_acl_release(acl); + if (default_acl) { + error = __ext3_set_acl(handle, inode, ACL_TYPE_DEFAULT, + default_acl); + posix_acl_release(default_acl); + } + if (acl) { + if (!error) + error = __ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, + acl); + posix_acl_release(acl); + } return error; } - -const struct xattr_handler ext3_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = ext3_xattr_list_acl_access, - .get = ext3_xattr_get_acl, - .set = ext3_xattr_set_acl, -}; - -const struct xattr_handler ext3_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = ext3_xattr_list_acl_default, - .get = ext3_xattr_get_acl, - .set = ext3_xattr_set_acl, -}; diff --git a/fs/ext3/acl.h b/fs/ext3/acl.h index dbc921e..ea1c69e 100644 --- a/fs/ext3/acl.h +++ b/fs/ext3/acl.h @@ -55,18 +55,13 @@ static inline int ext3_acl_count(size_t size) /* acl.c */ extern struct posix_acl *ext3_get_acl(struct inode *inode, int type); -extern int ext3_acl_chmod (struct inode *); +extern int ext3_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int ext3_init_acl (handle_t *, struct inode *, struct inode *); #else /* CONFIG_EXT3_FS_POSIX_ACL */ #include <linux/sched.h> #define ext3_get_acl NULL - -static inline int -ext3_acl_chmod(struct inode *inode) -{ - return 0; -} +#define ext3_set_acl NULL static inline int ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) diff --git a/fs/ext3/file.c b/fs/ext3/file.c index 25cb413..aad0531 100644 --- a/fs/ext3/file.c +++ b/fs/ext3/file.c @@ -75,6 +75,7 @@ const struct inode_operations ext3_file_inode_operations = { .removexattr = generic_removexattr, #endif .get_acl = ext3_get_acl, + .set_acl = ext3_set_acl, .fiemap = ext3_fiemap, }; diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c index 2bd8548..150b6c1 100644 --- a/fs/ext3/inode.c +++ b/fs/ext3/inode.c @@ -3365,7 +3365,7 @@ int ext3_setattr(struct dentry *dentry, struct iattr *attr) mark_inode_dirty(inode); if (ia_valid & ATTR_MODE) - rc = ext3_acl_chmod(inode); + rc = posix_acl_chmod(inode); err_out: ext3_std_error(inode->i_sb, error); diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index f8cde46..f197736 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -2569,6 +2569,7 @@ const struct inode_operations ext3_dir_inode_operations = { .removexattr = generic_removexattr, #endif .get_acl = ext3_get_acl, + .set_acl = ext3_set_acl, }; const struct inode_operations ext3_special_inode_operations = { @@ -2580,4 +2581,5 @@ const struct inode_operations ext3_special_inode_operations = { .removexattr = generic_removexattr, #endif .get_acl = ext3_get_acl, + .set_acl = ext3_set_acl, }; diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c index b1fc963..c6874be 100644 --- a/fs/ext3/xattr.c +++ b/fs/ext3/xattr.c @@ -102,8 +102,8 @@ static struct mb_cache *ext3_xattr_cache; static const struct xattr_handler *ext3_xattr_handler_map[] = { [EXT3_XATTR_INDEX_USER] = &ext3_xattr_user_handler, #ifdef CONFIG_EXT3_FS_POSIX_ACL - [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext3_xattr_acl_access_handler, - [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext3_xattr_acl_default_handler, + [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, + [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, #endif [EXT3_XATTR_INDEX_TRUSTED] = &ext3_xattr_trusted_handler, #ifdef CONFIG_EXT3_FS_SECURITY @@ -115,8 +115,8 @@ const struct xattr_handler *ext3_xattr_handlers[] = { &ext3_xattr_user_handler, &ext3_xattr_trusted_handler, #ifdef CONFIG_EXT3_FS_POSIX_ACL - &ext3_xattr_acl_access_handler, - &ext3_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif #ifdef CONFIG_EXT3_FS_SECURITY &ext3_xattr_security_handler, diff --git a/fs/ext3/xattr.h b/fs/ext3/xattr.h index 2be4f69..32e93eb 100644 --- a/fs/ext3/xattr.h +++ b/fs/ext3/xattr.h @@ -60,8 +60,6 @@ struct ext3_xattr_entry { extern const struct xattr_handler ext3_xattr_user_handler; extern const struct xattr_handler ext3_xattr_trusted_handler; -extern const struct xattr_handler ext3_xattr_acl_access_handler; -extern const struct xattr_handler ext3_xattr_acl_default_handler; extern const struct xattr_handler ext3_xattr_security_handler; extern ssize_t ext3_listxattr(struct dentry *, char *, size_t); diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c index f827f3b..acaba0f 100644 --- a/fs/ext4/acl.c +++ b/fs/ext4/acl.c @@ -196,7 +196,7 @@ ext4_get_acl(struct inode *inode, int type) * inode->i_mutex: down unless called from ext4_new_inode */ static int -ext4_set_acl(handle_t *handle, struct inode *inode, int type, +__ext4_set_acl(handle_t *handle, struct inode *inode, int type, struct posix_acl *acl) { int name_index; @@ -248,208 +248,51 @@ ext4_set_acl(handle_t *handle, struct inode *inode, int type, return error; } -/* - * Initialize the ACLs of a new inode. Called from ext4_new_inode. - * - * dir->i_mutex: down - * inode->i_mutex: up (access to inode is still exclusive) - */ -int -ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) -{ - struct posix_acl *acl = NULL; - int error = 0; - - if (!S_ISLNK(inode->i_mode)) { - if (test_opt(dir->i_sb, POSIX_ACL)) { - acl = ext4_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (!acl) - inode->i_mode &= ~current_umask(); - } - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { - if (S_ISDIR(inode->i_mode)) { - error = ext4_set_acl(handle, inode, - ACL_TYPE_DEFAULT, acl); - if (error) - goto cleanup; - } - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); - if (error < 0) - return error; - - if (error > 0) { - /* This is an extended ACL */ - error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); - } - } -cleanup: - posix_acl_release(acl); - return error; -} - -/* - * Does chmod for an inode that may have an Access Control List. The - * inode->i_mode field must be updated to the desired value by the caller - * before calling this function. - * Returns 0 on success, or a negative error number. - * - * We change the ACL rather than storing some ACL entries in the file - * mode permission bits (which would be more efficient), because that - * would break once additional permissions (like ACL_APPEND, ACL_DELETE - * for directories) are added. There are no more bits available in the - * file mode. - * - * inode->i_mutex: down - */ int -ext4_acl_chmod(struct inode *inode) +ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type) { - struct posix_acl *acl; handle_t *handle; - int retries = 0; - int error; - + int error, retries = 0; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - if (!test_opt(inode->i_sb, POSIX_ACL)) - return 0; - acl = ext4_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (error) - return error; retry: handle = ext4_journal_start(inode, EXT4_HT_XATTR, ext4_jbd2_credits_xattr(inode)); - if (IS_ERR(handle)) { - error = PTR_ERR(handle); - ext4_std_error(inode->i_sb, error); - goto out; - } - error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); + if (IS_ERR(handle)) + return PTR_ERR(handle); + + error = __ext4_set_acl(handle, inode, type, acl); ext4_journal_stop(handle); - if (error == -ENOSPC && - ext4_should_retry_alloc(inode->i_sb, &retries)) + if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry; -out: - posix_acl_release(acl); return error; } /* - * Extended attribute handlers + * Initialize the ACLs of a new inode. Called from ext4_new_inode. + * + * dir->i_mutex: down + * inode->i_mutex: up (access to inode is still exclusive) */ -static size_t -ext4_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_len, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); - return size; -} - -static size_t -ext4_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_len, - const char *name, size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); - - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return 0; - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); - return size; -} - -static int -ext4_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, - size_t size, int type) +int +ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) { - struct posix_acl *acl; + struct posix_acl *default_acl, *acl; int error; - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(dentry->d_sb, POSIX_ACL)) - return -EOPNOTSUPP; - - acl = ext4_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int -ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int type) -{ - struct inode *inode = dentry->d_inode; - handle_t *handle; - struct posix_acl *acl; - int error, retries = 0; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(inode->i_sb, POSIX_ACL)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - error = posix_acl_valid(acl); - if (error) - goto release_and_out; - } - } else - acl = NULL; + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (error) + return error; -retry: - handle = ext4_journal_start(inode, EXT4_HT_XATTR, - ext4_jbd2_credits_xattr(inode)); - if (IS_ERR(handle)) { - error = PTR_ERR(handle); - goto release_and_out; + if (default_acl) { + error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT, + default_acl); + posix_acl_release(default_acl); + } + if (acl) { + if (!error) + error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, + acl); + posix_acl_release(acl); } - error = ext4_set_acl(handle, inode, type, acl); - ext4_journal_stop(handle); - if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) - goto retry; - -release_and_out: - posix_acl_release(acl); return error; } - -const struct xattr_handler ext4_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = ext4_xattr_list_acl_access, - .get = ext4_xattr_get_acl, - .set = ext4_xattr_set_acl, -}; - -const struct xattr_handler ext4_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = ext4_xattr_list_acl_default, - .get = ext4_xattr_get_acl, - .set = ext4_xattr_set_acl, -}; diff --git a/fs/ext4/acl.h b/fs/ext4/acl.h index 18cb39e..da2c795 100644 --- a/fs/ext4/acl.h +++ b/fs/ext4/acl.h @@ -55,18 +55,13 @@ static inline int ext4_acl_count(size_t size) /* acl.c */ struct posix_acl *ext4_get_acl(struct inode *inode, int type); -extern int ext4_acl_chmod(struct inode *); +int ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int ext4_init_acl(handle_t *, struct inode *, struct inode *); #else /* CONFIG_EXT4_FS_POSIX_ACL */ #include <linux/sched.h> #define ext4_get_acl NULL - -static inline int -ext4_acl_chmod(struct inode *inode) -{ - return 0; -} +#define ext4_set_acl NULL static inline int ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 3da2194..43e64f6 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -617,6 +617,7 @@ const struct inode_operations ext4_file_inode_operations = { .listxattr = ext4_listxattr, .removexattr = generic_removexattr, .get_acl = ext4_get_acl, + .set_acl = ext4_set_acl, .fiemap = ext4_fiemap, }; diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 0757634..6f69f96 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -4675,7 +4675,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr *attr) ext4_orphan_del(NULL, inode); if (!rc && (ia_valid & ATTR_MODE)) - rc = ext4_acl_chmod(inode); + rc = posix_acl_chmod(inode); err_out: ext4_std_error(inode->i_sb, error); diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 5a0408d..e77c1ba 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -3225,6 +3225,7 @@ const struct inode_operations ext4_dir_inode_operations = { .listxattr = ext4_listxattr, .removexattr = generic_removexattr, .get_acl = ext4_get_acl, + .set_acl = ext4_set_acl, .fiemap = ext4_fiemap, }; @@ -3235,4 +3236,5 @@ const struct inode_operations ext4_special_inode_operations = { .listxattr = ext4_listxattr, .removexattr = generic_removexattr, .get_acl = ext4_get_acl, + .set_acl = ext4_set_acl, }; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 1423c48..e175e94 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -95,8 +95,8 @@ static struct mb_cache *ext4_xattr_cache; static const struct xattr_handler *ext4_xattr_handler_map[] = { [EXT4_XATTR_INDEX_USER] = &ext4_xattr_user_handler, #ifdef CONFIG_EXT4_FS_POSIX_ACL - [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext4_xattr_acl_access_handler, - [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext4_xattr_acl_default_handler, + [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, + [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, #endif [EXT4_XATTR_INDEX_TRUSTED] = &ext4_xattr_trusted_handler, #ifdef CONFIG_EXT4_FS_SECURITY @@ -108,8 +108,8 @@ const struct xattr_handler *ext4_xattr_handlers[] = { &ext4_xattr_user_handler, &ext4_xattr_trusted_handler, #ifdef CONFIG_EXT4_FS_POSIX_ACL - &ext4_xattr_acl_access_handler, - &ext4_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif #ifdef CONFIG_EXT4_FS_SECURITY &ext4_xattr_security_handler, diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h index c767dbd..819d639 100644 --- a/fs/ext4/xattr.h +++ b/fs/ext4/xattr.h @@ -96,8 +96,6 @@ struct ext4_xattr_ibody_find { extern const struct xattr_handler ext4_xattr_user_handler; extern const struct xattr_handler ext4_xattr_trusted_handler; -extern const struct xattr_handler ext4_xattr_acl_access_handler; -extern const struct xattr_handler ext4_xattr_acl_default_handler; extern const struct xattr_handler ext4_xattr_security_handler; extern ssize_t ext4_listxattr(struct dentry *, char *, size_t); -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 09/18] f2fs: use generic posix ACL infrastructure
f2fs has some weird mode bit handling, so still using the old chmod code for now. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/f2fs/acl.c | 140 +++++++++---------------------------------------------- fs/f2fs/acl.h | 1 + fs/f2fs/file.c | 1 + fs/f2fs/namei.c | 2 + fs/f2fs/xattr.c | 9 ++-- fs/f2fs/xattr.h | 2 - 6 files changed, 30 insertions(+), 125 deletions(-) diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c index 45e8430..4f52fe0f 100644 --- a/fs/f2fs/acl.c +++ b/fs/f2fs/acl.c @@ -205,7 +205,7 @@ struct posix_acl *f2fs_get_acl(struct inode *inode, int type) return acl; } -static int f2fs_set_acl(struct inode *inode, int type, +static int __f2fs_set_acl(struct inode *inode, int type, struct posix_acl *acl, struct page *ipage) { struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); @@ -261,37 +261,32 @@ static int f2fs_set_acl(struct inode *inode, int type, return error; } +int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type) +{ + return __f2fs_set_acl(inode, type, acl, NULL); +} + int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) { - struct f2fs_sb_info *sbi = F2FS_SB(dir->i_sb); - struct posix_acl *acl = NULL; + struct posix_acl *default_acl, *acl; int error = 0; - if (!S_ISLNK(inode->i_mode)) { - if (test_opt(sbi, POSIX_ACL)) { - acl = f2fs_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (!acl) - inode->i_mode &= ~current_umask(); - } - - if (!test_opt(sbi, POSIX_ACL) || !acl) - goto cleanup; + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (error) + return error; - if (S_ISDIR(inode->i_mode)) { - error = f2fs_set_acl(inode, ACL_TYPE_DEFAULT, acl, ipage); + if (default_acl) { + error = __f2fs_set_acl(inode, ACL_TYPE_DEFAULT, default_acl, + ipage); + posix_acl_release(default_acl); + } + if (acl) { if (error) - goto cleanup; + error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, + ipage); + posix_acl_release(acl); } - error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); - if (error < 0) - return error; - if (error > 0) - error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, ipage); -cleanup: - posix_acl_release(acl); + return error; } @@ -315,100 +310,7 @@ int f2fs_acl_chmod(struct inode *inode) if (error) return error; - error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); - posix_acl_release(acl); - return error; -} - -static size_t f2fs_xattr_list_acl(struct dentry *dentry, char *list, - size_t list_size, const char *name, size_t name_len, int type) -{ - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); - const char *xname = POSIX_ACL_XATTR_DEFAULT; - size_t size; - - if (!test_opt(sbi, POSIX_ACL)) - return 0; - - if (type == ACL_TYPE_ACCESS) - xname = POSIX_ACL_XATTR_ACCESS; - - size = strlen(xname) + 1; - if (list && size <= list_size) - memcpy(list, xname, size); - return size; -} - -static int f2fs_xattr_get_acl(struct dentry *dentry, const char *name, - void *buffer, size_t size, int type) -{ - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); - struct posix_acl *acl; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(sbi, POSIX_ACL)) - return -EOPNOTSUPP; - - acl = f2fs_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (!acl) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int f2fs_xattr_set_acl(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) -{ - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); - struct inode *inode = dentry->d_inode; - struct posix_acl *acl = NULL; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!test_opt(sbi, POSIX_ACL)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl) { - error = posix_acl_valid(acl); - if (error) - goto release_and_out; - } - } else { - acl = NULL; - } - - error = f2fs_set_acl(inode, type, acl, NULL); - -release_and_out: + error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); posix_acl_release(acl); return error; } - -const struct xattr_handler f2fs_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = f2fs_xattr_list_acl, - .get = f2fs_xattr_get_acl, - .set = f2fs_xattr_set_acl, -}; - -const struct xattr_handler f2fs_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = f2fs_xattr_list_acl, - .get = f2fs_xattr_get_acl, - .set = f2fs_xattr_set_acl, -}; diff --git a/fs/f2fs/acl.h b/fs/f2fs/acl.h index 4963313..2af31fe 100644 --- a/fs/f2fs/acl.h +++ b/fs/f2fs/acl.h @@ -37,6 +37,7 @@ struct f2fs_acl_header { #ifdef CONFIG_F2FS_FS_POSIX_ACL extern struct posix_acl *f2fs_get_acl(struct inode *, int); +extern int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int f2fs_acl_chmod(struct inode *); extern int f2fs_init_acl(struct inode *, struct inode *, struct page *); #else diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 7d714f4..13eff60 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -405,6 +405,7 @@ const struct inode_operations f2fs_file_inode_operations = { .getattr = f2fs_getattr, .setattr = f2fs_setattr, .get_acl = f2fs_get_acl, + .set_acl = f2fs_set_acl, #ifdef CONFIG_F2FS_FS_XATTR .setxattr = generic_setxattr, .getxattr = generic_getxattr, diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c index 575adac..5846eeb 100644 --- a/fs/f2fs/namei.c +++ b/fs/f2fs/namei.c @@ -496,6 +496,7 @@ const struct inode_operations f2fs_dir_inode_operations = { .getattr = f2fs_getattr, .setattr = f2fs_setattr, .get_acl = f2fs_get_acl, + .set_acl = f2fs_set_acl, #ifdef CONFIG_F2FS_FS_XATTR .setxattr = generic_setxattr, .getxattr = generic_getxattr, @@ -522,6 +523,7 @@ const struct inode_operations f2fs_special_inode_operations = { .getattr = f2fs_getattr, .setattr = f2fs_setattr, .get_acl = f2fs_get_acl, + .set_acl = f2fs_set_acl, #ifdef CONFIG_F2FS_FS_XATTR .setxattr = generic_setxattr, .getxattr = generic_getxattr, diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c index aa7a3f1..e2b9299 100644 --- a/fs/f2fs/xattr.c +++ b/fs/f2fs/xattr.c @@ -21,6 +21,7 @@ #include <linux/rwsem.h> #include <linux/f2fs_fs.h> #include <linux/security.h> +#include <linux/posix_acl_xattr.h> #include "f2fs.h" #include "xattr.h" @@ -216,8 +217,8 @@ const struct xattr_handler f2fs_xattr_security_handler = { static const struct xattr_handler *f2fs_xattr_handler_map[] = { [F2FS_XATTR_INDEX_USER] = &f2fs_xattr_user_handler, #ifdef CONFIG_F2FS_FS_POSIX_ACL - [F2FS_XATTR_INDEX_POSIX_ACL_ACCESS] = &f2fs_xattr_acl_access_handler, - [F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT] = &f2fs_xattr_acl_default_handler, + [F2FS_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, + [F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, #endif [F2FS_XATTR_INDEX_TRUSTED] = &f2fs_xattr_trusted_handler, #ifdef CONFIG_F2FS_FS_SECURITY @@ -229,8 +230,8 @@ static const struct xattr_handler *f2fs_xattr_handler_map[] = { const struct xattr_handler *f2fs_xattr_handlers[] = { &f2fs_xattr_user_handler, #ifdef CONFIG_F2FS_FS_POSIX_ACL - &f2fs_xattr_acl_access_handler, - &f2fs_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif &f2fs_xattr_trusted_handler, #ifdef CONFIG_F2FS_FS_SECURITY diff --git a/fs/f2fs/xattr.h b/fs/f2fs/xattr.h index 02a08fb..b21d9eb 100644 --- a/fs/f2fs/xattr.h +++ b/fs/f2fs/xattr.h @@ -108,8 +108,6 @@ struct f2fs_xattr_entry { #ifdef CONFIG_F2FS_FS_XATTR extern const struct xattr_handler f2fs_xattr_user_handler; extern const struct xattr_handler f2fs_xattr_trusted_handler; -extern const struct xattr_handler f2fs_xattr_acl_access_handler; -extern const struct xattr_handler f2fs_xattr_acl_default_handler; extern const struct xattr_handler f2fs_xattr_advise_handler; extern const struct xattr_handler f2fs_xattr_security_handler; -- 1.7.10.4 _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 10/18] hfsplus: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/hfsplus/acl.h | 9 +-- fs/hfsplus/dir.c | 1 + fs/hfsplus/inode.c | 3 +- fs/hfsplus/posix_acl.c | 161 +++++------------------------------------------- fs/hfsplus/xattr.c | 5 +- fs/hfsplus/xattr.h | 2 - 6 files changed, 24 insertions(+), 157 deletions(-) diff --git a/fs/hfsplus/acl.h b/fs/hfsplus/acl.h index 07c0d49..95c8ed9 100644 --- a/fs/hfsplus/acl.h +++ b/fs/hfsplus/acl.h @@ -12,16 +12,13 @@ /* posix_acl.c */ struct posix_acl *hfsplus_get_posix_acl(struct inode *inode, int type); -extern int hfsplus_posix_acl_chmod(struct inode *); +int hfsplus_set_posix_acl(struct inode *inode, struct posix_acl *acl, + int type); extern int hfsplus_init_posix_acl(struct inode *, struct inode *); #else /* CONFIG_HFSPLUS_FS_POSIX_ACL */ #define hfsplus_get_posix_acl NULL - -static inline int hfsplus_posix_acl_chmod(struct inode *inode) -{ - return 0; -} +#define hfsplus_set_posix_acl NULL static inline int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir) { diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c index 4a4fea0..9ee6298 100644 --- a/fs/hfsplus/dir.c +++ b/fs/hfsplus/dir.c @@ -532,6 +532,7 @@ const struct inode_operations hfsplus_dir_inode_operations = { .removexattr = hfsplus_removexattr, #ifdef CONFIG_HFSPLUS_FS_POSIX_ACL .get_acl = hfsplus_get_posix_acl, + .set_acl = hfsplus_set_posix_acl, #endif }; diff --git a/fs/hfsplus/inode.c b/fs/hfsplus/inode.c index 37213d0..0034328 100644 --- a/fs/hfsplus/inode.c +++ b/fs/hfsplus/inode.c @@ -319,7 +319,7 @@ static int hfsplus_setattr(struct dentry *dentry, struct iattr *attr) mark_inode_dirty(inode); if (attr->ia_valid & ATTR_MODE) { - error = hfsplus_posix_acl_chmod(inode); + error = posix_acl_chmod(inode); if (unlikely(error)) return error; } @@ -393,6 +393,7 @@ static const struct inode_operations hfsplus_file_inode_operations = { .removexattr = hfsplus_removexattr, #ifdef CONFIG_HFSPLUS_FS_POSIX_ACL .get_acl = hfsplus_get_posix_acl, + .set_acl = hfsplus_set_posix_acl, #endif }; diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c index 277942f..c629592 100644 --- a/fs/hfsplus/posix_acl.c +++ b/fs/hfsplus/posix_acl.c @@ -56,9 +56,8 @@ struct posix_acl *hfsplus_get_posix_acl(struct inode *inode, int type) return acl; } -static int hfsplus_set_posix_acl(struct inode *inode, - int type, - struct posix_acl *acl) +int hfsplus_set_posix_acl(struct inode *inode, struct posix_acl *acl, + int type) { int err; char *xattr_name; @@ -115,7 +114,7 @@ end_set_acl: int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir) { int err = 0; - struct posix_acl *acl = NULL; + struct posix_acl *default_acl, *acl; hfs_dbg(ACL_MOD, "[%s]: ino %lu, dir->ino %lu\n", @@ -124,151 +123,21 @@ int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir) if (S_ISLNK(inode->i_mode)) return 0; - acl = hfsplus_get_posix_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - - if (acl) { - if (S_ISDIR(inode->i_mode)) { - err = hfsplus_set_posix_acl(inode, - ACL_TYPE_DEFAULT, - acl); - if (unlikely(err)) - goto init_acl_cleanup; - } - - err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); - if (unlikely(err < 0)) - return err; - - if (err > 0) - err = hfsplus_set_posix_acl(inode, - ACL_TYPE_ACCESS, - acl); - } else - inode->i_mode &= ~current_umask(); - -init_acl_cleanup: - posix_acl_release(acl); - return err; -} - -int hfsplus_posix_acl_chmod(struct inode *inode) -{ - int err; - struct posix_acl *acl; - - hfs_dbg(ACL_MOD, "[%s]: ino %lu\n", __func__, inode->i_ino); - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - acl = hfsplus_get_posix_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - - err = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (unlikely(err)) + err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (err) return err; - err = hfsplus_set_posix_acl(inode, ACL_TYPE_ACCESS, acl); - posix_acl_release(acl); - return err; -} - -static int hfsplus_xattr_get_posix_acl(struct dentry *dentry, - const char *name, - void *buffer, - size_t size, - int type) -{ - int err = 0; - struct posix_acl *acl; - - hfs_dbg(ACL_MOD, - "[%s]: ino %lu, buffer %p, size %zu, type %#x\n", - __func__, dentry->d_inode->i_ino, buffer, size, type); - - if (strcmp(name, "") != 0) - return -EINVAL; - - acl = hfsplus_get_posix_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - - err = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return err; -} - -static int hfsplus_xattr_set_posix_acl(struct dentry *dentry, - const char *name, - const void *value, - size_t size, - int flags, - int type) -{ - int err = 0; - struct inode *inode = dentry->d_inode; - struct posix_acl *acl = NULL; - - hfs_dbg(ACL_MOD, - "[%s]: ino %lu, value %p, size %zu, flags %#x, type %#x\n", - __func__, inode->i_ino, value, size, flags, type); - - if (strcmp(name, "") != 0) - return -EINVAL; - - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - err = posix_acl_valid(acl); - if (err) - goto end_xattr_set_acl; - } + if (default_acl) { + err = hfsplus_set_posix_acl(inode, default_acl, + ACL_TYPE_DEFAULT); + posix_acl_release(default_acl); } - err = hfsplus_set_posix_acl(inode, type, acl); - -end_xattr_set_acl: - posix_acl_release(acl); + if (acl) { + if (!err) + err = hfsplus_set_posix_acl(inode, acl, + ACL_TYPE_ACCESS); + posix_acl_release(acl); + } return err; } - -static size_t hfsplus_xattr_list_posix_acl(struct dentry *dentry, - char *list, - size_t list_size, - const char *name, - size_t name_len, - int type) -{ - /* - * This method is not used. - * It is used hfsplus_listxattr() instead of generic_listxattr(). - */ - return -EOPNOTSUPP; -} - -const struct xattr_handler hfsplus_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = hfsplus_xattr_list_posix_acl, - .get = hfsplus_xattr_get_posix_acl, - .set = hfsplus_xattr_set_posix_acl, -}; - -const struct xattr_handler hfsplus_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = hfsplus_xattr_list_posix_acl, - .get = hfsplus_xattr_get_posix_acl, - .set = hfsplus_xattr_set_posix_acl, -}; diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c index 3c6136f..bf88baa 100644 --- a/fs/hfsplus/xattr.c +++ b/fs/hfsplus/xattr.c @@ -7,6 +7,7 @@ */ #include "hfsplus_fs.h" +#include <linux/posix_acl_xattr.h> #include "xattr.h" #include "acl.h" @@ -15,8 +16,8 @@ const struct xattr_handler *hfsplus_xattr_handlers[] = { &hfsplus_xattr_user_handler, &hfsplus_xattr_trusted_handler, #ifdef CONFIG_HFSPLUS_FS_POSIX_ACL - &hfsplus_xattr_acl_access_handler, - &hfsplus_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif &hfsplus_xattr_security_handler, NULL diff --git a/fs/hfsplus/xattr.h b/fs/hfsplus/xattr.h index 841b569..9e21449 100644 --- a/fs/hfsplus/xattr.h +++ b/fs/hfsplus/xattr.h @@ -14,8 +14,6 @@ extern const struct xattr_handler hfsplus_xattr_osx_handler; extern const struct xattr_handler hfsplus_xattr_user_handler; extern const struct xattr_handler hfsplus_xattr_trusted_handler; -extern const struct xattr_handler hfsplus_xattr_acl_access_handler; -extern const struct xattr_handler hfsplus_xattr_acl_default_handler; extern const struct xattr_handler hfsplus_xattr_security_handler; extern const struct xattr_handler *hfsplus_xattr_handlers[]; -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 11/18] jffs2: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/jffs2/acl.c | 134 +++++----------------------------------------------- fs/jffs2/acl.h | 7 +-- fs/jffs2/dir.c | 1 + fs/jffs2/file.c | 1 + fs/jffs2/fs.c | 2 +- fs/jffs2/symlink.c | 1 + fs/jffs2/xattr.c | 9 ++-- 7 files changed, 22 insertions(+), 133 deletions(-) diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c index 4d6e31b..f5f66b1 100644 --- a/fs/jffs2/acl.c +++ b/fs/jffs2/acl.c @@ -232,7 +232,7 @@ static int __jffs2_set_acl(struct inode *inode, int xprefix, struct posix_acl *a return rc; } -static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl) +int jffs2_set_acl(struct inode *inode, struct posix_acl *acl, int type) { int rc, xprefix; @@ -277,30 +277,21 @@ static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl) int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, umode_t *i_mode) { - struct posix_acl *acl; + struct posix_acl *default_acl, *acl; int rc; cache_no_acl(inode); - if (S_ISLNK(*i_mode)) - return 0; /* Symlink always has no-ACL */ - - acl = jffs2_get_acl(dir_i, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - - if (!acl) { - *i_mode &= ~current_umask(); - } else { - if (S_ISDIR(*i_mode)) - set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); - - rc = __posix_acl_create(&acl, GFP_KERNEL, i_mode); - if (rc < 0) - return rc; - if (rc > 0) - set_cached_acl(inode, ACL_TYPE_ACCESS, acl); + rc = posix_acl_create(dir_i, i_mode, &default_acl, &acl); + if (rc) + return rc; + if (default_acl) { + set_cached_acl(inode, ACL_TYPE_DEFAULT, default_acl); + posix_acl_release(default_acl); + } + if (acl) { + set_cached_acl(inode, ACL_TYPE_ACCESS, acl); posix_acl_release(acl); } return 0; @@ -324,106 +315,3 @@ int jffs2_init_acl_post(struct inode *inode) return 0; } - -int jffs2_acl_chmod(struct inode *inode) -{ - struct posix_acl *acl; - int rc; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (rc) - return rc; - rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, acl); - posix_acl_release(acl); - return rc; -} - -static size_t jffs2_acl_access_listxattr(struct dentry *dentry, char *list, - size_t list_size, const char *name, size_t name_len, int type) -{ - const int retlen = sizeof(POSIX_ACL_XATTR_ACCESS); - - if (list && retlen <= list_size) - strcpy(list, POSIX_ACL_XATTR_ACCESS); - return retlen; -} - -static size_t jffs2_acl_default_listxattr(struct dentry *dentry, char *list, - size_t list_size, const char *name, size_t name_len, int type) -{ - const int retlen = sizeof(POSIX_ACL_XATTR_DEFAULT); - - if (list && retlen <= list_size) - strcpy(list, POSIX_ACL_XATTR_DEFAULT); - return retlen; -} - -static int jffs2_acl_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size, int type) -{ - struct posix_acl *acl; - int rc; - - if (name[0] != ''\0'') - return -EINVAL; - - acl = jffs2_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (!acl) - return -ENODATA; - rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return rc; -} - -static int jffs2_acl_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) -{ - struct posix_acl *acl; - int rc; - - if (name[0] != ''\0'') - return -EINVAL; - if (!inode_owner_or_capable(dentry->d_inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl) { - rc = posix_acl_valid(acl); - if (rc) - goto out; - } - } else { - acl = NULL; - } - rc = jffs2_set_acl(dentry->d_inode, type, acl); - out: - posix_acl_release(acl); - return rc; -} - -const struct xattr_handler jffs2_acl_access_xattr_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_DEFAULT, - .list = jffs2_acl_access_listxattr, - .get = jffs2_acl_getxattr, - .set = jffs2_acl_setxattr, -}; - -const struct xattr_handler jffs2_acl_default_xattr_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = jffs2_acl_default_listxattr, - .get = jffs2_acl_getxattr, - .set = jffs2_acl_setxattr, -}; diff --git a/fs/jffs2/acl.h b/fs/jffs2/acl.h index 9b47724..2e2b574 100644 --- a/fs/jffs2/acl.h +++ b/fs/jffs2/acl.h @@ -27,17 +27,14 @@ struct jffs2_acl_header { #ifdef CONFIG_JFFS2_FS_POSIX_ACL struct posix_acl *jffs2_get_acl(struct inode *inode, int type); -extern int jffs2_acl_chmod(struct inode *); +int jffs2_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int jffs2_init_acl_pre(struct inode *, struct inode *, umode_t *); extern int jffs2_init_acl_post(struct inode *); -extern const struct xattr_handler jffs2_acl_access_xattr_handler; -extern const struct xattr_handler jffs2_acl_default_xattr_handler; - #else #define jffs2_get_acl (NULL) -#define jffs2_acl_chmod(inode) (0) +#define jffs2_set_acl (NULL) #define jffs2_init_acl_pre(dir_i,inode,mode) (0) #define jffs2_init_acl_post(inode) (0) diff --git a/fs/jffs2/dir.c b/fs/jffs2/dir.c index e3aac22..9385560 100644 --- a/fs/jffs2/dir.c +++ b/fs/jffs2/dir.c @@ -59,6 +59,7 @@ const struct inode_operations jffs2_dir_inode_operations .mknod = jffs2_mknod, .rename = jffs2_rename, .get_acl = jffs2_get_acl, + .set_acl = jffs2_set_acl, .setattr = jffs2_setattr, .setxattr = jffs2_setxattr, .getxattr = jffs2_getxattr, diff --git a/fs/jffs2/file.c b/fs/jffs2/file.c index 1506673..256cd19 100644 --- a/fs/jffs2/file.c +++ b/fs/jffs2/file.c @@ -66,6 +66,7 @@ const struct file_operations jffs2_file_operations const struct inode_operations jffs2_file_inode_operations { .get_acl = jffs2_get_acl, + .set_acl = jffs2_set_acl, .setattr = jffs2_setattr, .setxattr = jffs2_setxattr, .getxattr = jffs2_getxattr, diff --git a/fs/jffs2/fs.c b/fs/jffs2/fs.c index 09b3ed4..586db76 100644 --- a/fs/jffs2/fs.c +++ b/fs/jffs2/fs.c @@ -198,7 +198,7 @@ int jffs2_setattr(struct dentry *dentry, struct iattr *iattr) rc = jffs2_do_setattr(dentry->d_inode, iattr); if (!rc && (iattr->ia_valid & ATTR_MODE)) - rc = jffs2_acl_chmod(dentry->d_inode); + rc = posix_acl_chmod(dentry->d_inode); return rc; } diff --git a/fs/jffs2/symlink.c b/fs/jffs2/symlink.c index 6e56333..c42df08 100644 --- a/fs/jffs2/symlink.c +++ b/fs/jffs2/symlink.c @@ -23,6 +23,7 @@ const struct inode_operations jffs2_symlink_inode_operations .readlink = generic_readlink, .follow_link = jffs2_follow_link, .get_acl = jffs2_get_acl, + .set_acl = jffs2_set_acl, .setattr = jffs2_setattr, .setxattr = jffs2_setxattr, .getxattr = jffs2_getxattr, diff --git a/fs/jffs2/xattr.c b/fs/jffs2/xattr.c index 3034e97..ad0f2e2 100644 --- a/fs/jffs2/xattr.c +++ b/fs/jffs2/xattr.c @@ -22,6 +22,7 @@ #include <linux/crc32.h> #include <linux/jffs2.h> #include <linux/xattr.h> +#include <linux/posix_acl_xattr.h> #include <linux/mtd/mtd.h> #include "nodelist.h" /* -------- xdatum related functions ---------------- @@ -921,8 +922,8 @@ const struct xattr_handler *jffs2_xattr_handlers[] = { &jffs2_security_xattr_handler, #endif #ifdef CONFIG_JFFS2_FS_POSIX_ACL - &jffs2_acl_access_xattr_handler, - &jffs2_acl_default_xattr_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif &jffs2_trusted_xattr_handler, NULL @@ -942,10 +943,10 @@ static const struct xattr_handler *xprefix_to_handler(int xprefix) { #endif #ifdef CONFIG_JFFS2_FS_POSIX_ACL case JFFS2_XPREFIX_ACL_ACCESS: - ret = &jffs2_acl_access_xattr_handler; + ret = &posix_acl_access_xattr_handler; break; case JFFS2_XPREFIX_ACL_DEFAULT: - ret = &jffs2_acl_default_xattr_handler; + ret = &posix_acl_default_xattr_handler; break; #endif case JFFS2_XPREFIX_TRUSTED: -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 12/18] ocfs2: use generic posix ACL infrastructure
This contains some major refactoring for the create path so that inodes are created with the right mode to start with instead of fixing it up later. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/ocfs2/acl.c | 234 ++--------------------------------------------- fs/ocfs2/acl.h | 13 ++- fs/ocfs2/file.c | 4 +- fs/ocfs2/namei.c | 25 ++++- fs/ocfs2/refcounttree.c | 19 +++- fs/ocfs2/xattr.c | 21 +++-- fs/ocfs2/xattr.h | 6 +- 7 files changed, 72 insertions(+), 250 deletions(-) diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c index c0f9d2f..555f4cd 100644 --- a/fs/ocfs2/acl.c +++ b/fs/ocfs2/acl.c @@ -160,36 +160,6 @@ static struct posix_acl *ocfs2_get_acl_nolock(struct inode *inode, return acl; } - -/* - * Get posix acl. - */ -static struct posix_acl *ocfs2_get_acl(struct inode *inode, int type) -{ - struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); - struct buffer_head *di_bh = NULL; - struct posix_acl *acl; - int ret; - - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return NULL; - - ret = ocfs2_inode_lock(inode, &di_bh, 0); - if (ret < 0) { - mlog_errno(ret); - acl = ERR_PTR(ret); - return acl; - } - - acl = ocfs2_get_acl_nolock(inode, type, di_bh); - - ocfs2_inode_unlock(inode, 0); - - brelse(di_bh); - - return acl; -} - /* * Helper function to set i_mode in memory and disk. Some call paths * will not have di_bh or a journal handle to pass, in which case it @@ -250,7 +220,7 @@ out: /* * Set the access or default ACL of an inode. */ -static int ocfs2_set_acl(handle_t *handle, +int ocfs2_set_acl(handle_t *handle, struct inode *inode, struct buffer_head *di_bh, int type, @@ -313,6 +283,11 @@ static int ocfs2_set_acl(handle_t *handle, return ret; } +int ocfs2_iop_set_acl(struct inode *inode, struct posix_acl *acl, int type) +{ + return ocfs2_set_acl(NULL, inode, NULL, type, acl, NULL, NULL); +} + struct posix_acl *ocfs2_iop_get_acl(struct inode *inode, int type) { struct ocfs2_super *osb; @@ -334,200 +309,3 @@ struct posix_acl *ocfs2_iop_get_acl(struct inode *inode, int type) return acl; } - -int ocfs2_acl_chmod(struct inode *inode) -{ - struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); - struct posix_acl *acl; - int ret; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return 0; - - acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (ret) - return ret; - ret = ocfs2_set_acl(NULL, inode, NULL, ACL_TYPE_ACCESS, - acl, NULL, NULL); - posix_acl_release(acl); - return ret; -} - -/* - * Initialize the ACLs of a new inode. If parent directory has default ACL, - * then clone to new inode. Called from ocfs2_mknod. - */ -int ocfs2_init_acl(handle_t *handle, - struct inode *inode, - struct inode *dir, - struct buffer_head *di_bh, - struct buffer_head *dir_bh, - struct ocfs2_alloc_context *meta_ac, - struct ocfs2_alloc_context *data_ac) -{ - struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); - struct posix_acl *acl = NULL; - int ret = 0, ret2; - umode_t mode; - - if (!S_ISLNK(inode->i_mode)) { - if (osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) { - acl = ocfs2_get_acl_nolock(dir, ACL_TYPE_DEFAULT, - dir_bh); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (!acl) { - mode = inode->i_mode & ~current_umask(); - ret = ocfs2_acl_set_mode(inode, di_bh, handle, mode); - if (ret) { - mlog_errno(ret); - goto cleanup; - } - } - } - if ((osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) && acl) { - if (S_ISDIR(inode->i_mode)) { - ret = ocfs2_set_acl(handle, inode, di_bh, - ACL_TYPE_DEFAULT, acl, - meta_ac, data_ac); - if (ret) - goto cleanup; - } - mode = inode->i_mode; - ret = __posix_acl_create(&acl, GFP_NOFS, &mode); - if (ret < 0) - return ret; - - ret2 = ocfs2_acl_set_mode(inode, di_bh, handle, mode); - if (ret2) { - mlog_errno(ret2); - ret = ret2; - goto cleanup; - } - if (ret > 0) { - ret = ocfs2_set_acl(handle, inode, - di_bh, ACL_TYPE_ACCESS, - acl, meta_ac, data_ac); - } - } -cleanup: - posix_acl_release(acl); - return ret; -} - -static size_t ocfs2_xattr_list_acl_access(struct dentry *dentry, - char *list, - size_t list_len, - const char *name, - size_t name_len, - int type) -{ - struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb); - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); - - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return 0; - - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); - return size; -} - -static size_t ocfs2_xattr_list_acl_default(struct dentry *dentry, - char *list, - size_t list_len, - const char *name, - size_t name_len, - int type) -{ - struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb); - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); - - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return 0; - - if (list && size <= list_len) - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); - return size; -} - -static int ocfs2_xattr_get_acl(struct dentry *dentry, const char *name, - void *buffer, size_t size, int type) -{ - struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb); - struct posix_acl *acl; - int ret; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return -EOPNOTSUPP; - - acl = ocfs2_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - ret = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return ret; -} - -static int ocfs2_xattr_set_acl(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) -{ - struct inode *inode = dentry->d_inode; - struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); - struct posix_acl *acl; - int ret = 0; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) - return -EOPNOTSUPP; - - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - ret = posix_acl_valid(acl); - if (ret) - goto cleanup; - } - } else - acl = NULL; - - ret = ocfs2_set_acl(NULL, inode, NULL, type, acl, NULL, NULL); - -cleanup: - posix_acl_release(acl); - return ret; -} - -const struct xattr_handler ocfs2_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = ocfs2_xattr_list_acl_access, - .get = ocfs2_xattr_get_acl, - .set = ocfs2_xattr_set_acl, -}; - -const struct xattr_handler ocfs2_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = ocfs2_xattr_list_acl_default, - .get = ocfs2_xattr_get_acl, - .set = ocfs2_xattr_set_acl, -}; diff --git a/fs/ocfs2/acl.h b/fs/ocfs2/acl.h index 071fbd38..3fce68d 100644 --- a/fs/ocfs2/acl.h +++ b/fs/ocfs2/acl.h @@ -27,10 +27,13 @@ struct ocfs2_acl_entry { }; struct posix_acl *ocfs2_iop_get_acl(struct inode *inode, int type); -extern int ocfs2_acl_chmod(struct inode *); -extern int ocfs2_init_acl(handle_t *, struct inode *, struct inode *, - struct buffer_head *, struct buffer_head *, - struct ocfs2_alloc_context *, - struct ocfs2_alloc_context *); +int ocfs2_iop_set_acl(struct inode *inode, struct posix_acl *acl, int type); +int ocfs2_set_acl(handle_t *handle, + struct inode *inode, + struct buffer_head *di_bh, + int type, + struct posix_acl *acl, + struct ocfs2_alloc_context *meta_ac, + struct ocfs2_alloc_context *data_ac); #endif /* OCFS2_ACL_H */ diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c index 6fff128..ac371ad 100644 --- a/fs/ocfs2/file.c +++ b/fs/ocfs2/file.c @@ -1236,7 +1236,7 @@ bail: dqput(transfer_to[qtype]); if (!status && attr->ia_valid & ATTR_MODE) { - status = ocfs2_acl_chmod(inode); + status = posix_acl_chmod(inode); if (status < 0) mlog_errno(status); } @@ -2661,6 +2661,7 @@ const struct inode_operations ocfs2_file_iops = { .removexattr = generic_removexattr, .fiemap = ocfs2_fiemap, .get_acl = ocfs2_iop_get_acl, + .set_acl = ocfs2_iop_set_acl, }; const struct inode_operations ocfs2_special_file_iops = { @@ -2668,6 +2669,7 @@ const struct inode_operations ocfs2_special_file_iops = { .getattr = ocfs2_getattr, .permission = ocfs2_permission, .get_acl = ocfs2_iop_get_acl, + .set_acl = ocfs2_iop_set_acl, }; /* diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index 4f791f6..c975eed 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c @@ -230,6 +230,7 @@ static int ocfs2_mknod(struct inode *dir, struct ocfs2_dir_lookup_result lookup = { NULL, }; sigset_t oldset; int did_block_signals = 0; + struct posix_acl *default_acl = NULL, *acl = NULL; trace_ocfs2_mknod(dir, dentry, dentry->d_name.len, dentry->d_name.name, (unsigned long long)OCFS2_I(dir)->ip_blkno, @@ -331,6 +332,12 @@ static int ocfs2_mknod(struct inode *dir, goto leave; } + status = posix_acl_create(dir, &mode, &default_acl, &acl); + if (status) { + mlog_errno(status); + goto leave; + } + handle = ocfs2_start_trans(osb, ocfs2_mknod_credits(osb->sb, S_ISDIR(mode), xattr_credits)); @@ -379,8 +386,17 @@ static int ocfs2_mknod(struct inode *dir, inc_nlink(dir); } - status = ocfs2_init_acl(handle, inode, dir, new_fe_bh, parent_fe_bh, - meta_ac, data_ac); + if (default_acl) { + status = ocfs2_set_acl(handle, inode, new_fe_bh, + ACL_TYPE_DEFAULT, default_acl, + meta_ac, data_ac); + } + if (!status && acl) { + status = ocfs2_set_acl(handle, inode, new_fe_bh, + ACL_TYPE_ACCESS, acl, + meta_ac, data_ac); + } + if (status < 0) { mlog_errno(status); goto leave; @@ -419,6 +435,10 @@ static int ocfs2_mknod(struct inode *dir, d_instantiate(dentry, inode); status = 0; leave: + if (default_acl) + posix_acl_release(default_acl); + if (acl) + posix_acl_release(acl); if (status < 0 && did_quota_inode) dquot_free_inode(inode); if (handle) @@ -2504,4 +2524,5 @@ const struct inode_operations ocfs2_dir_iops = { .removexattr = generic_removexattr, .fiemap = ocfs2_fiemap, .get_acl = ocfs2_iop_get_acl, + .set_acl = ocfs2_iop_set_acl, }; diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c index 55767e1..6ba4bcb 100644 --- a/fs/ocfs2/refcounttree.c +++ b/fs/ocfs2/refcounttree.c @@ -46,6 +46,7 @@ #include <linux/quotaops.h> #include <linux/namei.h> #include <linux/mount.h> +#include <linux/posix_acl.h> struct ocfs2_cow_context { struct inode *inode; @@ -4268,11 +4269,20 @@ static int ocfs2_reflink(struct dentry *old_dentry, struct inode *dir, struct inode *inode = old_dentry->d_inode; struct buffer_head *old_bh = NULL; struct inode *new_orphan_inode = NULL; + struct posix_acl *default_acl, *acl; + umode_t mode; if (!ocfs2_refcount_tree(OCFS2_SB(inode->i_sb))) return -EOPNOTSUPP; - error = ocfs2_create_inode_in_orphan(dir, inode->i_mode, + mode = inode->i_mode; + error = posix_acl_create(dir, &mode, &default_acl, &acl); + if (error) { + mlog_errno(error); + goto out; + } + + error = ocfs2_create_inode_in_orphan(dir, mode, &new_orphan_inode); if (error) { mlog_errno(error); @@ -4303,11 +4313,16 @@ static int ocfs2_reflink(struct dentry *old_dentry, struct inode *dir, /* If the security isn''t preserved, we need to re-initialize them. */ if (!preserve) { error = ocfs2_init_security_and_acl(dir, new_orphan_inode, - &new_dentry->d_name); + &new_dentry->d_name, + default_acl, acl); if (error) mlog_errno(error); } out: + if (default_acl) + posix_acl_release(default_acl); + if (acl) + posix_acl_release(acl); if (!error) { error = ocfs2_mv_orphaned_inode_to_new(dir, new_orphan_inode, new_dentry); diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index f0a1326..185fa3b7 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c @@ -99,8 +99,8 @@ static struct ocfs2_xattr_def_value_root def_xv = { const struct xattr_handler *ocfs2_xattr_handlers[] = { &ocfs2_xattr_user_handler, - &ocfs2_xattr_acl_access_handler, - &ocfs2_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, &ocfs2_xattr_trusted_handler, &ocfs2_xattr_security_handler, NULL @@ -109,9 +109,9 @@ const struct xattr_handler *ocfs2_xattr_handlers[] = { static const struct xattr_handler *ocfs2_xattr_handler_map[OCFS2_XATTR_MAX] = { [OCFS2_XATTR_INDEX_USER] = &ocfs2_xattr_user_handler, [OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS] - = &ocfs2_xattr_acl_access_handler, + = &posix_acl_access_xattr_handler, [OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT] - = &ocfs2_xattr_acl_default_handler, + = &posix_acl_default_xattr_handler, [OCFS2_XATTR_INDEX_TRUSTED] = &ocfs2_xattr_trusted_handler, [OCFS2_XATTR_INDEX_SECURITY] = &ocfs2_xattr_security_handler, }; @@ -7190,10 +7190,12 @@ out: */ int ocfs2_init_security_and_acl(struct inode *dir, struct inode *inode, - const struct qstr *qstr) + const struct qstr *qstr, + struct posix_acl *default_acl, + struct posix_acl *acl) { - int ret = 0; struct buffer_head *dir_bh = NULL; + int ret = 0; ret = ocfs2_init_security_get(inode, dir, qstr, NULL); if (ret) { @@ -7207,9 +7209,10 @@ int ocfs2_init_security_and_acl(struct inode *dir, goto leave; } - ret = ocfs2_init_acl(NULL, inode, dir, NULL, dir_bh, NULL, NULL); - if (ret) - mlog_errno(ret); + if (!ret && default_acl) + ret = ocfs2_iop_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); + if (!ret && acl) + ret = ocfs2_iop_set_acl(inode, acl, ACL_TYPE_ACCESS); ocfs2_inode_unlock(dir, 0); brelse(dir_bh); diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h index 19f134e..f10d5b9 100644 --- a/fs/ocfs2/xattr.h +++ b/fs/ocfs2/xattr.h @@ -40,8 +40,6 @@ struct ocfs2_security_xattr_info { extern const struct xattr_handler ocfs2_xattr_user_handler; extern const struct xattr_handler ocfs2_xattr_trusted_handler; extern const struct xattr_handler ocfs2_xattr_security_handler; -extern const struct xattr_handler ocfs2_xattr_acl_access_handler; -extern const struct xattr_handler ocfs2_xattr_acl_default_handler; extern const struct xattr_handler *ocfs2_xattr_handlers[]; ssize_t ocfs2_listxattr(struct dentry *, char *, size_t); @@ -96,5 +94,7 @@ int ocfs2_reflink_xattrs(struct inode *old_inode, bool preserve_security); int ocfs2_init_security_and_acl(struct inode *dir, struct inode *inode, - const struct qstr *qstr); + const struct qstr *qstr, + struct posix_acl *default_acl, + struct posix_acl *acl); #endif /* OCFS2_XATTR_H */ -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 13/18] reiserfs: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/reiserfs/acl.h | 4 +- fs/reiserfs/file.c | 1 + fs/reiserfs/namei.c | 3 + fs/reiserfs/xattr.c | 5 +- fs/reiserfs/xattr_acl.c | 175 ++++++++--------------------------------------- 5 files changed, 36 insertions(+), 152 deletions(-) diff --git a/fs/reiserfs/acl.h b/fs/reiserfs/acl.h index f096b80..4a211f5 100644 --- a/fs/reiserfs/acl.h +++ b/fs/reiserfs/acl.h @@ -48,18 +48,18 @@ static inline int reiserfs_acl_count(size_t size) #ifdef CONFIG_REISERFS_FS_POSIX_ACL struct posix_acl *reiserfs_get_acl(struct inode *inode, int type); +int reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); int reiserfs_acl_chmod(struct inode *inode); int reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, struct inode *dir, struct dentry *dentry, struct inode *inode); int reiserfs_cache_default_acl(struct inode *dir); -extern const struct xattr_handler reiserfs_posix_acl_default_handler; -extern const struct xattr_handler reiserfs_posix_acl_access_handler; #else #define reiserfs_cache_default_acl(inode) 0 #define reiserfs_get_acl NULL +#define reiserfs_set_acl NULL static inline int reiserfs_acl_chmod(struct inode *inode) { diff --git a/fs/reiserfs/file.c b/fs/reiserfs/file.c index dcaafcf..ed58d84 100644 --- a/fs/reiserfs/file.c +++ b/fs/reiserfs/file.c @@ -260,4 +260,5 @@ const struct inode_operations reiserfs_file_inode_operations = { .removexattr = reiserfs_removexattr, .permission = reiserfs_permission, .get_acl = reiserfs_get_acl, + .set_acl = reiserfs_set_acl, }; diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index dc5236f..8ba707e 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c @@ -1522,6 +1522,7 @@ const struct inode_operations reiserfs_dir_inode_operations = { .removexattr = reiserfs_removexattr, .permission = reiserfs_permission, .get_acl = reiserfs_get_acl, + .set_acl = reiserfs_set_acl, }; /* @@ -1539,6 +1540,7 @@ const struct inode_operations reiserfs_symlink_inode_operations = { .removexattr = reiserfs_removexattr, .permission = reiserfs_permission, .get_acl = reiserfs_get_acl, + .set_acl = reiserfs_set_acl, }; @@ -1553,4 +1555,5 @@ const struct inode_operations reiserfs_special_inode_operations = { .removexattr = reiserfs_removexattr, .permission = reiserfs_permission, .get_acl = reiserfs_get_acl, + .set_acl = reiserfs_set_acl, }; diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 8a9e2dc..5cdfbd6 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -50,6 +50,7 @@ #include <linux/stat.h> #include <linux/quotaops.h> #include <linux/security.h> +#include <linux/posix_acl_xattr.h> #define PRIVROOT_NAME ".reiserfs_priv" #define XAROOT_NAME "xattrs" @@ -904,8 +905,8 @@ static const struct xattr_handler *reiserfs_xattr_handlers[] = { &reiserfs_xattr_security_handler, #endif #ifdef CONFIG_REISERFS_FS_POSIX_ACL - &reiserfs_posix_acl_access_handler, - &reiserfs_posix_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif NULL }; diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index d95c959..ff04988 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -11,35 +11,19 @@ #include "acl.h" #include <asm/uaccess.h> -static int reiserfs_set_acl(struct reiserfs_transaction_handle *th, +static int __reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, int type, struct posix_acl *acl); -static int -reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int type) + +int +reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) { - struct inode *inode = dentry->d_inode; - struct posix_acl *acl; int error, error2; struct reiserfs_transaction_handle th; size_t jcreate_blocks; - if (!reiserfs_posixacl(inode->i_sb)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) { - return PTR_ERR(acl); - } else if (acl) { - error = posix_acl_valid(acl); - if (error) - goto release_and_out; - } - } else - acl = NULL; + int size = acl ? posix_acl_xattr_size(acl->a_count) : 0; + /* Pessimism: We can''t assume that anything from the xattr root up * has been created. */ @@ -51,7 +35,7 @@ reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *valu error = journal_begin(&th, inode->i_sb, jcreate_blocks); reiserfs_write_unlock(inode->i_sb); if (error == 0) { - error = reiserfs_set_acl(&th, inode, type, acl); + error = __reiserfs_set_acl(&th, inode, type, acl); reiserfs_write_lock(inode->i_sb); error2 = journal_end(&th, inode->i_sb, jcreate_blocks); reiserfs_write_unlock(inode->i_sb); @@ -59,29 +43,6 @@ reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *valu error = error2; } - release_and_out: - posix_acl_release(acl); - return error; -} - -static int -reiserfs_posix_acl_get(struct dentry *dentry, const char *name, void *buffer, - size_t size, int type) -{ - struct posix_acl *acl; - int error; - - if (!reiserfs_posixacl(dentry->d_sb)) - return -EOPNOTSUPP; - - acl = reiserfs_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - return error; } @@ -273,7 +234,7 @@ struct posix_acl *reiserfs_get_acl(struct inode *inode, int type) * BKL held [before 2.5.x] */ static int -reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, +__reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, int type, struct posix_acl *acl) { char *name; @@ -343,7 +304,7 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, struct inode *dir, struct dentry *dentry, struct inode *inode) { - struct posix_acl *acl; + struct posix_acl *default_acl, *acl; int err = 0; /* ACLs only get applied to files and directories */ @@ -363,37 +324,28 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, goto apply_umask; } - acl = reiserfs_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); + err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (err) + return err; + if (default_acl) { + err = __reiserfs_set_acl(th, inode, ACL_TYPE_DEFAULT, + default_acl); + posix_acl_release(default_acl); + } if (acl) { - /* Copy the default ACL to the default ACL of a new directory */ - if (S_ISDIR(inode->i_mode)) { - err = reiserfs_set_acl(th, inode, ACL_TYPE_DEFAULT, - acl); - if (err) - goto cleanup; - } - - /* Now we reconcile the new ACL and the mode, - potentially modifying both */ - err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); - if (err < 0) - return err; - - /* If we need an ACL.. */ - if (err > 0) - err = reiserfs_set_acl(th, inode, ACL_TYPE_ACCESS, acl); - cleanup: + if (!err) + err = __reiserfs_set_acl(th, inode, ACL_TYPE_ACCESS, + acl); posix_acl_release(acl); - } else { - apply_umask: - /* no ACL, apply umask */ - inode->i_mode &= ~current_umask(); } return err; + + apply_umask: + /* no ACL, apply umask */ + inode->i_mode &= ~current_umask(); + return err; } /* This is used to cache the default acl before a new object is created. @@ -442,84 +394,11 @@ int reiserfs_cache_default_acl(struct inode *inode) */ int reiserfs_acl_chmod(struct inode *inode) { - struct reiserfs_transaction_handle th; - struct posix_acl *acl; - size_t size; - int error; - if (IS_PRIVATE(inode)) return 0; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - if (get_inode_sd_version(inode) == STAT_DATA_V1 || - !reiserfs_posixacl(inode->i_sb)) { + !reiserfs_posixacl(inode->i_sb)) return 0; - } - acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS); - if (!acl) - return 0; - if (IS_ERR(acl)) - return PTR_ERR(acl); - error = __posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); - if (error) - return error; - - size = reiserfs_xattr_nblocks(inode, reiserfs_acl_size(acl->a_count)); - reiserfs_write_lock(inode->i_sb); - error = journal_begin(&th, inode->i_sb, size * 2); - reiserfs_write_unlock(inode->i_sb); - if (!error) { - int error2; - error = reiserfs_set_acl(&th, inode, ACL_TYPE_ACCESS, acl); - reiserfs_write_lock(inode->i_sb); - error2 = journal_end(&th, inode->i_sb, size * 2); - reiserfs_write_unlock(inode->i_sb); - if (error2) - error = error2; - } - posix_acl_release(acl); - return error; -} - -static size_t posix_acl_access_list(struct dentry *dentry, char *list, - size_t list_size, const char *name, - size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); - if (!reiserfs_posixacl(dentry->d_sb)) - return 0; - if (list && size <= list_size) - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); - return size; + return posix_acl_chmod(inode); } - -const struct xattr_handler reiserfs_posix_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .get = reiserfs_posix_acl_get, - .set = reiserfs_posix_acl_set, - .list = posix_acl_access_list, -}; - -static size_t posix_acl_default_list(struct dentry *dentry, char *list, - size_t list_size, const char *name, - size_t name_len, int type) -{ - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); - if (!reiserfs_posixacl(dentry->d_sb)) - return 0; - if (list && size <= list_size) - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); - return size; -} - -const struct xattr_handler reiserfs_posix_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .get = reiserfs_posix_acl_get, - .set = reiserfs_posix_acl_set, - .list = posix_acl_default_list, -}; -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 14/18] xfs: use generic posix ACL infrastructure
Also create inodes with the proper mode instead of fixing it up later. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/xfs/xfs_acl.c | 138 +++------------------------------------------------- fs/xfs/xfs_acl.h | 9 +--- fs/xfs/xfs_iops.c | 39 ++++++++------- fs/xfs/xfs_iops.h | 2 +- fs/xfs/xfs_xattr.c | 4 +- 5 files changed, 33 insertions(+), 159 deletions(-) diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c index 057ae2d..28d897f 100644 --- a/fs/xfs/xfs_acl.c +++ b/fs/xfs/xfs_acl.c @@ -183,7 +183,7 @@ out: } STATIC int -xfs_set_acl(struct inode *inode, int type, struct posix_acl *acl) +__xfs_set_acl(struct inode *inode, int type, struct posix_acl *acl) { struct xfs_inode *ip = XFS_I(inode); unsigned char *ea_name; @@ -282,131 +282,23 @@ posix_acl_default_exists(struct inode *inode) return xfs_acl_exists(inode, SGI_ACL_DEFAULT); } -/* - * No need for i_mutex because the inode is not yet exposed to the VFS. - */ -int -xfs_inherit_acl(struct inode *inode, struct posix_acl *acl) -{ - umode_t mode = inode->i_mode; - int error = 0, inherit = 0; - - if (S_ISDIR(inode->i_mode)) { - error = xfs_set_acl(inode, ACL_TYPE_DEFAULT, acl); - if (error) - goto out; - } - - error = __posix_acl_create(&acl, GFP_KERNEL, &mode); - if (error < 0) - return error; - - /* - * If __posix_acl_create returns a positive value we need to - * inherit a permission that can''t be represented using the Unix - * mode bits and we actually need to set an ACL. - */ - if (error > 0) - inherit = 1; - - error = xfs_set_mode(inode, mode); - if (error) - goto out; - - if (inherit) - error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl); - -out: - posix_acl_release(acl); - return error; -} - int -xfs_acl_chmod(struct inode *inode) +xfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) { - struct posix_acl *acl; - int error; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - acl = xfs_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (error) - return error; - - error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl); - posix_acl_release(acl); - return error; -} - -static int -xfs_xattr_acl_get(struct dentry *dentry, const char *name, - void *value, size_t size, int type) -{ - struct posix_acl *acl; - int error; - - acl = xfs_get_acl(dentry->d_inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - - error = posix_acl_to_xattr(&init_user_ns, acl, value, size); - posix_acl_release(acl); - - return error; -} - -static int -xfs_xattr_acl_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) -{ - struct inode *inode = dentry->d_inode; - struct posix_acl *acl = NULL; int error = 0; - if (flags & XATTR_CREATE) - return -EINVAL; - if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) - return value ? -EACCES : 0; - if (!inode_owner_or_capable(inode)) - return -EPERM; - - if (!value) + if (!acl) goto set_acl; - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (!acl) { - /* - * acl_set_file(3) may request that we set default ACLs with - * zero length -- defend (gracefully) against that here. - */ - goto out; - } - if (IS_ERR(acl)) { - error = PTR_ERR(acl); - goto out; - } - - error = posix_acl_valid(acl); - if (error) - goto out_release; - error = -EINVAL; if (acl->a_count > XFS_ACL_MAX_ENTRIES(XFS_M(inode->i_sb))) - goto out_release; + return error; if (type == ACL_TYPE_ACCESS) { umode_t mode = inode->i_mode; error = posix_acl_equiv_mode(acl, &mode); if (error <= 0) { - posix_acl_release(acl); acl = NULL; if (error < 0) @@ -415,27 +307,9 @@ xfs_xattr_acl_set(struct dentry *dentry, const char *name, error = xfs_set_mode(inode, mode); if (error) - goto out_release; + return error; } set_acl: - error = xfs_set_acl(inode, type, acl); - out_release: - posix_acl_release(acl); - out: - return error; + return __xfs_set_acl(inode, type, acl); } - -const struct xattr_handler xfs_xattr_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .get = xfs_xattr_acl_get, - .set = xfs_xattr_acl_set, -}; - -const struct xattr_handler xfs_xattr_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .get = xfs_xattr_acl_get, - .set = xfs_xattr_acl_set, -}; diff --git a/fs/xfs/xfs_acl.h b/fs/xfs/xfs_acl.h index 4016a56..5dc1637 100644 --- a/fs/xfs/xfs_acl.h +++ b/fs/xfs/xfs_acl.h @@ -60,20 +60,15 @@ struct xfs_acl { #ifdef CONFIG_XFS_POSIX_ACL extern struct posix_acl *xfs_get_acl(struct inode *inode, int type); -extern int xfs_inherit_acl(struct inode *inode, struct posix_acl *default_acl); -extern int xfs_acl_chmod(struct inode *inode); +extern int xfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int posix_acl_access_exists(struct inode *inode); extern int posix_acl_default_exists(struct inode *inode); - -extern const struct xattr_handler xfs_xattr_acl_access_handler; -extern const struct xattr_handler xfs_xattr_acl_default_handler; #else static inline struct posix_acl *xfs_get_acl(struct inode *inode, int type) { return NULL; } -# define xfs_inherit_acl(inode, default_acl) 0 -# define xfs_acl_chmod(inode) 0 +# define xfs_set_acl NULL # define posix_acl_access_exists(inode) 0 # define posix_acl_default_exists(inode) 0 #endif /* CONFIG_XFS_POSIX_ACL */ diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 27e0e54..a8c7c78 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -123,7 +123,7 @@ xfs_vn_mknod( { struct inode *inode; struct xfs_inode *ip = NULL; - struct posix_acl *default_acl = NULL; + struct posix_acl *default_acl, *acl; struct xfs_name name; int error; @@ -139,14 +139,9 @@ xfs_vn_mknod( rdev = 0; } - if (IS_POSIXACL(dir)) { - default_acl = xfs_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(default_acl)) - return PTR_ERR(default_acl); - - if (!default_acl) - mode &= ~current_umask(); - } + error = posix_acl_create(dir, &mode, &default_acl, &acl); + if (error) + return error; xfs_dentry_to_name(&name, dentry, mode); error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); @@ -160,21 +155,27 @@ xfs_vn_mknod( goto out_cleanup_inode; if (default_acl) { - error = -xfs_inherit_acl(inode, default_acl); - default_acl = NULL; - if (unlikely(error)) + error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); + if (error) + goto out_cleanup_inode; + } + if (acl) { + error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); + if (error) goto out_cleanup_inode; } - d_instantiate(dentry, inode); + out_free_acl: + if (default_acl) + posix_acl_release(default_acl); + if (acl) + posix_acl_release(acl); return -error; out_cleanup_inode: xfs_cleanup_inode(dir, inode, dentry); - out_free_acl: - posix_acl_release(default_acl); - return -error; + goto out_free_acl; } STATIC int @@ -683,7 +684,7 @@ xfs_setattr_nonsize( * Posix ACL code seems to care about this issue either. */ if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { - error = -xfs_acl_chmod(inode); + error = -posix_acl_chmod(inode); if (error) return XFS_ERROR(error); } @@ -1052,6 +1053,7 @@ xfs_vn_fiemap( static const struct inode_operations xfs_inode_operations = { .get_acl = xfs_get_acl, + .set_acl = xfs_set_acl, .getattr = xfs_vn_getattr, .setattr = xfs_vn_setattr, .setxattr = generic_setxattr, @@ -1079,6 +1081,7 @@ static const struct inode_operations xfs_dir_inode_operations = { .mknod = xfs_vn_mknod, .rename = xfs_vn_rename, .get_acl = xfs_get_acl, + .set_acl = xfs_set_acl, .getattr = xfs_vn_getattr, .setattr = xfs_vn_setattr, .setxattr = generic_setxattr, @@ -1105,6 +1108,7 @@ static const struct inode_operations xfs_dir_ci_inode_operations = { .mknod = xfs_vn_mknod, .rename = xfs_vn_rename, .get_acl = xfs_get_acl, + .set_acl = xfs_set_acl, .getattr = xfs_vn_getattr, .setattr = xfs_vn_setattr, .setxattr = generic_setxattr, @@ -1119,6 +1123,7 @@ static const struct inode_operations xfs_symlink_inode_operations = { .follow_link = xfs_vn_follow_link, .put_link = xfs_vn_put_link, .get_acl = xfs_get_acl, + .set_acl = xfs_set_acl, .getattr = xfs_vn_getattr, .setattr = xfs_vn_setattr, .setxattr = generic_setxattr, diff --git a/fs/xfs/xfs_iops.h b/fs/xfs/xfs_iops.h index d2c5057..1c34e43 100644 --- a/fs/xfs/xfs_iops.h +++ b/fs/xfs/xfs_iops.h @@ -30,7 +30,7 @@ extern void xfs_setup_inode(struct xfs_inode *); /* * Internal setattr interfaces. */ -#define XFS_ATTR_NOACL 0x01 /* Don''t call xfs_acl_chmod */ +#define XFS_ATTR_NOACL 0x01 /* Don''t call posix_acl_chmod */ extern int xfs_setattr_nonsize(struct xfs_inode *ip, struct iattr *vap, int flags); diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c index 9d47907..78ed92a 100644 --- a/fs/xfs/xfs_xattr.c +++ b/fs/xfs/xfs_xattr.c @@ -102,8 +102,8 @@ const struct xattr_handler *xfs_xattr_handlers[] = { &xfs_xattr_trusted_handler, &xfs_xattr_security_handler, #ifdef CONFIG_XFS_POSIX_ACL - &xfs_xattr_acl_access_handler, - &xfs_xattr_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif NULL }; -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 15/18] jfs: use generic posix ACL infrastructure
Copy the scheme I introduced to btrfs many years ago to only use the xattr handler for ACLs, but pass plain attrs straight through. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/jfs/acl.c | 105 ++++++++++++++++++++------------------------------ fs/jfs/file.c | 4 +- fs/jfs/jfs_acl.h | 7 +--- fs/jfs/jfs_xattr.h | 2 + fs/jfs/namei.c | 1 + fs/jfs/super.c | 2 + fs/jfs/xattr.c | 108 ++++++++++++++++++---------------------------------- 7 files changed, 89 insertions(+), 140 deletions(-) diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c index 28d529a..e973b85 100644 --- a/fs/jfs/acl.c +++ b/fs/jfs/acl.c @@ -72,7 +72,7 @@ struct posix_acl *jfs_get_acl(struct inode *inode, int type) return acl; } -static int jfs_set_acl(tid_t tid, struct inode *inode, int type, +static int __jfs_set_acl(tid_t tid, struct inode *inode, int type, struct posix_acl *acl) { char *ea_name; @@ -80,21 +80,22 @@ static int jfs_set_acl(tid_t tid, struct inode *inode, int type, int size = 0; char *value = NULL; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - switch(type) { - case ACL_TYPE_ACCESS: - ea_name = POSIX_ACL_XATTR_ACCESS; - break; - case ACL_TYPE_DEFAULT: - ea_name = POSIX_ACL_XATTR_DEFAULT; - if (!S_ISDIR(inode->i_mode)) - return acl ? -EACCES : 0; - break; - default: - return -EINVAL; + switch (type) { + case ACL_TYPE_ACCESS: + ea_name = POSIX_ACL_XATTR_ACCESS; + rc = posix_acl_equiv_mode(acl, &inode->i_mode); + if (rc < 0) + return rc; + if (rc == 0) + acl = NULL; + break; + case ACL_TYPE_DEFAULT: + ea_name = POSIX_ACL_XATTR_DEFAULT; + break; + default: + return -EINVAL; } + if (acl) { size = posix_acl_xattr_size(acl->a_count); value = kmalloc(size, GFP_KERNEL); @@ -114,65 +115,43 @@ out: return rc; } +int jfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) +{ + int rc; + tid_t tid; + + tid = txBegin(inode->i_sb, 0); + mutex_lock(&JFS_IP(inode)->commit_mutex); + rc = __jfs_set_acl(tid, inode, type, acl); + if (!rc) + rc = txCommit(tid, 1, &inode, 0); + txEnd(tid); + mutex_unlock(&JFS_IP(inode)->commit_mutex); + return rc; +} + int jfs_init_acl(tid_t tid, struct inode *inode, struct inode *dir) { - struct posix_acl *acl = NULL; + struct posix_acl *default_acl, *acl; int rc = 0; - if (S_ISLNK(inode->i_mode)) - return 0; + rc = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (rc) + return rc; - acl = jfs_get_acl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); + if (default_acl) { + rc = __jfs_set_acl(tid, inode, ACL_TYPE_DEFAULT, default_acl); + posix_acl_release(default_acl); + } if (acl) { - if (S_ISDIR(inode->i_mode)) { - rc = jfs_set_acl(tid, inode, ACL_TYPE_DEFAULT, acl); - if (rc) - goto cleanup; - } - rc = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); - if (rc < 0) - goto cleanup; /* posix_acl_release(NULL) is no-op */ - if (rc > 0) - rc = jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl); -cleanup: + if (!rc) + rc = __jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl); posix_acl_release(acl); - } else - inode->i_mode &= ~current_umask(); + } JFS_IP(inode)->mode2 = (JFS_IP(inode)->mode2 & 0xffff0000) | inode->i_mode; return rc; } - -int jfs_acl_chmod(struct inode *inode) -{ - struct posix_acl *acl; - int rc; - tid_t tid; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - acl = jfs_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - - rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (rc) - return rc; - - tid = txBegin(inode->i_sb, 0); - mutex_lock(&JFS_IP(inode)->commit_mutex); - rc = jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl); - if (!rc) - rc = txCommit(tid, 1, &inode, 0); - txEnd(tid); - mutex_unlock(&JFS_IP(inode)->commit_mutex); - - posix_acl_release(acl); - return rc; -} diff --git a/fs/jfs/file.c b/fs/jfs/file.c index dd7442c..145a17e 100644 --- a/fs/jfs/file.c +++ b/fs/jfs/file.c @@ -19,6 +19,7 @@ #include <linux/mm.h> #include <linux/fs.h> +#include <linux/posix_acl.h> #include <linux/quotaops.h> #include "jfs_incore.h" #include "jfs_inode.h" @@ -131,7 +132,7 @@ int jfs_setattr(struct dentry *dentry, struct iattr *iattr) mark_inode_dirty(inode); if (iattr->ia_valid & ATTR_MODE) - rc = jfs_acl_chmod(inode); + rc = posix_acl_chmod(inode); return rc; } @@ -143,6 +144,7 @@ const struct inode_operations jfs_file_inode_operations = { .setattr = jfs_setattr, #ifdef CONFIG_JFS_POSIX_ACL .get_acl = jfs_get_acl, + .set_acl = jfs_set_acl, #endif }; diff --git a/fs/jfs/jfs_acl.h b/fs/jfs/jfs_acl.h index ad84fe5..489f993 100644 --- a/fs/jfs/jfs_acl.h +++ b/fs/jfs/jfs_acl.h @@ -21,8 +21,8 @@ #ifdef CONFIG_JFS_POSIX_ACL struct posix_acl *jfs_get_acl(struct inode *inode, int type); +int jfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); int jfs_init_acl(tid_t, struct inode *, struct inode *); -int jfs_acl_chmod(struct inode *inode); #else @@ -32,10 +32,5 @@ static inline int jfs_init_acl(tid_t tid, struct inode *inode, return 0; } -static inline int jfs_acl_chmod(struct inode *inode) -{ - return 0; -} - #endif #endif /* _H_JFS_ACL */ diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h index e9e100f..e8d717d 100644 --- a/fs/jfs/jfs_xattr.h +++ b/fs/jfs/jfs_xattr.h @@ -61,6 +61,8 @@ extern ssize_t jfs_getxattr(struct dentry *, const char *, void *, size_t); extern ssize_t jfs_listxattr(struct dentry *, char *, size_t); extern int jfs_removexattr(struct dentry *, const char *); +extern const struct xattr_handler *jfs_xattr_handlers[]; + #ifdef CONFIG_JFS_SECURITY extern int jfs_init_security(tid_t, struct inode *, struct inode *, const struct qstr *); diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c index aa8a337..d59c7de 100644 --- a/fs/jfs/namei.c +++ b/fs/jfs/namei.c @@ -1524,6 +1524,7 @@ const struct inode_operations jfs_dir_inode_operations = { .setattr = jfs_setattr, #ifdef CONFIG_JFS_POSIX_ACL .get_acl = jfs_get_acl, + .set_acl = jfs_set_acl, #endif }; diff --git a/fs/jfs/super.c b/fs/jfs/super.c index 6669aa2..e2b7483 100644 --- a/fs/jfs/super.c +++ b/fs/jfs/super.c @@ -44,6 +44,7 @@ #include "jfs_imap.h" #include "jfs_acl.h" #include "jfs_debug.h" +#include "jfs_xattr.h" MODULE_DESCRIPTION("The Journaled Filesystem (JFS)"); MODULE_AUTHOR("Steve Best/Dave Kleikamp/Barry Arndt, IBM"); @@ -522,6 +523,7 @@ static int jfs_fill_super(struct super_block *sb, void *data, int silent) */ sb->s_op = &jfs_super_operations; sb->s_export_op = &jfs_export_operations; + sb->s_xattr = jfs_xattr_handlers; #ifdef CONFIG_QUOTA sb->dq_op = &dquot_operations; sb->s_qcop = &dquot_quotactl_ops; diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index d3472f4..5324e4e 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c @@ -666,81 +666,12 @@ static int ea_put(tid_t tid, struct inode *inode, struct ea_buffer *ea_buf, } /* - * can_set_system_xattr - * - * This code is specific to the system.* namespace. It contains policy - * which doesn''t belong in the main xattr codepath. - */ -static int can_set_system_xattr(struct inode *inode, const char *name, - const void *value, size_t value_len) -{ -#ifdef CONFIG_JFS_POSIX_ACL - struct posix_acl *acl; - int rc; - - if (!inode_owner_or_capable(inode)) - return -EPERM; - - /* - * POSIX_ACL_XATTR_ACCESS is tied to i_mode - */ - if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) { - acl = posix_acl_from_xattr(&init_user_ns, value, value_len); - if (IS_ERR(acl)) { - rc = PTR_ERR(acl); - printk(KERN_ERR "posix_acl_from_xattr returned %d\n", - rc); - return rc; - } - if (acl) { - rc = posix_acl_equiv_mode(acl, &inode->i_mode); - posix_acl_release(acl); - if (rc < 0) { - printk(KERN_ERR - "posix_acl_equiv_mode returned %d\n", - rc); - return rc; - } - mark_inode_dirty(inode); - } - /* - * We''re changing the ACL. Get rid of the cached one - */ - forget_cached_acl(inode, ACL_TYPE_ACCESS); - - return 0; - } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) { - acl = posix_acl_from_xattr(&init_user_ns, value, value_len); - if (IS_ERR(acl)) { - rc = PTR_ERR(acl); - printk(KERN_ERR "posix_acl_from_xattr returned %d\n", - rc); - return rc; - } - posix_acl_release(acl); - - /* - * We''re changing the default ACL. Get rid of the cached one - */ - forget_cached_acl(inode, ACL_TYPE_DEFAULT); - - return 0; - } -#endif /* CONFIG_JFS_POSIX_ACL */ - return -EOPNOTSUPP; -} - -/* * Most of the permission checking is done by xattr_permission in the vfs. - * The local file system is responsible for handling the system.* namespace. * We also need to verify that this is a namespace that we recognize. */ static int can_set_xattr(struct inode *inode, const char *name, const void *value, size_t value_len) { - if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return can_set_system_xattr(inode, name, value, value_len); - if (!strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN)) { /* * This makes sure that we aren''t trying to set an @@ -748,7 +679,7 @@ static int can_set_xattr(struct inode *inode, const char *name, * with "os2." */ if (is_known_namespace(name + XATTR_OS2_PREFIX_LEN)) - return -EOPNOTSUPP; + return -EOPNOTSUPP; return 0; } @@ -913,6 +844,14 @@ int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, if ((rc = can_set_xattr(inode, name, value, value_len))) return rc; + /* + * If this is a request for a synthetic attribute in the system.* + * namespace use the generic infrastructure to resolve a handler + * for it via sb->s_xattr. + */ + if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) + return generic_setxattr(dentry, name, value, value_len, flags); + if (value == NULL) { /* empty EA, do not remove */ value = ""; value_len = 0; @@ -986,6 +925,14 @@ ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, { int err; + /* + * If this is a request for a synthetic attribute in the system.* + * namespace use the generic infrastructure to resolve a handler + * for it via sb->s_xattr. + */ + if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) + return generic_getxattr(dentry, name, data, buf_size); + if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { /* * skip past "os2." prefix @@ -1077,6 +1024,14 @@ int jfs_removexattr(struct dentry *dentry, const char *name) if ((rc = can_set_xattr(inode, name, NULL, 0))) return rc; + /* + * If this is a request for a synthetic attribute in the system.* + * namespace use the generic infrastructure to resolve a handler + * for it via sb->s_xattr. + */ + if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) + return generic_removexattr(dentry, name); + tid = txBegin(inode->i_sb, 0); mutex_lock(&ji->commit_mutex); rc = __jfs_setxattr(tid, dentry->d_inode, name, NULL, 0, XATTR_REPLACE); @@ -1088,6 +1043,19 @@ int jfs_removexattr(struct dentry *dentry, const char *name) return rc; } +/* + * List of handlers for synthetic system.* attributes. All real ondisk + * attributes are handled directly. + */ +const struct xattr_handler *jfs_xattr_handlers[] = { +#ifdef JFS_POSIX_ACL + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, +#endif + NULL, +}; + + #ifdef CONFIG_JFS_SECURITY static int jfs_initxattrs(struct inode *inode, const struct xattr *xattr_array, void *fs_info) -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 16/18] gfs2: use generic posix ACL infrastructure
This contains some major refactoring for the create path so that inodes are created with the right mode to start with instead of fixing it up later. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/gfs2/acl.c | 229 +++++++------------------------------------------------ fs/gfs2/acl.h | 4 +- fs/gfs2/inode.c | 33 ++++++-- fs/gfs2/xattr.c | 4 +- 4 files changed, 61 insertions(+), 209 deletions(-) diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c index e82e4ac..e6c7a2c 100644 --- a/fs/gfs2/acl.c +++ b/fs/gfs2/acl.c @@ -80,7 +80,7 @@ static int gfs2_set_mode(struct inode *inode, umode_t mode) return error; } -static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl) +int gfs2_set_acl(struct inode *inode, struct posix_acl *acl, int type) { int error; int len; @@ -88,219 +88,48 @@ static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl) const char *name = gfs2_acl_name(type); BUG_ON(name == NULL); - len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0); - if (len == 0) - return 0; - data = kmalloc(len, GFP_NOFS); - if (data == NULL) - return -ENOMEM; - error = posix_acl_to_xattr(&init_user_ns, acl, data, len); - if (error < 0) - goto out; - error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); - if (!error) - set_cached_acl(inode, type, acl); -out: - kfree(data); - return error; -} - -int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode) -{ - struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode); - struct posix_acl *acl; - umode_t mode = inode->i_mode; - int error = 0; - - if (!sdp->sd_args.ar_posix_acl) - return 0; - if (S_ISLNK(inode->i_mode)) - return 0; - - acl = gfs2_get_acl(&dip->i_inode, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (!acl) { - mode &= ~current_umask(); - return gfs2_set_mode(inode, mode); - } - - if (S_ISDIR(inode->i_mode)) { - error = gfs2_acl_set(inode, ACL_TYPE_DEFAULT, acl); - if (error) - goto out; - } - - error = __posix_acl_create(&acl, GFP_NOFS, &mode); - if (error < 0) - return error; - - if (error == 0) - goto munge; - - error = gfs2_acl_set(inode, ACL_TYPE_ACCESS, acl); - if (error) - goto out; -munge: - error = gfs2_set_mode(inode, mode); -out: - posix_acl_release(acl); - return error; -} - -int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) -{ - struct inode *inode = &ip->i_inode; - struct posix_acl *acl; - char *data; - unsigned int len; - int error; - - acl = gfs2_get_acl(&ip->i_inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (!acl) - return gfs2_setattr_simple(inode, attr); - - error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode); - if (error) - return error; - - len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0); - data = kmalloc(len, GFP_NOFS); - error = -ENOMEM; - if (data == NULL) - goto out; - posix_acl_to_xattr(&init_user_ns, acl, data, len); - error = gfs2_xattr_acl_chmod(ip, attr, data); - kfree(data); - set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl); - -out: - posix_acl_release(acl); - return error; -} - -static int gfs2_acl_type(const char *name) -{ - if (strcmp(name, GFS2_POSIX_ACL_ACCESS) == 0) - return ACL_TYPE_ACCESS; - if (strcmp(name, GFS2_POSIX_ACL_DEFAULT) == 0) - return ACL_TYPE_DEFAULT; - return -EINVAL; -} - -static int gfs2_xattr_system_get(struct dentry *dentry, const char *name, - void *buffer, size_t size, int xtype) -{ - struct inode *inode = dentry->d_inode; - struct gfs2_sbd *sdp = GFS2_SB(inode); - struct posix_acl *acl; - int type; - int error; - - if (!sdp->sd_args.ar_posix_acl) - return -EOPNOTSUPP; - - type = gfs2_acl_type(name); - if (type < 0) - return type; - - acl = gfs2_get_acl(inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl == NULL) - return -ENODATA; - - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int gfs2_xattr_system_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, - int xtype) -{ - struct inode *inode = dentry->d_inode; - struct gfs2_sbd *sdp = GFS2_SB(inode); - struct posix_acl *acl = NULL; - int error = 0, type; - - if (!sdp->sd_args.ar_posix_acl) - return -EOPNOTSUPP; - - type = gfs2_acl_type(name); - if (type < 0) - return type; - if (flags & XATTR_CREATE) - return -EINVAL; - if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) - return value ? -EACCES : 0; - if (!uid_eq(current_fsuid(), inode->i_uid) && !capable(CAP_FOWNER)) - return -EPERM; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - - if (!value) - goto set_acl; - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (!acl) { - /* - * acl_set_file(3) may request that we set default ACLs with - * zero length -- defend (gracefully) against that here. - */ - goto out; - } - if (IS_ERR(acl)) { - error = PTR_ERR(acl); - goto out; - } - - error = posix_acl_valid(acl); - if (error) - goto out_release; - - error = -EINVAL; if (acl->a_count > GFS2_ACL_MAX_ENTRIES) - goto out_release; + return -EINVAL; if (type == ACL_TYPE_ACCESS) { umode_t mode = inode->i_mode; + error = posix_acl_equiv_mode(acl, &mode); + if (error < 0) - if (error <= 0) { - posix_acl_release(acl); + if (error == 0) acl = NULL; - if (error < 0) - return error; - } - error = gfs2_set_mode(inode, mode); if (error) - goto out_release; + return error; } -set_acl: - error = __gfs2_xattr_set(inode, name, value, size, 0, GFS2_EATYPE_SYS); - if (!error) { - if (acl) - set_cached_acl(inode, type, acl); - else - forget_cached_acl(inode, type); + if (acl) { + len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0); + if (len == 0) + return 0; + data = kmalloc(len, GFP_NOFS); + if (data == NULL) + return -ENOMEM; + error = posix_acl_to_xattr(&init_user_ns, acl, data, len); + if (error < 0) + goto out; + } else { + data = NULL; + len = 0; } -out_release: - posix_acl_release(acl); + + error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); + if (error) + goto out; + + if (acl) + set_cached_acl(inode, type, acl); + else + forget_cached_acl(inode, type); out: + kfree(data); return error; } - -const struct xattr_handler gfs2_xattr_system_handler = { - .prefix = XATTR_SYSTEM_PREFIX, - .flags = GFS2_EATYPE_SYS, - .get = gfs2_xattr_system_get, - .set = gfs2_xattr_system_set, -}; - diff --git a/fs/gfs2/acl.h b/fs/gfs2/acl.h index 0da38dc..301260c 100644 --- a/fs/gfs2/acl.h +++ b/fs/gfs2/acl.h @@ -17,8 +17,6 @@ #define GFS2_ACL_MAX_ENTRIES 25 extern struct posix_acl *gfs2_get_acl(struct inode *inode, int type); -extern int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode); -extern int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr); -extern const struct xattr_handler gfs2_xattr_system_handler; +extern int gfs2_set_acl(struct inode *inode, struct posix_acl *acl, int type); #endif /* __ACL_DOT_H__ */ diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 7119504..92b4ec0 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -552,6 +552,7 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, unsigned int size, int excl, int *opened) { const struct qstr *name = &dentry->d_name; + struct posix_acl *default_acl, *acl; struct gfs2_holder ghs[2]; struct inode *inode = NULL; struct gfs2_inode *dip = GFS2_I(dir), *ip; @@ -611,10 +612,14 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, if (!inode) goto fail_gunlock; + error = posix_acl_create(dir, &mode, &default_acl, &acl); + if (error) + goto fail_free_vfs_inode; + ip = GFS2_I(inode); error = gfs2_rs_alloc(ip); if (error) - goto fail_free_inode; + goto fail_free_acls; inode->i_mode = mode; set_nlink(inode, S_ISDIR(mode) ? 2 : 1); @@ -682,7 +687,16 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, gfs2_set_iop(inode); insert_inode_hash(inode); - error = gfs2_acl_create(dip, inode); + if (default_acl) { + error = gfs2_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); + posix_acl_release(default_acl); + } + if (acl) { + if (!error) + error = gfs2_set_acl(inode, acl, ACL_TYPE_ACCESS); + posix_acl_release(acl); + } + if (error) goto fail_gunlock3; @@ -716,6 +730,12 @@ fail_free_inode: if (ip->i_gl) gfs2_glock_put(ip->i_gl); gfs2_rs_delete(ip, NULL); +fail_free_acls: + if (default_acl) + posix_acl_release(default_acl); + if (acl) + posix_acl_release(acl); +fail_free_vfs_inode: free_inode_nonrcu(inode); inode = NULL; fail_gunlock: @@ -1678,10 +1698,11 @@ static int gfs2_setattr(struct dentry *dentry, struct iattr *attr) error = gfs2_setattr_size(inode, attr->ia_size); else if (attr->ia_valid & (ATTR_UID | ATTR_GID)) error = setattr_chown(inode, attr); - else if ((attr->ia_valid & ATTR_MODE) && IS_POSIXACL(inode)) - error = gfs2_acl_chmod(ip, attr); - else + else { error = gfs2_setattr_simple(inode, attr); + if (!error && attr->ia_valid & ATTR_MODE) + error = posix_acl_chmod(inode); + } out: if (!error) @@ -1841,6 +1862,7 @@ const struct inode_operations gfs2_file_iops = { .removexattr = gfs2_removexattr, .fiemap = gfs2_fiemap, .get_acl = gfs2_get_acl, + .set_acl = gfs2_set_acl, }; const struct inode_operations gfs2_dir_iops = { @@ -1862,6 +1884,7 @@ const struct inode_operations gfs2_dir_iops = { .removexattr = gfs2_removexattr, .fiemap = gfs2_fiemap, .get_acl = gfs2_get_acl, + .set_acl = gfs2_set_acl, .atomic_open = gfs2_atomic_open, }; diff --git a/fs/gfs2/xattr.c b/fs/gfs2/xattr.c index 8c6a6f6..0b81f78 100644 --- a/fs/gfs2/xattr.c +++ b/fs/gfs2/xattr.c @@ -13,6 +13,7 @@ #include <linux/buffer_head.h> #include <linux/xattr.h> #include <linux/gfs2_ondisk.h> +#include <linux/posix_acl_xattr.h> #include <asm/uaccess.h> #include "gfs2.h" @@ -1500,7 +1501,8 @@ static const struct xattr_handler gfs2_xattr_security_handler = { const struct xattr_handler *gfs2_xattr_handlers[] = { &gfs2_xattr_user_handler, &gfs2_xattr_security_handler, - &gfs2_xattr_system_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, NULL, }; -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Christoph Hellwig
2013-Dec-01 11:59 UTC
[PATCH 17/18] nfs: use generic posix ACL infrastructure for v3 Posix ACLs
Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/nfs/inode.c | 4 - fs/nfs/nfs3acl.c | 287 ++++++++++-------------------------------------- fs/nfs/nfs3proc.c | 26 +++-- fs/nfs/nfs3super.c | 3 + include/linux/nfs_fs.h | 10 +- 5 files changed, 79 insertions(+), 251 deletions(-) diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 18ab2da..53b5cfe 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -1641,10 +1641,6 @@ struct inode *nfs_alloc_inode(struct super_block *sb) return NULL; nfsi->flags = 0UL; nfsi->cache_validity = 0UL; -#ifdef CONFIG_NFS_V3_ACL - nfsi->acl_access = ERR_PTR(-EAGAIN); - nfsi->acl_default = ERR_PTR(-EAGAIN); -#endif #if IS_ENABLED(CONFIG_NFS_V4) nfsi->nfs4_acl = NULL; #endif /* CONFIG_NFS_V4 */ diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c index e859675..015c567 100644 --- a/fs/nfs/nfs3acl.c +++ b/fs/nfs/nfs3acl.c @@ -10,179 +10,7 @@ #define NFSDBG_FACILITY NFSDBG_PROC -ssize_t nfs3_listxattr(struct dentry *dentry, char *buffer, size_t size) -{ - struct inode *inode = dentry->d_inode; - struct posix_acl *acl; - int pos=0, len=0; - -# define output(s) do { \ - if (pos + sizeof(s) <= size) { \ - memcpy(buffer + pos, s, sizeof(s)); \ - pos += sizeof(s); \ - } \ - len += sizeof(s); \ - } while(0) - - acl = nfs3_proc_getacl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl) { - output("system.posix_acl_access"); - posix_acl_release(acl); - } - - if (S_ISDIR(inode->i_mode)) { - acl = nfs3_proc_getacl(inode, ACL_TYPE_DEFAULT); - if (IS_ERR(acl)) - return PTR_ERR(acl); - if (acl) { - output("system.posix_acl_default"); - posix_acl_release(acl); - } - } - -# undef output - - if (!buffer || len <= size) - return len; - return -ERANGE; -} - -ssize_t nfs3_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size) -{ - struct inode *inode = dentry->d_inode; - struct posix_acl *acl; - int type, error = 0; - - if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) - type = ACL_TYPE_ACCESS; - else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) - type = ACL_TYPE_DEFAULT; - else - return -EOPNOTSUPP; - - acl = nfs3_proc_getacl(inode, type); - if (IS_ERR(acl)) - return PTR_ERR(acl); - else if (acl) { - if (type == ACL_TYPE_ACCESS && acl->a_count == 0) - error = -ENODATA; - else - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - } else - error = -ENODATA; - - return error; -} - -int nfs3_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) -{ - struct inode *inode = dentry->d_inode; - struct posix_acl *acl; - int type, error; - - if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) - type = ACL_TYPE_ACCESS; - else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) - type = ACL_TYPE_DEFAULT; - else - return -EOPNOTSUPP; - - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - error = nfs3_proc_setacl(inode, type, acl); - posix_acl_release(acl); - - return error; -} - -int nfs3_removexattr(struct dentry *dentry, const char *name) -{ - struct inode *inode = dentry->d_inode; - int type; - - if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) - type = ACL_TYPE_ACCESS; - else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) - type = ACL_TYPE_DEFAULT; - else - return -EOPNOTSUPP; - - return nfs3_proc_setacl(inode, type, NULL); -} - -static void __nfs3_forget_cached_acls(struct nfs_inode *nfsi) -{ - if (!IS_ERR(nfsi->acl_access)) { - posix_acl_release(nfsi->acl_access); - nfsi->acl_access = ERR_PTR(-EAGAIN); - } - if (!IS_ERR(nfsi->acl_default)) { - posix_acl_release(nfsi->acl_default); - nfsi->acl_default = ERR_PTR(-EAGAIN); - } -} - -void nfs3_forget_cached_acls(struct inode *inode) -{ - dprintk("NFS: nfs3_forget_cached_acls(%s/%ld)\n", inode->i_sb->s_id, - inode->i_ino); - spin_lock(&inode->i_lock); - __nfs3_forget_cached_acls(NFS_I(inode)); - spin_unlock(&inode->i_lock); -} - -static struct posix_acl *nfs3_get_cached_acl(struct inode *inode, int type) -{ - struct nfs_inode *nfsi = NFS_I(inode); - struct posix_acl *acl = ERR_PTR(-EINVAL); - - spin_lock(&inode->i_lock); - switch(type) { - case ACL_TYPE_ACCESS: - acl = nfsi->acl_access; - break; - - case ACL_TYPE_DEFAULT: - acl = nfsi->acl_default; - break; - - default: - goto out; - } - if (IS_ERR(acl)) - acl = ERR_PTR(-EAGAIN); - else - acl = posix_acl_dup(acl); -out: - spin_unlock(&inode->i_lock); - dprintk("NFS: nfs3_get_cached_acl(%s/%ld, %d) = %p\n", inode->i_sb->s_id, - inode->i_ino, type, acl); - return acl; -} - -static void nfs3_cache_acls(struct inode *inode, struct posix_acl *acl, - struct posix_acl *dfacl) -{ - struct nfs_inode *nfsi = NFS_I(inode); - - dprintk("nfs3_cache_acls(%s/%ld, %p, %p)\n", inode->i_sb->s_id, - inode->i_ino, acl, dfacl); - spin_lock(&inode->i_lock); - __nfs3_forget_cached_acls(NFS_I(inode)); - if (!IS_ERR(acl)) - nfsi->acl_access = posix_acl_dup(acl); - if (!IS_ERR(dfacl)) - nfsi->acl_default = posix_acl_dup(dfacl); - spin_unlock(&inode->i_lock); -} - -struct posix_acl *nfs3_proc_getacl(struct inode *inode, int type) +struct posix_acl *nfs3_get_acl(struct inode *inode, int type) { struct nfs_server *server = NFS_SERVER(inode); struct page *pages[NFSACL_MAXPAGES] = { }; @@ -207,8 +35,9 @@ struct posix_acl *nfs3_proc_getacl(struct inode *inode, int type) status = nfs_revalidate_inode(server, inode); if (status < 0) return ERR_PTR(status); - acl = nfs3_get_cached_acl(inode, type); - if (acl != ERR_PTR(-EAGAIN)) + + acl = get_cached_acl(inode, type); + if (acl != ACL_NOT_CACHED) return acl; acl = NULL; @@ -257,36 +86,37 @@ struct posix_acl *nfs3_proc_getacl(struct inode *inode, int type) } if (res.acl_access != NULL) { - if (posix_acl_equiv_mode(res.acl_access, NULL) == 0) { + if (posix_acl_equiv_mode(res.acl_access, NULL) || + res.acl_access->a_count == 0) { posix_acl_release(res.acl_access); res.acl_access = NULL; } } - nfs3_cache_acls(inode, - (res.mask & NFS_ACL) ? res.acl_access : ERR_PTR(-EINVAL), - (res.mask & NFS_DFACL) ? res.acl_default : ERR_PTR(-EINVAL)); - switch(type) { - case ACL_TYPE_ACCESS: - acl = res.acl_access; - res.acl_access = NULL; - break; + if (res.mask & NFS_ACL) + set_cached_acl(inode, ACL_TYPE_ACCESS, res.acl_access); + else + forget_cached_acl(inode, ACL_TYPE_ACCESS); - case ACL_TYPE_DEFAULT: - acl = res.acl_default; - res.acl_default = NULL; + if (res.mask & NFS_DFACL) + set_cached_acl(inode, ACL_TYPE_DEFAULT, res.acl_default); + else + forget_cached_acl(inode, ACL_TYPE_DEFAULT); + + nfs_free_fattr(res.fattr); + if (type == ACL_TYPE_ACCESS) { + posix_acl_release(res.acl_default); + return res.acl_access; + } else { + posix_acl_release(res.acl_access); + return res.acl_default; } getout: posix_acl_release(res.acl_access); posix_acl_release(res.acl_default); nfs_free_fattr(res.fattr); - - if (status != 0) { - posix_acl_release(acl); - acl = ERR_PTR(status); - } - return acl; + return ERR_PTR(status); } static int nfs3_proc_setacls(struct inode *inode, struct posix_acl *acl, @@ -353,7 +183,8 @@ static int nfs3_proc_setacls(struct inode *inode, struct posix_acl *acl, switch (status) { case 0: status = nfs_refresh_inode(inode, fattr); - nfs3_cache_acls(inode, acl, dfacl); + set_cached_acl(inode, ACL_TYPE_ACCESS, acl); + set_cached_acl(inode, ACL_TYPE_DEFAULT, dfacl); break; case -EPFNOSUPPORT: case -EPROTONOSUPPORT: @@ -373,33 +204,27 @@ out: return status; } -int nfs3_proc_setacl(struct inode *inode, int type, struct posix_acl *acl) +int nfs3_set_acl(struct inode *inode, struct posix_acl *acl, int type) { struct posix_acl *alloc = NULL, *dfacl = NULL; int status; if (S_ISDIR(inode->i_mode)) { switch(type) { - case ACL_TYPE_ACCESS: - alloc = dfacl = nfs3_proc_getacl(inode, - ACL_TYPE_DEFAULT); - if (IS_ERR(alloc)) - goto fail; - break; - - case ACL_TYPE_DEFAULT: - dfacl = acl; - alloc = acl = nfs3_proc_getacl(inode, - ACL_TYPE_ACCESS); - if (IS_ERR(alloc)) - goto fail; - break; - - default: - return -EINVAL; + case ACL_TYPE_ACCESS: + alloc = dfacl = nfs3_get_acl(inode, ACL_TYPE_DEFAULT); + if (IS_ERR(alloc)) + goto fail; + break; + + case ACL_TYPE_DEFAULT: + dfacl = acl; + alloc = acl = nfs3_get_acl(inode, ACL_TYPE_ACCESS); + if (IS_ERR(alloc)) + goto fail; + break; } - } else if (type != ACL_TYPE_ACCESS) - return -EINVAL; + } if (acl == NULL) { alloc = acl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); @@ -417,24 +242,24 @@ fail: int nfs3_proc_set_default_acl(struct inode *dir, struct inode *inode, umode_t mode) { - struct posix_acl *dfacl, *acl; - int error = 0; + struct posix_acl *default_acl, *acl; + int error; - dfacl = nfs3_proc_getacl(dir, ACL_TYPE_DEFAULT); - if (IS_ERR(dfacl)) { - error = PTR_ERR(dfacl); + error = posix_acl_create(dir, &mode, &default_acl, &acl); + if (error) return (error == -EOPNOTSUPP) ? 0 : error; - } - if (!dfacl) - return 0; - acl = posix_acl_dup(dfacl); - error = __posix_acl_create(&acl, GFP_KERNEL, &mode); - if (error < 0) - goto out_release_dfacl; - error = nfs3_proc_setacls(inode, acl, S_ISDIR(inode->i_mode) ? - dfacl : NULL); - posix_acl_release(acl); -out_release_dfacl: - posix_acl_release(dfacl); + + error = nfs3_proc_setacls(inode, acl, default_acl); + + if (acl) + posix_acl_release(acl); + if (default_acl) + posix_acl_release(default_acl); return error; } + +const struct xattr_handler *nfs3_xattr_handlers[] = { + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, + NULL, +}; diff --git a/fs/nfs/nfs3proc.c b/fs/nfs/nfs3proc.c index 01b6f6a..ab27a7d1 100644 --- a/fs/nfs/nfs3proc.c +++ b/fs/nfs/nfs3proc.c @@ -904,20 +904,28 @@ static const struct inode_operations nfs3_dir_inode_operations = { .permission = nfs_permission, .getattr = nfs_getattr, .setattr = nfs_setattr, - .listxattr = nfs3_listxattr, - .getxattr = nfs3_getxattr, - .setxattr = nfs3_setxattr, - .removexattr = nfs3_removexattr, + .listxattr = generic_listxattr, + .getxattr = generic_getxattr, + .setxattr = generic_setxattr, + .removexattr = generic_removexattr, +#ifdef CONFIG_NFS_V3_ACL + .get_acl = nfs3_get_acl, + .set_acl = nfs3_set_acl, +#endif }; static const struct inode_operations nfs3_file_inode_operations = { .permission = nfs_permission, .getattr = nfs_getattr, .setattr = nfs_setattr, - .listxattr = nfs3_listxattr, - .getxattr = nfs3_getxattr, - .setxattr = nfs3_setxattr, - .removexattr = nfs3_removexattr, + .listxattr = generic_listxattr, + .getxattr = generic_getxattr, + .setxattr = generic_setxattr, + .removexattr = generic_removexattr, +#ifdef CONFIG_NFS_V3_ACL + .get_acl = nfs3_get_acl, + .set_acl = nfs3_set_acl, +#endif }; const struct nfs_rpc_ops nfs_v3_clientops = { @@ -965,7 +973,7 @@ const struct nfs_rpc_ops nfs_v3_clientops = { .commit_rpc_prepare = nfs3_proc_commit_rpc_prepare, .commit_done = nfs3_commit_done, .lock = nfs3_proc_lock, - .clear_acl_cache = nfs3_forget_cached_acls, + .clear_acl_cache = forget_all_cached_acls, .close_context = nfs_close_context, .have_delegation = nfs3_have_delegation, .return_delegation = nfs3_return_delegation, diff --git a/fs/nfs/nfs3super.c b/fs/nfs/nfs3super.c index cc471c7..d6a9894 100644 --- a/fs/nfs/nfs3super.c +++ b/fs/nfs/nfs3super.c @@ -12,6 +12,9 @@ static struct nfs_subversion nfs_v3 = { .rpc_vers = &nfs_version3, .rpc_ops = &nfs_v3_clientops, .sops = &nfs_sops, +#ifdef CONFIG_NFS_V3_ACL + .xattr = nfs3_xattr_handlers, +#endif }; static int __init init_nfs_v3(void) diff --git a/include/linux/nfs_fs.h b/include/linux/nfs_fs.h index 14a4820..632d2bf 100644 --- a/include/linux/nfs_fs.h +++ b/include/linux/nfs_fs.h @@ -154,10 +154,6 @@ struct nfs_inode { struct rb_root access_cache; struct list_head access_cache_entry_lru; struct list_head access_cache_inode_lru; -#ifdef CONFIG_NFS_V3_ACL - struct posix_acl *acl_access; - struct posix_acl *acl_default; -#endif /* * This is the cookie verifier used for NFSv3 readdir @@ -582,12 +578,12 @@ extern int nfs_readpage_async(struct nfs_open_context *, struct inode *, * linux/fs/nfs3proc.c */ #ifdef CONFIG_NFS_V3_ACL -extern struct posix_acl *nfs3_proc_getacl(struct inode *inode, int type); -extern int nfs3_proc_setacl(struct inode *inode, int type, - struct posix_acl *acl); +extern struct posix_acl *nfs3_get_acl(struct inode *inode, int type); +extern int nfs3_set_acl(struct inode *inode, struct posix_acl *acl, int type); extern int nfs3_proc_set_default_acl(struct inode *dir, struct inode *inode, umode_t mode); extern void nfs3_forget_cached_acls(struct inode *inode); +extern const struct xattr_handler *nfs3_xattr_handlers[]; #else static inline int nfs3_proc_set_default_acl(struct inode *dir, struct inode *inode, -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
And instead convert tmpfs to use the new generic ACL code, with two stub methods provided for in-memory filesystems. Signed-off-by: Christoph Hellwig <hch@lst.de> --- fs/Kconfig | 6 +- fs/Makefile | 1 - fs/generic_acl.c | 184 ------------------------------------------- fs/posix_acl.c | 36 +++++++++ include/linux/generic_acl.h | 14 ---- include/linux/posix_acl.h | 9 +++ mm/shmem.c | 57 ++++++-------- 7 files changed, 69 insertions(+), 238 deletions(-) delete mode 100644 fs/generic_acl.c delete mode 100644 include/linux/generic_acl.h diff --git a/fs/Kconfig b/fs/Kconfig index c229f82..7385e54 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -68,10 +68,6 @@ source "fs/quota/Kconfig" source "fs/autofs4/Kconfig" source "fs/fuse/Kconfig" -config GENERIC_ACL - bool - select FS_POSIX_ACL - menu "Caches" source "fs/fscache/Kconfig" @@ -119,7 +115,7 @@ config TMPFS_POSIX_ACL bool "Tmpfs POSIX Access Control Lists" depends on TMPFS select TMPFS_XATTR - select GENERIC_ACL + select FS_POSIX_ACL help POSIX Access Control Lists (ACLs) support additional access rights for users and groups beyond the standard owner/group/world scheme, diff --git a/fs/Makefile b/fs/Makefile index 4fe6df3..30dc16d 100644 --- a/fs/Makefile +++ b/fs/Makefile @@ -44,7 +44,6 @@ obj-$(CONFIG_BINFMT_FLAT) += binfmt_flat.o obj-$(CONFIG_FS_MBCACHE) += mbcache.o obj-$(CONFIG_FS_POSIX_ACL) += posix_acl.o xattr_acl.o obj-$(CONFIG_NFS_COMMON) += nfs_common/ -obj-$(CONFIG_GENERIC_ACL) += generic_acl.o obj-$(CONFIG_COREDUMP) += coredump.o obj-$(CONFIG_SYSCTL) += drop_caches.o diff --git a/fs/generic_acl.c b/fs/generic_acl.c deleted file mode 100644 index 4357f39..0000000 --- a/fs/generic_acl.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * (C) 2005 Andreas Gruenbacher <agruen@suse.de> - * - * This file is released under the GPL. - * - * Generic ACL support for in-memory filesystems. - */ - -#include <linux/sched.h> -#include <linux/gfp.h> -#include <linux/fs.h> -#include <linux/generic_acl.h> -#include <linux/posix_acl.h> -#include <linux/posix_acl_xattr.h> - - -static size_t -generic_acl_list(struct dentry *dentry, char *list, size_t list_size, - const char *name, size_t name_len, int type) -{ - struct posix_acl *acl; - const char *xname; - size_t size; - - acl = get_cached_acl(dentry->d_inode, type); - if (!acl) - return 0; - posix_acl_release(acl); - - switch (type) { - case ACL_TYPE_ACCESS: - xname = POSIX_ACL_XATTR_ACCESS; - break; - case ACL_TYPE_DEFAULT: - xname = POSIX_ACL_XATTR_DEFAULT; - break; - default: - return 0; - } - size = strlen(xname) + 1; - if (list && size <= list_size) - memcpy(list, xname, size); - return size; -} - -static int -generic_acl_get(struct dentry *dentry, const char *name, void *buffer, - size_t size, int type) -{ - struct posix_acl *acl; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - - acl = get_cached_acl(dentry->d_inode, type); - if (!acl) - return -ENODATA; - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); - posix_acl_release(acl); - - return error; -} - -static int -generic_acl_set(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int type) -{ - struct inode *inode = dentry->d_inode; - struct posix_acl *acl = NULL; - int error; - - if (strcmp(name, "") != 0) - return -EINVAL; - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - if (!inode_owner_or_capable(inode)) - return -EPERM; - if (value) { - acl = posix_acl_from_xattr(&init_user_ns, value, size); - if (IS_ERR(acl)) - return PTR_ERR(acl); - } - if (acl) { - error = posix_acl_valid(acl); - if (error) - goto failed; - switch (type) { - case ACL_TYPE_ACCESS: - error = posix_acl_equiv_mode(acl, &inode->i_mode); - if (error < 0) - goto failed; - inode->i_ctime = CURRENT_TIME; - if (error == 0) { - posix_acl_release(acl); - acl = NULL; - } - break; - case ACL_TYPE_DEFAULT: - if (!S_ISDIR(inode->i_mode)) { - error = -EINVAL; - goto failed; - } - break; - } - } - set_cached_acl(inode, type, acl); - error = 0; -failed: - posix_acl_release(acl); - return error; -} - -/** - * generic_acl_init - Take care of acl inheritance at @inode create time - * - * Files created inside a directory with a default ACL inherit the - * directory''s default ACL. - */ -int -generic_acl_init(struct inode *inode, struct inode *dir) -{ - struct posix_acl *acl = NULL; - int error; - - if (!S_ISLNK(inode->i_mode)) - acl = get_cached_acl(dir, ACL_TYPE_DEFAULT); - if (acl) { - if (S_ISDIR(inode->i_mode)) - set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); - error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); - if (error < 0) - return error; - if (error > 0) - set_cached_acl(inode, ACL_TYPE_ACCESS, acl); - } else { - inode->i_mode &= ~current_umask(); - } - error = 0; - - posix_acl_release(acl); - return error; -} - -/** - * generic_acl_chmod - change the access acl of @inode upon chmod() - * - * A chmod also changes the permissions of the owner, group/mask, and - * other ACL entries. - */ -int -generic_acl_chmod(struct inode *inode) -{ - struct posix_acl *acl; - int error = 0; - - if (S_ISLNK(inode->i_mode)) - return -EOPNOTSUPP; - acl = get_cached_acl(inode, ACL_TYPE_ACCESS); - if (acl) { - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); - if (error) - return error; - set_cached_acl(inode, ACL_TYPE_ACCESS, acl); - posix_acl_release(acl); - } - return error; -} - -const struct xattr_handler generic_acl_access_handler = { - .prefix = POSIX_ACL_XATTR_ACCESS, - .flags = ACL_TYPE_ACCESS, - .list = generic_acl_list, - .get = generic_acl_get, - .set = generic_acl_set, -}; - -const struct xattr_handler generic_acl_default_handler = { - .prefix = POSIX_ACL_XATTR_DEFAULT, - .flags = ACL_TYPE_DEFAULT, - .list = generic_acl_list, - .get = generic_acl_get, - .set = generic_acl_set, -}; diff --git a/fs/posix_acl.c b/fs/posix_acl.c index 38d6a49..64e9315 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -514,3 +514,39 @@ struct posix_acl *get_acl(struct inode *inode, int type) } return inode->i_op->get_acl(inode, type); } + +int simple_set_acl(struct inode *inode, struct posix_acl *acl, int type) +{ + int error; + + if (type == ACL_TYPE_ACCESS) { + error = posix_acl_equiv_mode(acl, &inode->i_mode); + if (error < 0) + return 0; + if (error == 0) + acl = NULL; + } + + inode->i_ctime = CURRENT_TIME; + set_cached_acl(inode, type, acl); + return 0; +} + +int simple_acl_create(struct inode *dir, struct inode *inode) +{ + struct posix_acl *default_acl, *acl; + int error; + + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (error) + return error; + + set_cached_acl(inode, ACL_TYPE_DEFAULT, default_acl); + set_cached_acl(inode, ACL_TYPE_ACCESS, acl); + + if (default_acl) + posix_acl_release(default_acl); + if (acl) + posix_acl_release(acl); + return 0; +} diff --git a/include/linux/generic_acl.h b/include/linux/generic_acl.h deleted file mode 100644 index b6d6575..0000000 --- a/include/linux/generic_acl.h +++ /dev/null @@ -1,14 +0,0 @@ -#ifndef LINUX_GENERIC_ACL_H -#define LINUX_GENERIC_ACL_H - -#include <linux/xattr.h> - -struct inode; - -extern const struct xattr_handler generic_acl_access_handler; -extern const struct xattr_handler generic_acl_default_handler; - -int generic_acl_init(struct inode *, struct inode *); -int generic_acl_chmod(struct inode *); - -#endif /* LINUX_GENERIC_ACL_H */ diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index 9ec6b45..d253bfa 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -101,6 +101,9 @@ extern int posix_acl_chmod(struct inode *); extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **, struct posix_acl **); +extern int simple_set_acl(struct inode *, struct posix_acl *, int); +extern int simple_acl_create(struct inode *, struct inode *); + static inline struct posix_acl **acl_by_type(struct inode *inode, int type) { switch (type) { @@ -183,6 +186,12 @@ static inline int posix_acl_chmod(struct inode *inode) return 0; } +#define simple_set_acl NULL + +static inline int simple_acl_create(struct inode *dir, struct inode *inode) +{ + return 0; +} static inline void cache_no_acl(struct inode *inode) { } diff --git a/mm/shmem.c b/mm/shmem.c index 8297623..c41b8a9 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -45,7 +45,7 @@ static struct vfsmount *shm_mnt; #include <linux/xattr.h> #include <linux/exportfs.h> #include <linux/posix_acl.h> -#include <linux/generic_acl.h> +#include <linux/posix_acl_xattr.h> #include <linux/mman.h> #include <linux/string.h> #include <linux/slab.h> @@ -620,10 +620,8 @@ static int shmem_setattr(struct dentry *dentry, struct iattr *attr) } setattr_copy(inode, attr); -#ifdef CONFIG_TMPFS_POSIX_ACL if (attr->ia_valid & ATTR_MODE) - error = generic_acl_chmod(inode); -#endif + error = posix_acl_chmod(inode); return error; } @@ -1937,22 +1935,14 @@ shmem_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) inode = shmem_get_inode(dir->i_sb, dir, mode, dev, VM_NORESERVE); if (inode) { -#ifdef CONFIG_TMPFS_POSIX_ACL - error = generic_acl_init(inode, dir); - if (error) { - iput(inode); - return error; - } -#endif + error = simple_acl_create(dir, inode); + if (error) + goto out_iput; error = security_inode_init_security(inode, dir, &dentry->d_name, shmem_initxattrs, NULL); - if (error) { - if (error != -EOPNOTSUPP) { - iput(inode); - return error; - } - } + if (error && error != -EOPNOTSUPP) + goto out_iput; error = 0; dir->i_size += BOGO_DIRENT_SIZE; @@ -1961,6 +1951,9 @@ shmem_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) dget(dentry); /* Extra count - pin the dentry in core */ } return error; +out_iput: + iput(inode); + return error; } static int @@ -1974,24 +1967,17 @@ shmem_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode) error = security_inode_init_security(inode, dir, NULL, shmem_initxattrs, NULL); - if (error) { - if (error != -EOPNOTSUPP) { - iput(inode); - return error; - } - } -#ifdef CONFIG_TMPFS_POSIX_ACL - error = generic_acl_init(inode, dir); - if (error) { - iput(inode); - return error; - } -#else - error = 0; -#endif + if (error && error != -EOPNOTSUPP) + goto out_iput; + error = simple_acl_create(dir, inode); + if (error) + goto out_iput; d_tmpfile(dentry, inode); } return error; +out_iput: + iput(inode); + return error; } static int shmem_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) @@ -2223,8 +2209,8 @@ static int shmem_initxattrs(struct inode *inode, static const struct xattr_handler *shmem_xattr_handlers[] = { #ifdef CONFIG_TMPFS_POSIX_ACL - &generic_acl_access_handler, - &generic_acl_default_handler, + &posix_acl_access_xattr_handler, + &posix_acl_default_xattr_handler, #endif NULL }; @@ -2740,6 +2726,7 @@ static const struct inode_operations shmem_inode_operations = { .getxattr = shmem_getxattr, .listxattr = shmem_listxattr, .removexattr = shmem_removexattr, + .set_acl = simple_set_acl, #endif }; @@ -2764,6 +2751,7 @@ static const struct inode_operations shmem_dir_inode_operations = { #endif #ifdef CONFIG_TMPFS_POSIX_ACL .setattr = shmem_setattr, + .set_acl = simple_set_acl, #endif }; @@ -2776,6 +2764,7 @@ static const struct inode_operations shmem_special_inode_operations = { #endif #ifdef CONFIG_TMPFS_POSIX_ACL .setattr = shmem_setattr, + .set_acl = simple_set_acl, #endif }; -- 1.7.10.4 ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don''t have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
Vyacheslav Dubeyko
2013-Dec-01 14:36 UTC
Re: [PATCH 10/18] hfsplus: use generic posix ACL infrastructure
On Dec 1, 2013, at 2:59 PM, Christoph Hellwig wrote:> Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/hfsplus/acl.h | 9 +-- > fs/hfsplus/dir.c | 1 + > fs/hfsplus/inode.c | 3 +- > fs/hfsplus/posix_acl.c | 161 +++++------------------------------------------- > fs/hfsplus/xattr.c | 5 +- > fs/hfsplus/xattr.h | 2 - > 6 files changed, 24 insertions(+), 157 deletions(-) >Reviewed-by: Vyacheslav Dubeyko <slava@dubeyko.com> The patch looks correct. I think only that it makes sense to add debug messages in hfsplus_get_posix_acl() and hfsplus_set_posix_acl(). Previously, debug messages were in hfsplus_xattr_get_posix_acl() and hfsplus_xattr_set_posix_acl() but the patch removes these methods. Thanks, Vyacheslav Dubeyko. _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
On Sun 01-12-13 03:59:05, Christoph Hellwig wrote:> Factor out the code to get an ACL either from the inode or disk from > check_acl, so that it can be used elsewhere later on. > > Signed-off-by: Christoph Hellwig <hch@lst.de>Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> --- > fs/namei.c | 24 +++--------------------- > fs/posix_acl.c | 23 +++++++++++++++++++++++ > include/linux/posix_acl.h | 2 ++ > 3 files changed, 28 insertions(+), 21 deletions(-) > > diff --git a/fs/namei.c b/fs/namei.c > index c53d3a9..8acd1e8 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -235,27 +235,9 @@ static int check_acl(struct inode *inode, int mask) > return posix_acl_permission(inode, acl, mask & ~MAY_NOT_BLOCK); > } > > - acl = get_cached_acl(inode, ACL_TYPE_ACCESS); > - > - /* > - * A filesystem can force a ACL callback by just never filling the > - * ACL cache. But normally you''d fill the cache either at inode > - * instantiation time, or on the first ->get_acl call. > - * > - * If the filesystem doesn''t have a get_acl() function at all, we''ll > - * just create the negative cache entry. > - */ > - if (acl == ACL_NOT_CACHED) { > - if (inode->i_op->get_acl) { > - acl = inode->i_op->get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - } else { > - set_cached_acl(inode, ACL_TYPE_ACCESS, NULL); > - return -EAGAIN; > - } > - } > - > + acl = get_acl(inode, ACL_TYPE_ACCESS); > + if (IS_ERR(acl)) > + return PTR_ERR(acl); > if (acl) { > int error = posix_acl_permission(inode, acl, mask); > posix_acl_release(acl); > diff --git a/fs/posix_acl.c b/fs/posix_acl.c > index 8bd2135..9dd03e0 100644 > --- a/fs/posix_acl.c > +++ b/fs/posix_acl.c > @@ -418,3 +418,26 @@ posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) > return err; > } > EXPORT_SYMBOL(posix_acl_chmod); > + > +struct posix_acl *get_acl(struct inode *inode, int type) > +{ > + struct posix_acl *acl; > + > + acl = get_cached_acl(inode, type); > + if (acl != ACL_NOT_CACHED) > + return acl; > + > + /* > + * A filesystem can force a ACL callback by just never filling the > + * ACL cache. But normally you''d fill the cache either at inode > + * instantiation time, or on the first ->get_acl call. > + * > + * If the filesystem doesn''t have a get_acl() function at all, we''ll > + * just create the negative cache entry. > + */ > + if (!inode->i_op->get_acl) { > + set_cached_acl(inode, type, NULL); > + return ERR_PTR(-EAGAIN); > + } > + return inode->i_op->get_acl(inode, type); > +} > diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h > index 7931efe..a8d9918 100644 > --- a/include/linux/posix_acl.h > +++ b/include/linux/posix_acl.h > @@ -175,4 +175,6 @@ static inline void cache_no_acl(struct inode *inode) > #endif > } > > +struct posix_acl *get_acl(struct inode *inode, int type); > + > #endif /* __LINUX_POSIX_ACL_H */ > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-ext4" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Jan Kara
2013-Dec-02 20:15 UTC
Re: [PATCH 01/18] reiserfs: prefix ACL symbols with reiserfs_
On Sun 01-12-13 03:59:04, Christoph Hellwig wrote:> Signed-off-by: Christoph Hellwig <hch@lst.de>Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> --- > fs/reiserfs/xattr_acl.c | 20 ++++++++++---------- > 1 file changed, 10 insertions(+), 10 deletions(-) > > diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c > index 06c04f7..6f721ea 100644 > --- a/fs/reiserfs/xattr_acl.c > +++ b/fs/reiserfs/xattr_acl.c > @@ -16,7 +16,7 @@ static int reiserfs_set_acl(struct reiserfs_transaction_handle *th, > struct posix_acl *acl); > > static int > -posix_acl_set(struct dentry *dentry, const char *name, const void *value, > +reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *value, > size_t size, int flags, int type) > { > struct inode *inode = dentry->d_inode; > @@ -65,7 +65,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const void *value, > } > > static int > -posix_acl_get(struct dentry *dentry, const char *name, void *buffer, > +reiserfs_posix_acl_get(struct dentry *dentry, const char *name, void *buffer, > size_t size, int type) > { > struct posix_acl *acl; > @@ -88,7 +88,7 @@ posix_acl_get(struct dentry *dentry, const char *name, void *buffer, > /* > * Convert from filesystem to in-memory representation. > */ > -static struct posix_acl *posix_acl_from_disk(const void *value, size_t size) > +static struct posix_acl *reiserfs_posix_acl_from_disk(const void *value, size_t size) > { > const char *end = (char *)value + size; > int n, count; > @@ -158,7 +158,7 @@ static struct posix_acl *posix_acl_from_disk(const void *value, size_t size) > /* > * Convert from in-memory to filesystem representation. > */ > -static void *posix_acl_to_disk(const struct posix_acl *acl, size_t * size) > +static void *reiserfs_posix_acl_to_disk(const struct posix_acl *acl, size_t * size) > { > reiserfs_acl_header *ext_acl; > char *e; > @@ -257,7 +257,7 @@ struct posix_acl *reiserfs_get_acl(struct inode *inode, int type) > } else if (retval < 0) { > acl = ERR_PTR(retval); > } else { > - acl = posix_acl_from_disk(value, retval); > + acl = reiserfs_posix_acl_from_disk(value, retval); > } > if (!IS_ERR(acl)) > set_cached_acl(inode, type, acl); > @@ -307,7 +307,7 @@ reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, > } > > if (acl) { > - value = posix_acl_to_disk(acl, &size); > + value = reiserfs_posix_acl_to_disk(acl, &size); > if (IS_ERR(value)) > return (int)PTR_ERR(value); > } > @@ -499,8 +499,8 @@ static size_t posix_acl_access_list(struct dentry *dentry, char *list, > const struct xattr_handler reiserfs_posix_acl_access_handler = { > .prefix = POSIX_ACL_XATTR_ACCESS, > .flags = ACL_TYPE_ACCESS, > - .get = posix_acl_get, > - .set = posix_acl_set, > + .get = reiserfs_posix_acl_get, > + .set = reiserfs_posix_acl_set, > .list = posix_acl_access_list, > }; > > @@ -519,7 +519,7 @@ static size_t posix_acl_default_list(struct dentry *dentry, char *list, > const struct xattr_handler reiserfs_posix_acl_default_handler = { > .prefix = POSIX_ACL_XATTR_DEFAULT, > .flags = ACL_TYPE_DEFAULT, > - .get = posix_acl_get, > - .set = posix_acl_set, > + .get = reiserfs_posix_acl_get, > + .set = reiserfs_posix_acl_set, > .list = posix_acl_default_list, > }; > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun 01-12-13 03:59:06, Christoph Hellwig wrote:> This will allow moving all the Posix ACL handling into the VFS and clean > up tons of cruft in the filesystems.Looks good. Btw I''d merge this with the following patch... Anyway: Reviewed-by: Jan Kara <jack@suse.cz> Honza> > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > include/linux/fs.h | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 121f11f..09f553c 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -1580,6 +1580,7 @@ struct inode_operations { > struct file *, unsigned open_flag, > umode_t create_mode, int *opened); > int (*tmpfile) (struct inode *, struct dentry *, umode_t); > + int (*set_acl)(struct inode *, struct posix_acl *, int); > } ____cacheline_aligned; > > ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector, > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-ext4" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
On Sun 01-12-13 03:59:07, Christoph Hellwig wrote:> With the ->set_acl inode operation we can implement the Posix ACL > xattr handlers in generic code instead of duplicating them all > over the tree.Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/xattr_acl.c | 95 +++++++++++++++++++++++++++++++++++++++ > include/linux/posix_acl_xattr.h | 3 ++ > 2 files changed, 98 insertions(+) > > diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c > index 9fbea87..932ec76 100644 > --- a/fs/xattr_acl.c > +++ b/fs/xattr_acl.c > @@ -10,6 +10,7 @@ > #include <linux/posix_acl_xattr.h> > #include <linux/gfp.h> > #include <linux/user_namespace.h> > +#include <linux/xattr.h> > > /* > * Fix up the uids and gids in posix acl extended attributes in place. > @@ -178,3 +179,97 @@ posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl, > return real_size; > } > EXPORT_SYMBOL (posix_acl_to_xattr); > + > +static int > +posix_acl_xattr_get(struct dentry *dentry, const char *name, > + void *value, size_t size, int type) > +{ > + struct posix_acl *acl; > + int error; > + > + if (!IS_POSIXACL(dentry->d_inode)) > + return -EOPNOTSUPP; > + > + acl = get_acl(dentry->d_inode, type); > + if (IS_ERR(acl)) > + return PTR_ERR(acl); > + if (acl == NULL) > + return -ENODATA; > + > + error = posix_acl_to_xattr(&init_user_ns, acl, value, size); > + posix_acl_release(acl); > + > + return error; > +} > + > +static int > +posix_acl_xattr_set(struct dentry *dentry, const char *name, > + const void *value, size_t size, int flags, int type) > +{ > + struct inode *inode = dentry->d_inode; > + struct posix_acl *acl = NULL; > + int ret; > + > + if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) > + return value ? -EACCES : 0; > + if (!inode_owner_or_capable(inode)) > + return -EPERM; > + if (!IS_POSIXACL(inode)) > + return -EOPNOTSUPP; > + > + if (value) { > + acl = posix_acl_from_xattr(&init_user_ns, value, size); > + if (IS_ERR(acl)) > + return PTR_ERR(acl); > + > + if (acl) { > + ret = posix_acl_valid(acl); > + if (ret) > + goto out; > + } > + } > + > + ret = inode->i_op->set_acl(inode, acl, type); > +out: > + posix_acl_release(acl); > + return ret; > +} > + > +static size_t > +posix_acl_xattr_list(struct dentry *dentry, char *list, size_t list_size, > + const char *name, size_t name_len, int type) > +{ > + const char *xname; > + size_t size; > + > + if (!IS_POSIXACL(dentry->d_inode)) > + return -EOPNOTSUPP; > + > + if (type == ACL_TYPE_ACCESS) > + xname = POSIX_ACL_XATTR_ACCESS; > + else > + xname = POSIX_ACL_XATTR_DEFAULT; > + > + size = strlen(xname) + 1; > + if (list && size <= list_size) > + memcpy(list, xname, size); > + return size; > +} > + > +const struct xattr_handler posix_acl_access_xattr_handler = { > + .prefix = POSIX_ACL_XATTR_ACCESS, > + .flags = ACL_TYPE_ACCESS, > + .list = posix_acl_xattr_list, > + .get = posix_acl_xattr_get, > + .set = posix_acl_xattr_set, > +}; > +EXPORT_SYMBOL_GPL(posix_acl_access_xattr_handler); > + > +const struct xattr_handler posix_acl_default_xattr_handler = { > + .prefix = POSIX_ACL_XATTR_DEFAULT, > + .flags = ACL_TYPE_DEFAULT, > + .list = posix_acl_xattr_list, > + .get = posix_acl_xattr_get, > + .set = posix_acl_xattr_set, > +}; > +EXPORT_SYMBOL_GPL(posix_acl_default_xattr_handler); > diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h > index ad93ad0..6f14ee2 100644 > --- a/include/linux/posix_acl_xattr.h > +++ b/include/linux/posix_acl_xattr.h > @@ -69,4 +69,7 @@ struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns, > int posix_acl_to_xattr(struct user_namespace *user_ns, > const struct posix_acl *acl, void *buffer, size_t size); > > +extern const struct xattr_handler posix_acl_access_xattr_handler; > +extern const struct xattr_handler posix_acl_default_xattr_handler; > + > #endif /* _POSIX_ACL_XATTR_H */ > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-ext4" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
On Sun 01-12-13 03:59:08, Christoph Hellwig wrote:> Rename the current posix_acl_chmod to __posix_acl_chmod and add > a fully featured ACL chmod helper that uses the ->set_acl inode > operation.Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/9p/acl.c | 2 +- > fs/btrfs/acl.c | 2 +- > fs/ext2/acl.c | 2 +- > fs/ext3/acl.c | 2 +- > fs/ext4/acl.c | 2 +- > fs/f2fs/acl.c | 2 +- > fs/generic_acl.c | 2 +- > fs/gfs2/acl.c | 2 +- > fs/hfsplus/posix_acl.c | 2 +- > fs/jffs2/acl.c | 2 +- > fs/jfs/acl.c | 2 +- > fs/ocfs2/acl.c | 2 +- > fs/posix_acl.c | 30 +++++++++++++++++++++++++++--- > fs/reiserfs/xattr_acl.c | 2 +- > fs/xfs/xfs_acl.c | 2 +- > include/linux/posix_acl.h | 17 +++++++++++++---- > 16 files changed, 54 insertions(+), 21 deletions(-) > > diff --git a/fs/9p/acl.c b/fs/9p/acl.c > index 7af425f..f5ce5c5 100644 > --- a/fs/9p/acl.c > +++ b/fs/9p/acl.c > @@ -156,7 +156,7 @@ int v9fs_acl_chmod(struct inode *inode, struct p9_fid *fid) > return -EOPNOTSUPP; > acl = v9fs_get_cached_acl(inode, ACL_TYPE_ACCESS); > if (acl) { > - retval = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + retval = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (retval) > return retval; > set_cached_acl(inode, ACL_TYPE_ACCESS, acl); > diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c > index 0890c83..1af04ff 100644 > --- a/fs/btrfs/acl.c > +++ b/fs/btrfs/acl.c > @@ -256,7 +256,7 @@ int btrfs_acl_chmod(struct inode *inode) > if (IS_ERR_OR_NULL(acl)) > return PTR_ERR(acl); > > - ret = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (ret) > return ret; > ret = btrfs_set_acl(NULL, inode, acl, ACL_TYPE_ACCESS); > diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c > index 110b6b3..7006ced 100644 > --- a/fs/ext2/acl.c > +++ b/fs/ext2/acl.c > @@ -308,7 +308,7 @@ ext2_acl_chmod(struct inode *inode) > acl = ext2_get_acl(inode, ACL_TYPE_ACCESS); > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (error) > return error; > error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); > diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c > index dbb5ad5..6691a6c 100644 > --- a/fs/ext3/acl.c > +++ b/fs/ext3/acl.c > @@ -314,7 +314,7 @@ ext3_acl_chmod(struct inode *inode) > acl = ext3_get_acl(inode, ACL_TYPE_ACCESS); > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (error) > return error; > retry: > diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c > index 39a54a0..2eebe02 100644 > --- a/fs/ext4/acl.c > +++ b/fs/ext4/acl.c > @@ -320,7 +320,7 @@ ext4_acl_chmod(struct inode *inode) > acl = ext4_get_acl(inode, ACL_TYPE_ACCESS); > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (error) > return error; > retry: > diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c > index d0fc287..14c4df0 100644 > --- a/fs/f2fs/acl.c > +++ b/fs/f2fs/acl.c > @@ -311,7 +311,7 @@ int f2fs_acl_chmod(struct inode *inode) > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > > - error = posix_acl_chmod(&acl, GFP_KERNEL, mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, mode); > if (error) > return error; > > diff --git a/fs/generic_acl.c b/fs/generic_acl.c > index b3f3676..46a5076 100644 > --- a/fs/generic_acl.c > +++ b/fs/generic_acl.c > @@ -158,7 +158,7 @@ generic_acl_chmod(struct inode *inode) > return -EOPNOTSUPP; > acl = get_cached_acl(inode, ACL_TYPE_ACCESS); > if (acl) { > - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (error) > return error; > set_cached_acl(inode, ACL_TYPE_ACCESS, acl); > diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c > index f69ac0a..3e200c7 100644 > --- a/fs/gfs2/acl.c > +++ b/fs/gfs2/acl.c > @@ -162,7 +162,7 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) > if (!acl) > return gfs2_setattr_simple(inode, attr); > > - error = posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode); > + error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode); > if (error) > return error; > > diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c > index b609cc1..cab5fd6 100644 > --- a/fs/hfsplus/posix_acl.c > +++ b/fs/hfsplus/posix_acl.c > @@ -167,7 +167,7 @@ int hfsplus_posix_acl_chmod(struct inode *inode) > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > > - err = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + err = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (unlikely(err)) > return err; > > diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c > index 223283c..5853969 100644 > --- a/fs/jffs2/acl.c > +++ b/fs/jffs2/acl.c > @@ -335,7 +335,7 @@ int jffs2_acl_chmod(struct inode *inode) > acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS); > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > - rc = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (rc) > return rc; > rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, acl); > diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c > index d254d6d..9c0fca8 100644 > --- a/fs/jfs/acl.c > +++ b/fs/jfs/acl.c > @@ -161,7 +161,7 @@ int jfs_acl_chmod(struct inode *inode) > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > > - rc = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (rc) > return rc; > > diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c > index b4f788e..73ccf0e 100644 > --- a/fs/ocfs2/acl.c > +++ b/fs/ocfs2/acl.c > @@ -350,7 +350,7 @@ int ocfs2_acl_chmod(struct inode *inode) > acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS); > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > - ret = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (ret) > return ret; > ret = ocfs2_set_acl(NULL, inode, NULL, ACL_TYPE_ACCESS, > diff --git a/fs/posix_acl.c b/fs/posix_acl.c > index 9dd03e0..9f76aaa 100644 > --- a/fs/posix_acl.c > +++ b/fs/posix_acl.c > @@ -338,7 +338,7 @@ static int posix_acl_create_masq(struct posix_acl *acl, umode_t *mode_p) > /* > * Modify the ACL for the chmod syscall. > */ > -static int posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) > +static int __posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) > { > struct posix_acl_entry *group_obj = NULL, *mask_obj = NULL; > struct posix_acl_entry *pa, *pe; > @@ -402,12 +402,12 @@ posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) > EXPORT_SYMBOL(posix_acl_create); > > int > -posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) > +__posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) > { > struct posix_acl *clone = posix_acl_clone(*acl, gfp); > int err = -ENOMEM; > if (clone) { > - err = posix_acl_chmod_masq(clone, mode); > + err = __posix_acl_chmod_masq(clone, mode); > if (err) { > posix_acl_release(clone); > clone = NULL; > @@ -417,6 +417,30 @@ posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) > *acl = clone; > return err; > } > +EXPORT_SYMBOL(__posix_acl_chmod); > + > +int > +posix_acl_chmod(struct inode *inode) > +{ > + struct posix_acl *acl; > + int ret = 0; > + > + if (S_ISLNK(inode->i_mode)) > + return -EOPNOTSUPP; > + if (!IS_POSIXACL(inode)) > + return 0; > + > + acl = get_acl(inode, ACL_TYPE_ACCESS); > + if (IS_ERR_OR_NULL(acl)) > + return PTR_ERR(acl); > + > + ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + if (ret) > + return ret; > + ret = inode->i_op->set_acl(inode, acl, ACL_TYPE_ACCESS); > + posix_acl_release(acl); > + return ret; > +} > EXPORT_SYMBOL(posix_acl_chmod); > > struct posix_acl *get_acl(struct inode *inode, int type) > diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c > index 6f721ea..ea4e443 100644 > --- a/fs/reiserfs/xattr_acl.c > +++ b/fs/reiserfs/xattr_acl.c > @@ -463,7 +463,7 @@ int reiserfs_acl_chmod(struct inode *inode) > return 0; > if (IS_ERR(acl)) > return PTR_ERR(acl); > - error = posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); > if (error) > return error; > > diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c > index 370eb3e..4eac105 100644 > --- a/fs/xfs/xfs_acl.c > +++ b/fs/xfs/xfs_acl.c > @@ -334,7 +334,7 @@ xfs_acl_chmod(struct inode *inode) > if (IS_ERR(acl) || !acl) > return PTR_ERR(acl); > > - error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > if (error) > return error; > > diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h > index a8d9918..8b64e78 100644 > --- a/include/linux/posix_acl.h > +++ b/include/linux/posix_acl.h > @@ -89,12 +89,14 @@ extern int posix_acl_permission(struct inode *, const struct posix_acl *, int); > extern struct posix_acl *posix_acl_from_mode(umode_t, gfp_t); > extern int posix_acl_equiv_mode(const struct posix_acl *, umode_t *); > extern int posix_acl_create(struct posix_acl **, gfp_t, umode_t *); > -extern int posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); > +extern int __posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); > > extern struct posix_acl *get_posix_acl(struct inode *, int); > extern int set_posix_acl(struct inode *, int, struct posix_acl *); > > #ifdef CONFIG_FS_POSIX_ACL > +extern int posix_acl_chmod(struct inode *); > + > static inline struct posix_acl **acl_by_type(struct inode *inode, int type) > { > switch (type) { > @@ -165,15 +167,22 @@ static inline void forget_all_cached_acls(struct inode *inode) > if (old_default != ACL_NOT_CACHED) > posix_acl_release(old_default); > } > -#endif > > static inline void cache_no_acl(struct inode *inode) > { > -#ifdef CONFIG_FS_POSIX_ACL > inode->i_acl = NULL; > inode->i_default_acl = NULL; > -#endif > } > +#else > +static inline int posix_acl_chmod(struct inode *inode) > +{ > + return 0; > +} > + > +static inline void cache_no_acl(struct inode *inode) > +{ > +} > +#endif /* CONFIG_FS_POSIX_ACL */ > > struct posix_acl *get_acl(struct inode *inode, int type); > > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
On Sun 01-12-13 03:59:09, Christoph Hellwig wrote:> Rename the current posix_acl_created to __posix_acl_create and add > a fully featured helper to set up the ACLs on file creation that > uses get_acl().Looks good, you can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/9p/acl.c | 2 +- > fs/btrfs/acl.c | 2 +- > fs/ext2/acl.c | 2 +- > fs/ext3/acl.c | 2 +- > fs/ext4/acl.c | 2 +- > fs/f2fs/acl.c | 2 +- > fs/generic_acl.c | 2 +- > fs/gfs2/acl.c | 2 +- > fs/hfsplus/posix_acl.c | 2 +- > fs/jffs2/acl.c | 2 +- > fs/jfs/acl.c | 2 +- > fs/nfs/nfs3acl.c | 2 +- > fs/ocfs2/acl.c | 2 +- > fs/posix_acl.c | 53 +++++++++++++++++++++++++++++++++++++++++++-- > fs/reiserfs/xattr_acl.c | 2 +- > fs/xfs/xfs_acl.c | 4 ++-- > include/linux/posix_acl.h | 6 ++++- > 17 files changed, 72 insertions(+), 19 deletions(-) > > diff --git a/fs/9p/acl.c b/fs/9p/acl.c > index f5ce5c5..8482f2d 100644 > --- a/fs/9p/acl.c > +++ b/fs/9p/acl.c > @@ -200,7 +200,7 @@ int v9fs_acl_mode(struct inode *dir, umode_t *modep, > if (acl) { > if (S_ISDIR(mode)) > *dpacl = posix_acl_dup(acl); > - retval = posix_acl_create(&acl, GFP_NOFS, &mode); > + retval = __posix_acl_create(&acl, GFP_NOFS, &mode); > if (retval < 0) > return retval; > if (retval > 0) > diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c > index 1af04ff..b56519d 100644 > --- a/fs/btrfs/acl.c > +++ b/fs/btrfs/acl.c > @@ -222,7 +222,7 @@ int btrfs_init_acl(struct btrfs_trans_handle *trans, > if (ret) > goto failed; > } > - ret = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > + ret = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > if (ret < 0) > return ret; > > diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c > index 7006ced..6e842a7 100644 > --- a/fs/ext2/acl.c > +++ b/fs/ext2/acl.c > @@ -268,7 +268,7 @@ ext2_init_acl(struct inode *inode, struct inode *dir) > if (error) > goto cleanup; > } > - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > if (error < 0) > return error; > if (error > 0) { > diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c > index 6691a6c..4f3d8fa 100644 > --- a/fs/ext3/acl.c > +++ b/fs/ext3/acl.c > @@ -271,7 +271,7 @@ ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > if (error) > goto cleanup; > } > - error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > + error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > if (error < 0) > return error; > > diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c > index 2eebe02..f827f3b 100644 > --- a/fs/ext4/acl.c > +++ b/fs/ext4/acl.c > @@ -276,7 +276,7 @@ ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > if (error) > goto cleanup; > } > - error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > + error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > if (error < 0) > return error; > > diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c > index 14c4df0..45e8430 100644 > --- a/fs/f2fs/acl.c > +++ b/fs/f2fs/acl.c > @@ -285,7 +285,7 @@ int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) > if (error) > goto cleanup; > } > - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > if (error < 0) > return error; > if (error > 0) > diff --git a/fs/generic_acl.c b/fs/generic_acl.c > index 46a5076..4357f39 100644 > --- a/fs/generic_acl.c > +++ b/fs/generic_acl.c > @@ -128,7 +128,7 @@ generic_acl_init(struct inode *inode, struct inode *dir) > if (acl) { > if (S_ISDIR(inode->i_mode)) > set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); > - error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > + error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > if (error < 0) > return error; > if (error > 0) > diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c > index 3e200c7..e82e4ac 100644 > --- a/fs/gfs2/acl.c > +++ b/fs/gfs2/acl.c > @@ -131,7 +131,7 @@ int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode) > goto out; > } > > - error = posix_acl_create(&acl, GFP_NOFS, &mode); > + error = __posix_acl_create(&acl, GFP_NOFS, &mode); > if (error < 0) > return error; > > diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c > index cab5fd6..277942f 100644 > --- a/fs/hfsplus/posix_acl.c > +++ b/fs/hfsplus/posix_acl.c > @@ -137,7 +137,7 @@ int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir) > goto init_acl_cleanup; > } > > - err = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > + err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > if (unlikely(err < 0)) > return err; > > diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c > index 5853969..4d6e31b 100644 > --- a/fs/jffs2/acl.c > +++ b/fs/jffs2/acl.c > @@ -295,7 +295,7 @@ int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, umode_t *i_mode > if (S_ISDIR(*i_mode)) > set_cached_acl(inode, ACL_TYPE_DEFAULT, acl); > > - rc = posix_acl_create(&acl, GFP_KERNEL, i_mode); > + rc = __posix_acl_create(&acl, GFP_KERNEL, i_mode); > if (rc < 0) > return rc; > if (rc > 0) > diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c > index 9c0fca8..28d529a 100644 > --- a/fs/jfs/acl.c > +++ b/fs/jfs/acl.c > @@ -132,7 +132,7 @@ int jfs_init_acl(tid_t tid, struct inode *inode, struct inode *dir) > if (rc) > goto cleanup; > } > - rc = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > + rc = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > if (rc < 0) > goto cleanup; /* posix_acl_release(NULL) is no-op */ > if (rc > 0) > diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c > index 4a1aafb..e859675 100644 > --- a/fs/nfs/nfs3acl.c > +++ b/fs/nfs/nfs3acl.c > @@ -428,7 +428,7 @@ int nfs3_proc_set_default_acl(struct inode *dir, struct inode *inode, > if (!dfacl) > return 0; > acl = posix_acl_dup(dfacl); > - error = posix_acl_create(&acl, GFP_KERNEL, &mode); > + error = __posix_acl_create(&acl, GFP_KERNEL, &mode); > if (error < 0) > goto out_release_dfacl; > error = nfs3_proc_setacls(inode, acl, S_ISDIR(inode->i_mode) ? > diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c > index 73ccf0e..c0f9d2f 100644 > --- a/fs/ocfs2/acl.c > +++ b/fs/ocfs2/acl.c > @@ -401,7 +401,7 @@ int ocfs2_init_acl(handle_t *handle, > goto cleanup; > } > mode = inode->i_mode; > - ret = posix_acl_create(&acl, GFP_NOFS, &mode); > + ret = __posix_acl_create(&acl, GFP_NOFS, &mode); > if (ret < 0) > return ret; > > diff --git a/fs/posix_acl.c b/fs/posix_acl.c > index 9f76aaa..38d6a49 100644 > --- a/fs/posix_acl.c > +++ b/fs/posix_acl.c > @@ -384,7 +384,7 @@ static int __posix_acl_chmod_masq(struct posix_acl *acl, umode_t mode) > } > > int > -posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) > +__posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) > { > struct posix_acl *clone = posix_acl_clone(*acl, gfp); > int err = -ENOMEM; > @@ -399,7 +399,7 @@ posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) > *acl = clone; > return err; > } > -EXPORT_SYMBOL(posix_acl_create); > +EXPORT_SYMBOL(__posix_acl_create); > > int > __posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t mode) > @@ -443,6 +443,55 @@ posix_acl_chmod(struct inode *inode) > } > EXPORT_SYMBOL(posix_acl_chmod); > > +int > +posix_acl_create(struct inode *dir, umode_t *mode, > + struct posix_acl **default_acl, struct posix_acl **acl) > +{ > + struct posix_acl *p; > + int ret; > + > + if (S_ISLNK(*mode) || !IS_POSIXACL(dir)) > + goto no_acl; > + > + p = get_acl(dir, ACL_TYPE_DEFAULT); > + if (IS_ERR(p)) > + return PTR_ERR(p); > + > + if (!p) { > + *mode &= ~current_umask(); > + goto no_acl; > + } > + > + *acl = posix_acl_clone(p, GFP_NOFS); > + if (!*acl) > + return -ENOMEM; > + > + ret = posix_acl_create_masq(*acl, mode); > + if (ret < 0) { > + posix_acl_release(*acl); > + return -ENOMEM; > + } > + > + if (ret == 0) { > + posix_acl_release(*acl); > + *acl = NULL; > + } > + > + if (!S_ISDIR(*mode)) { > + posix_acl_release(p); > + *default_acl = NULL; > + } else { > + *default_acl = p; > + } > + return 0; > + > +no_acl: > + *default_acl = NULL; > + *acl = NULL; > + return 0; > +} > +EXPORT_SYMBOL_GPL(posix_acl_create); > + > struct posix_acl *get_acl(struct inode *inode, int type) > { > struct posix_acl *acl; > diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c > index ea4e443..d95c959 100644 > --- a/fs/reiserfs/xattr_acl.c > +++ b/fs/reiserfs/xattr_acl.c > @@ -378,7 +378,7 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, > > /* Now we reconcile the new ACL and the mode, > potentially modifying both */ > - err = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > + err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > if (err < 0) > return err; > > diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c > index 4eac105..057ae2d 100644 > --- a/fs/xfs/xfs_acl.c > +++ b/fs/xfs/xfs_acl.c > @@ -297,12 +297,12 @@ xfs_inherit_acl(struct inode *inode, struct posix_acl *acl) > goto out; > } > > - error = posix_acl_create(&acl, GFP_KERNEL, &mode); > + error = __posix_acl_create(&acl, GFP_KERNEL, &mode); > if (error < 0) > return error; > > /* > - * If posix_acl_create returns a positive value we need to > + * If __posix_acl_create returns a positive value we need to > * inherit a permission that can''t be represented using the Unix > * mode bits and we actually need to set an ACL. > */ > diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h > index 8b64e78..9ec6b45 100644 > --- a/include/linux/posix_acl.h > +++ b/include/linux/posix_acl.h > @@ -88,14 +88,18 @@ extern int posix_acl_valid(const struct posix_acl *); > extern int posix_acl_permission(struct inode *, const struct posix_acl *, int); > extern struct posix_acl *posix_acl_from_mode(umode_t, gfp_t); > extern int posix_acl_equiv_mode(const struct posix_acl *, umode_t *); > -extern int posix_acl_create(struct posix_acl **, gfp_t, umode_t *); > +extern int __posix_acl_create(struct posix_acl **, gfp_t, umode_t *); > extern int __posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); > +extern int posix_acl_prepare(struct inode *dir, struct inode *inode, > + umode_t *mode); > > extern struct posix_acl *get_posix_acl(struct inode *, int); > extern int set_posix_acl(struct inode *, int, struct posix_acl *); > > #ifdef CONFIG_FS_POSIX_ACL > extern int posix_acl_chmod(struct inode *); > +extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **, > + struct posix_acl **); > > static inline struct posix_acl **acl_by_type(struct inode *inode, int type) > { > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Dave Kleikamp
2013-Dec-02 22:11 UTC
Re: [Jfs-discussion] [PATCH 15/18] jfs: use generic posix ACL infrastructure
On 12/01/2013 05:59 AM, Christoph Hellwig wrote:> Copy the scheme I introduced to btrfs many years ago to only use the > xattr handler for ACLs, but pass plain attrs straight through.Looks good.> > Signed-off-by: Christoph Hellwig <hch@lst.de>Reviewed-by: Dave Kleikamp <dave.kleikamp@oracle.com>> --- > fs/jfs/acl.c | 105 ++++++++++++++++++++------------------------------ > fs/jfs/file.c | 4 +- > fs/jfs/jfs_acl.h | 7 +--- > fs/jfs/jfs_xattr.h | 2 + > fs/jfs/namei.c | 1 + > fs/jfs/super.c | 2 + > fs/jfs/xattr.c | 108 ++++++++++++++++++---------------------------------- > 7 files changed, 89 insertions(+), 140 deletions(-)_______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Jan Kara
2013-Dec-02 22:13 UTC
Re: [PATCH 08/18] ext2/3/4: use generic posix ACL infrastructure
On Sun 01-12-13 03:59:11, Christoph Hellwig wrote:> Signed-off-by: Christoph Hellwig <hch@lst.de>Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> --- > fs/ext2/acl.c | 176 ++++----------------------------------------- > fs/ext2/acl.h | 8 +-- > fs/ext2/file.c | 1 + > fs/ext2/inode.c | 2 +- > fs/ext2/namei.c | 2 + > fs/ext2/xattr.c | 8 +-- > fs/ext2/xattr.h | 2 - > fs/ext3/acl.c | 213 ++++++++----------------------------------------------- > fs/ext3/acl.h | 9 +-- > fs/ext3/file.c | 1 + > fs/ext3/inode.c | 2 +- > fs/ext3/namei.c | 2 + > fs/ext3/xattr.c | 8 +-- > fs/ext3/xattr.h | 2 - > fs/ext4/acl.c | 213 ++++++++----------------------------------------------- > fs/ext4/acl.h | 9 +-- > fs/ext4/file.c | 1 + > fs/ext4/inode.c | 2 +- > fs/ext4/namei.c | 2 + > fs/ext4/xattr.c | 8 +-- > fs/ext4/xattr.h | 2 - > 21 files changed, 100 insertions(+), 573 deletions(-) > > diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c > index 6e842a7..f04a295 100644 > --- a/fs/ext2/acl.c > +++ b/fs/ext2/acl.c > @@ -189,8 +189,8 @@ ext2_get_acl(struct inode *inode, int type) > /* > * inode->i_mutex: down > */ > -static int > -ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl) > +int > +ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type) > { > int name_index; > void *value = NULL; > @@ -250,169 +250,21 @@ ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl) > int > ext2_init_acl(struct inode *inode, struct inode *dir) > { > - struct posix_acl *acl = NULL; > - int error = 0; > - > - if (!S_ISLNK(inode->i_mode)) { > - if (test_opt(dir->i_sb, POSIX_ACL)) { > - acl = ext2_get_acl(dir, ACL_TYPE_DEFAULT); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - } > - if (!acl) > - inode->i_mode &= ~current_umask(); > - } > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > - if (S_ISDIR(inode->i_mode)) { > - error = ext2_set_acl(inode, ACL_TYPE_DEFAULT, acl); > - if (error) > - goto cleanup; > - } > - error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > - if (error < 0) > - return error; > - if (error > 0) { > - /* This is an extended ACL */ > - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); > - } > - } > -cleanup: > - posix_acl_release(acl); > - return error; > -} > - > -/* > - * Does chmod for an inode that may have an Access Control List. The > - * inode->i_mode field must be updated to the desired value by the caller > - * before calling this function. > - * Returns 0 on success, or a negative error number. > - * > - * We change the ACL rather than storing some ACL entries in the file > - * mode permission bits (which would be more efficient), because that > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > - * for directories) are added. There are no more bits available in the > - * file mode. > - * > - * inode->i_mutex: down > - */ > -int > -ext2_acl_chmod(struct inode *inode) > -{ > - struct posix_acl *acl; > - int error; > + struct posix_acl *default_acl, *acl; > + int error; > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > - return 0; > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - acl = ext2_get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl) || !acl) > - return PTR_ERR(acl); > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > if (error) > return error; > - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); > - posix_acl_release(acl); > - return error; > -} > - > -/* > - * Extended attribut handlers > - */ > -static size_t > -ext2_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_size, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_size) > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > - return size; > -} > > -static size_t > -ext2_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_size, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_size) > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > - return size; > -} > - > -static int > -ext2_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, > - size_t size, int type) > -{ > - struct posix_acl *acl; > - int error; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - > - acl = ext2_get_acl(dentry->d_inode, type); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (acl == NULL) > - return -ENODATA; > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > - posix_acl_release(acl); > - > - return error; > -} > - > -static int > -ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, > - size_t size, int flags, int type) > -{ > - struct posix_acl *acl; > - int error; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - if (!inode_owner_or_capable(dentry->d_inode)) > - return -EPERM; > - > - if (value) { > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - else if (acl) { > - error = posix_acl_valid(acl); > - if (error) > - goto release_and_out; > - } > - } else > - acl = NULL; > - > - error = ext2_set_acl(dentry->d_inode, type, acl); > - > -release_and_out: > - posix_acl_release(acl); > + if (default_acl) { > + error = ext2_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); > + posix_acl_release(default_acl); > + } > + if (acl) { > + if (!error) > + error = ext2_set_acl(inode, acl, ACL_TYPE_ACCESS); > + posix_acl_release(acl); > + } > return error; > } > - > -const struct xattr_handler ext2_xattr_acl_access_handler = { > - .prefix = POSIX_ACL_XATTR_ACCESS, > - .flags = ACL_TYPE_ACCESS, > - .list = ext2_xattr_list_acl_access, > - .get = ext2_xattr_get_acl, > - .set = ext2_xattr_set_acl, > -}; > - > -const struct xattr_handler ext2_xattr_acl_default_handler = { > - .prefix = POSIX_ACL_XATTR_DEFAULT, > - .flags = ACL_TYPE_DEFAULT, > - .list = ext2_xattr_list_acl_default, > - .get = ext2_xattr_get_acl, > - .set = ext2_xattr_set_acl, > -}; > diff --git a/fs/ext2/acl.h b/fs/ext2/acl.h > index 503bfb0..44937f9 100644 > --- a/fs/ext2/acl.h > +++ b/fs/ext2/acl.h > @@ -55,7 +55,7 @@ static inline int ext2_acl_count(size_t size) > > /* acl.c */ > extern struct posix_acl *ext2_get_acl(struct inode *inode, int type); > -extern int ext2_acl_chmod (struct inode *); > +extern int ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type); > extern int ext2_init_acl (struct inode *, struct inode *); > > #else > @@ -63,12 +63,6 @@ extern int ext2_init_acl (struct inode *, struct inode *); > #define ext2_get_acl NULL > #define ext2_set_acl NULL > > -static inline int > -ext2_acl_chmod (struct inode *inode) > -{ > - return 0; > -} > - > static inline int ext2_init_acl (struct inode *inode, struct inode *dir) > { > return 0; > diff --git a/fs/ext2/file.c b/fs/ext2/file.c > index a5b3a5d..44c36e5 100644 > --- a/fs/ext2/file.c > +++ b/fs/ext2/file.c > @@ -103,5 +103,6 @@ const struct inode_operations ext2_file_inode_operations = { > #endif > .setattr = ext2_setattr, > .get_acl = ext2_get_acl, > + .set_acl = ext2_set_acl, > .fiemap = ext2_fiemap, > }; > diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c > index 8a33764..1be8866 100644 > --- a/fs/ext2/inode.c > +++ b/fs/ext2/inode.c > @@ -1566,7 +1566,7 @@ int ext2_setattr(struct dentry *dentry, struct iattr *iattr) > } > setattr_copy(inode, iattr); > if (iattr->ia_valid & ATTR_MODE) > - error = ext2_acl_chmod(inode); > + error = posix_acl_chmod(inode); > mark_inode_dirty(inode); > > return error; > diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c > index 256dd5f..c268d0a 100644 > --- a/fs/ext2/namei.c > +++ b/fs/ext2/namei.c > @@ -421,6 +421,7 @@ const struct inode_operations ext2_dir_inode_operations = { > #endif > .setattr = ext2_setattr, > .get_acl = ext2_get_acl, > + .set_acl = ext2_set_acl, > .tmpfile = ext2_tmpfile, > }; > > @@ -433,4 +434,5 @@ const struct inode_operations ext2_special_inode_operations = { > #endif > .setattr = ext2_setattr, > .get_acl = ext2_get_acl, > + .set_acl = ext2_set_acl, > }; > diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c > index 2d7557d..9142614 100644 > --- a/fs/ext2/xattr.c > +++ b/fs/ext2/xattr.c > @@ -103,8 +103,8 @@ static struct mb_cache *ext2_xattr_cache; > static const struct xattr_handler *ext2_xattr_handler_map[] = { > [EXT2_XATTR_INDEX_USER] = &ext2_xattr_user_handler, > #ifdef CONFIG_EXT2_FS_POSIX_ACL > - [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext2_xattr_acl_access_handler, > - [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext2_xattr_acl_default_handler, > + [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, > + [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, > #endif > [EXT2_XATTR_INDEX_TRUSTED] = &ext2_xattr_trusted_handler, > #ifdef CONFIG_EXT2_FS_SECURITY > @@ -116,8 +116,8 @@ const struct xattr_handler *ext2_xattr_handlers[] = { > &ext2_xattr_user_handler, > &ext2_xattr_trusted_handler, > #ifdef CONFIG_EXT2_FS_POSIX_ACL > - &ext2_xattr_acl_access_handler, > - &ext2_xattr_acl_default_handler, > + &posix_acl_access_xattr_handler, > + &posix_acl_default_xattr_handler, > #endif > #ifdef CONFIG_EXT2_FS_SECURITY > &ext2_xattr_security_handler, > diff --git a/fs/ext2/xattr.h b/fs/ext2/xattr.h > index 5e41ccc..60edf29 100644 > --- a/fs/ext2/xattr.h > +++ b/fs/ext2/xattr.h > @@ -57,8 +57,6 @@ struct ext2_xattr_entry { > > extern const struct xattr_handler ext2_xattr_user_handler; > extern const struct xattr_handler ext2_xattr_trusted_handler; > -extern const struct xattr_handler ext2_xattr_acl_access_handler; > -extern const struct xattr_handler ext2_xattr_acl_default_handler; > extern const struct xattr_handler ext2_xattr_security_handler; > > extern ssize_t ext2_listxattr(struct dentry *, char *, size_t); > diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c > index 4f3d8fa..e9cb33f 100644 > --- a/fs/ext3/acl.c > +++ b/fs/ext3/acl.c > @@ -190,7 +190,7 @@ ext3_get_acl(struct inode *inode, int type) > * inode->i_mutex: down unless called from ext3_new_inode > */ > static int > -ext3_set_acl(handle_t *handle, struct inode *inode, int type, > +__ext3_set_acl(handle_t *handle, struct inode *inode, int type, > struct posix_acl *acl) > { > int name_index; > @@ -243,204 +243,49 @@ ext3_set_acl(handle_t *handle, struct inode *inode, int type, > return error; > } > > -/* > - * Initialize the ACLs of a new inode. Called from ext3_new_inode. > - * > - * dir->i_mutex: down > - * inode->i_mutex: up (access to inode is still exclusive) > - */ > -int > -ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > -{ > - struct posix_acl *acl = NULL; > - int error = 0; > - > - if (!S_ISLNK(inode->i_mode)) { > - if (test_opt(dir->i_sb, POSIX_ACL)) { > - acl = ext3_get_acl(dir, ACL_TYPE_DEFAULT); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - } > - if (!acl) > - inode->i_mode &= ~current_umask(); > - } > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > - if (S_ISDIR(inode->i_mode)) { > - error = ext3_set_acl(handle, inode, > - ACL_TYPE_DEFAULT, acl); > - if (error) > - goto cleanup; > - } > - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > - if (error < 0) > - return error; > - > - if (error > 0) { > - /* This is an extended ACL */ > - error = ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > - } > - } > -cleanup: > - posix_acl_release(acl); > - return error; > -} > - > -/* > - * Does chmod for an inode that may have an Access Control List. The > - * inode->i_mode field must be updated to the desired value by the caller > - * before calling this function. > - * Returns 0 on success, or a negative error number. > - * > - * We change the ACL rather than storing some ACL entries in the file > - * mode permission bits (which would be more efficient), because that > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > - * for directories) are added. There are no more bits available in the > - * file mode. > - * > - * inode->i_mutex: down > - */ > int > -ext3_acl_chmod(struct inode *inode) > +ext3_set_acl(struct inode *inode, struct posix_acl *acl, int type) > { > - struct posix_acl *acl; > handle_t *handle; > - int retries = 0; > - int error; > + int error, retries = 0; > > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - if (!test_opt(inode->i_sb, POSIX_ACL)) > - return 0; > - acl = ext3_get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl) || !acl) > - return PTR_ERR(acl); > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > - if (error) > - return error; > retry: > - handle = ext3_journal_start(inode, > - EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > - if (IS_ERR(handle)) { > - error = PTR_ERR(handle); > - ext3_std_error(inode->i_sb, error); > - goto out; > - } > - error = ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > + handle = ext3_journal_start(inode, EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > + if (IS_ERR(handle)) > + return PTR_ERR(handle); > + error = __ext3_set_acl(handle, inode, type, acl); > ext3_journal_stop(handle); > - if (error == -ENOSPC && > - ext3_should_retry_alloc(inode->i_sb, &retries)) > + if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, &retries)) > goto retry; > -out: > - posix_acl_release(acl); > return error; > } > > /* > - * Extended attribute handlers > + * Initialize the ACLs of a new inode. Called from ext3_new_inode. > + * > + * dir->i_mutex: down > + * inode->i_mutex: up (access to inode is still exclusive) > */ > -static size_t > -ext3_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_len, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_len) > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > - return size; > -} > - > -static size_t > -ext3_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_len, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_len) > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > - return size; > -} > - > -static int > -ext3_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, > - size_t size, int type) > +int > +ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > { > - struct posix_acl *acl; > + struct posix_acl *default_acl, *acl; > int error; > > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - > - acl = ext3_get_acl(dentry->d_inode, type); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (acl == NULL) > - return -ENODATA; > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > - posix_acl_release(acl); > - > - return error; > -} > - > -static int > -ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, > - size_t size, int flags, int type) > -{ > - struct inode *inode = dentry->d_inode; > - handle_t *handle; > - struct posix_acl *acl; > - int error, retries = 0; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(inode->i_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - if (!inode_owner_or_capable(inode)) > - return -EPERM; > - > - if (value) { > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - else if (acl) { > - error = posix_acl_valid(acl); > - if (error) > - goto release_and_out; > - } > - } else > - acl = NULL; > - > -retry: > - handle = ext3_journal_start(inode, EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > - if (IS_ERR(handle)) > - return PTR_ERR(handle); > - error = ext3_set_acl(handle, inode, type, acl); > - ext3_journal_stop(handle); > - if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, &retries)) > - goto retry; > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > + if (error) > + return error; > > -release_and_out: > - posix_acl_release(acl); > + if (default_acl) { > + error = __ext3_set_acl(handle, inode, ACL_TYPE_DEFAULT, > + default_acl); > + posix_acl_release(default_acl); > + } > + if (acl) { > + if (!error) > + error = __ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, > + acl); > + posix_acl_release(acl); > + } > return error; > } > - > -const struct xattr_handler ext3_xattr_acl_access_handler = { > - .prefix = POSIX_ACL_XATTR_ACCESS, > - .flags = ACL_TYPE_ACCESS, > - .list = ext3_xattr_list_acl_access, > - .get = ext3_xattr_get_acl, > - .set = ext3_xattr_set_acl, > -}; > - > -const struct xattr_handler ext3_xattr_acl_default_handler = { > - .prefix = POSIX_ACL_XATTR_DEFAULT, > - .flags = ACL_TYPE_DEFAULT, > - .list = ext3_xattr_list_acl_default, > - .get = ext3_xattr_get_acl, > - .set = ext3_xattr_set_acl, > -}; > diff --git a/fs/ext3/acl.h b/fs/ext3/acl.h > index dbc921e..ea1c69e 100644 > --- a/fs/ext3/acl.h > +++ b/fs/ext3/acl.h > @@ -55,18 +55,13 @@ static inline int ext3_acl_count(size_t size) > > /* acl.c */ > extern struct posix_acl *ext3_get_acl(struct inode *inode, int type); > -extern int ext3_acl_chmod (struct inode *); > +extern int ext3_set_acl(struct inode *inode, struct posix_acl *acl, int type); > extern int ext3_init_acl (handle_t *, struct inode *, struct inode *); > > #else /* CONFIG_EXT3_FS_POSIX_ACL */ > #include <linux/sched.h> > #define ext3_get_acl NULL > - > -static inline int > -ext3_acl_chmod(struct inode *inode) > -{ > - return 0; > -} > +#define ext3_set_acl NULL > > static inline int > ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > diff --git a/fs/ext3/file.c b/fs/ext3/file.c > index 25cb413..aad0531 100644 > --- a/fs/ext3/file.c > +++ b/fs/ext3/file.c > @@ -75,6 +75,7 @@ const struct inode_operations ext3_file_inode_operations = { > .removexattr = generic_removexattr, > #endif > .get_acl = ext3_get_acl, > + .set_acl = ext3_set_acl, > .fiemap = ext3_fiemap, > }; > > diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c > index 2bd8548..150b6c1 100644 > --- a/fs/ext3/inode.c > +++ b/fs/ext3/inode.c > @@ -3365,7 +3365,7 @@ int ext3_setattr(struct dentry *dentry, struct iattr *attr) > mark_inode_dirty(inode); > > if (ia_valid & ATTR_MODE) > - rc = ext3_acl_chmod(inode); > + rc = posix_acl_chmod(inode); > > err_out: > ext3_std_error(inode->i_sb, error); > diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c > index f8cde46..f197736 100644 > --- a/fs/ext3/namei.c > +++ b/fs/ext3/namei.c > @@ -2569,6 +2569,7 @@ const struct inode_operations ext3_dir_inode_operations = { > .removexattr = generic_removexattr, > #endif > .get_acl = ext3_get_acl, > + .set_acl = ext3_set_acl, > }; > > const struct inode_operations ext3_special_inode_operations = { > @@ -2580,4 +2581,5 @@ const struct inode_operations ext3_special_inode_operations = { > .removexattr = generic_removexattr, > #endif > .get_acl = ext3_get_acl, > + .set_acl = ext3_set_acl, > }; > diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c > index b1fc963..c6874be 100644 > --- a/fs/ext3/xattr.c > +++ b/fs/ext3/xattr.c > @@ -102,8 +102,8 @@ static struct mb_cache *ext3_xattr_cache; > static const struct xattr_handler *ext3_xattr_handler_map[] = { > [EXT3_XATTR_INDEX_USER] = &ext3_xattr_user_handler, > #ifdef CONFIG_EXT3_FS_POSIX_ACL > - [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext3_xattr_acl_access_handler, > - [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext3_xattr_acl_default_handler, > + [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, > + [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, > #endif > [EXT3_XATTR_INDEX_TRUSTED] = &ext3_xattr_trusted_handler, > #ifdef CONFIG_EXT3_FS_SECURITY > @@ -115,8 +115,8 @@ const struct xattr_handler *ext3_xattr_handlers[] = { > &ext3_xattr_user_handler, > &ext3_xattr_trusted_handler, > #ifdef CONFIG_EXT3_FS_POSIX_ACL > - &ext3_xattr_acl_access_handler, > - &ext3_xattr_acl_default_handler, > + &posix_acl_access_xattr_handler, > + &posix_acl_default_xattr_handler, > #endif > #ifdef CONFIG_EXT3_FS_SECURITY > &ext3_xattr_security_handler, > diff --git a/fs/ext3/xattr.h b/fs/ext3/xattr.h > index 2be4f69..32e93eb 100644 > --- a/fs/ext3/xattr.h > +++ b/fs/ext3/xattr.h > @@ -60,8 +60,6 @@ struct ext3_xattr_entry { > > extern const struct xattr_handler ext3_xattr_user_handler; > extern const struct xattr_handler ext3_xattr_trusted_handler; > -extern const struct xattr_handler ext3_xattr_acl_access_handler; > -extern const struct xattr_handler ext3_xattr_acl_default_handler; > extern const struct xattr_handler ext3_xattr_security_handler; > > extern ssize_t ext3_listxattr(struct dentry *, char *, size_t); > diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c > index f827f3b..acaba0f 100644 > --- a/fs/ext4/acl.c > +++ b/fs/ext4/acl.c > @@ -196,7 +196,7 @@ ext4_get_acl(struct inode *inode, int type) > * inode->i_mutex: down unless called from ext4_new_inode > */ > static int > -ext4_set_acl(handle_t *handle, struct inode *inode, int type, > +__ext4_set_acl(handle_t *handle, struct inode *inode, int type, > struct posix_acl *acl) > { > int name_index; > @@ -248,208 +248,51 @@ ext4_set_acl(handle_t *handle, struct inode *inode, int type, > return error; > } > > -/* > - * Initialize the ACLs of a new inode. Called from ext4_new_inode. > - * > - * dir->i_mutex: down > - * inode->i_mutex: up (access to inode is still exclusive) > - */ > -int > -ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > -{ > - struct posix_acl *acl = NULL; > - int error = 0; > - > - if (!S_ISLNK(inode->i_mode)) { > - if (test_opt(dir->i_sb, POSIX_ACL)) { > - acl = ext4_get_acl(dir, ACL_TYPE_DEFAULT); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - } > - if (!acl) > - inode->i_mode &= ~current_umask(); > - } > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > - if (S_ISDIR(inode->i_mode)) { > - error = ext4_set_acl(handle, inode, > - ACL_TYPE_DEFAULT, acl); > - if (error) > - goto cleanup; > - } > - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > - if (error < 0) > - return error; > - > - if (error > 0) { > - /* This is an extended ACL */ > - error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > - } > - } > -cleanup: > - posix_acl_release(acl); > - return error; > -} > - > -/* > - * Does chmod for an inode that may have an Access Control List. The > - * inode->i_mode field must be updated to the desired value by the caller > - * before calling this function. > - * Returns 0 on success, or a negative error number. > - * > - * We change the ACL rather than storing some ACL entries in the file > - * mode permission bits (which would be more efficient), because that > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > - * for directories) are added. There are no more bits available in the > - * file mode. > - * > - * inode->i_mutex: down > - */ > int > -ext4_acl_chmod(struct inode *inode) > +ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type) > { > - struct posix_acl *acl; > handle_t *handle; > - int retries = 0; > - int error; > - > + int error, retries = 0; > > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - if (!test_opt(inode->i_sb, POSIX_ACL)) > - return 0; > - acl = ext4_get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl) || !acl) > - return PTR_ERR(acl); > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > - if (error) > - return error; > retry: > handle = ext4_journal_start(inode, EXT4_HT_XATTR, > ext4_jbd2_credits_xattr(inode)); > - if (IS_ERR(handle)) { > - error = PTR_ERR(handle); > - ext4_std_error(inode->i_sb, error); > - goto out; > - } > - error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > + if (IS_ERR(handle)) > + return PTR_ERR(handle); > + > + error = __ext4_set_acl(handle, inode, type, acl); > ext4_journal_stop(handle); > - if (error == -ENOSPC && > - ext4_should_retry_alloc(inode->i_sb, &retries)) > + if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) > goto retry; > -out: > - posix_acl_release(acl); > return error; > } > > /* > - * Extended attribute handlers > + * Initialize the ACLs of a new inode. Called from ext4_new_inode. > + * > + * dir->i_mutex: down > + * inode->i_mutex: up (access to inode is still exclusive) > */ > -static size_t > -ext4_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_len, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_len) > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > - return size; > -} > - > -static size_t > -ext4_xattr_list_acl_default(struct dentry *dentry, char *list, size_t list_len, > - const char *name, size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > - > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return 0; > - if (list && size <= list_len) > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > - return size; > -} > - > -static int > -ext4_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer, > - size_t size, int type) > +int > +ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > { > - struct posix_acl *acl; > + struct posix_acl *default_acl, *acl; > int error; > > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - > - acl = ext4_get_acl(dentry->d_inode, type); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (acl == NULL) > - return -ENODATA; > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > - posix_acl_release(acl); > - > - return error; > -} > - > -static int > -ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, > - size_t size, int flags, int type) > -{ > - struct inode *inode = dentry->d_inode; > - handle_t *handle; > - struct posix_acl *acl; > - int error, retries = 0; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(inode->i_sb, POSIX_ACL)) > - return -EOPNOTSUPP; > - if (!inode_owner_or_capable(inode)) > - return -EPERM; > - > - if (value) { > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - else if (acl) { > - error = posix_acl_valid(acl); > - if (error) > - goto release_and_out; > - } > - } else > - acl = NULL; > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > + if (error) > + return error; > > -retry: > - handle = ext4_journal_start(inode, EXT4_HT_XATTR, > - ext4_jbd2_credits_xattr(inode)); > - if (IS_ERR(handle)) { > - error = PTR_ERR(handle); > - goto release_and_out; > + if (default_acl) { > + error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT, > + default_acl); > + posix_acl_release(default_acl); > + } > + if (acl) { > + if (!error) > + error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, > + acl); > + posix_acl_release(acl); > } > - error = ext4_set_acl(handle, inode, type, acl); > - ext4_journal_stop(handle); > - if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) > - goto retry; > - > -release_and_out: > - posix_acl_release(acl); > return error; > } > - > -const struct xattr_handler ext4_xattr_acl_access_handler = { > - .prefix = POSIX_ACL_XATTR_ACCESS, > - .flags = ACL_TYPE_ACCESS, > - .list = ext4_xattr_list_acl_access, > - .get = ext4_xattr_get_acl, > - .set = ext4_xattr_set_acl, > -}; > - > -const struct xattr_handler ext4_xattr_acl_default_handler = { > - .prefix = POSIX_ACL_XATTR_DEFAULT, > - .flags = ACL_TYPE_DEFAULT, > - .list = ext4_xattr_list_acl_default, > - .get = ext4_xattr_get_acl, > - .set = ext4_xattr_set_acl, > -}; > diff --git a/fs/ext4/acl.h b/fs/ext4/acl.h > index 18cb39e..da2c795 100644 > --- a/fs/ext4/acl.h > +++ b/fs/ext4/acl.h > @@ -55,18 +55,13 @@ static inline int ext4_acl_count(size_t size) > > /* acl.c */ > struct posix_acl *ext4_get_acl(struct inode *inode, int type); > -extern int ext4_acl_chmod(struct inode *); > +int ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type); > extern int ext4_init_acl(handle_t *, struct inode *, struct inode *); > > #else /* CONFIG_EXT4_FS_POSIX_ACL */ > #include <linux/sched.h> > #define ext4_get_acl NULL > - > -static inline int > -ext4_acl_chmod(struct inode *inode) > -{ > - return 0; > -} > +#define ext4_set_acl NULL > > static inline int > ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > diff --git a/fs/ext4/file.c b/fs/ext4/file.c > index 3da2194..43e64f6 100644 > --- a/fs/ext4/file.c > +++ b/fs/ext4/file.c > @@ -617,6 +617,7 @@ const struct inode_operations ext4_file_inode_operations = { > .listxattr = ext4_listxattr, > .removexattr = generic_removexattr, > .get_acl = ext4_get_acl, > + .set_acl = ext4_set_acl, > .fiemap = ext4_fiemap, > }; > > diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c > index 0757634..6f69f96 100644 > --- a/fs/ext4/inode.c > +++ b/fs/ext4/inode.c > @@ -4675,7 +4675,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr *attr) > ext4_orphan_del(NULL, inode); > > if (!rc && (ia_valid & ATTR_MODE)) > - rc = ext4_acl_chmod(inode); > + rc = posix_acl_chmod(inode); > > err_out: > ext4_std_error(inode->i_sb, error); > diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c > index 5a0408d..e77c1ba 100644 > --- a/fs/ext4/namei.c > +++ b/fs/ext4/namei.c > @@ -3225,6 +3225,7 @@ const struct inode_operations ext4_dir_inode_operations = { > .listxattr = ext4_listxattr, > .removexattr = generic_removexattr, > .get_acl = ext4_get_acl, > + .set_acl = ext4_set_acl, > .fiemap = ext4_fiemap, > }; > > @@ -3235,4 +3236,5 @@ const struct inode_operations ext4_special_inode_operations = { > .listxattr = ext4_listxattr, > .removexattr = generic_removexattr, > .get_acl = ext4_get_acl, > + .set_acl = ext4_set_acl, > }; > diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c > index 1423c48..e175e94 100644 > --- a/fs/ext4/xattr.c > +++ b/fs/ext4/xattr.c > @@ -95,8 +95,8 @@ static struct mb_cache *ext4_xattr_cache; > static const struct xattr_handler *ext4_xattr_handler_map[] = { > [EXT4_XATTR_INDEX_USER] = &ext4_xattr_user_handler, > #ifdef CONFIG_EXT4_FS_POSIX_ACL > - [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] = &ext4_xattr_acl_access_handler, > - [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &ext4_xattr_acl_default_handler, > + [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, > + [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, > #endif > [EXT4_XATTR_INDEX_TRUSTED] = &ext4_xattr_trusted_handler, > #ifdef CONFIG_EXT4_FS_SECURITY > @@ -108,8 +108,8 @@ const struct xattr_handler *ext4_xattr_handlers[] = { > &ext4_xattr_user_handler, > &ext4_xattr_trusted_handler, > #ifdef CONFIG_EXT4_FS_POSIX_ACL > - &ext4_xattr_acl_access_handler, > - &ext4_xattr_acl_default_handler, > + &posix_acl_access_xattr_handler, > + &posix_acl_default_xattr_handler, > #endif > #ifdef CONFIG_EXT4_FS_SECURITY > &ext4_xattr_security_handler, > diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h > index c767dbd..819d639 100644 > --- a/fs/ext4/xattr.h > +++ b/fs/ext4/xattr.h > @@ -96,8 +96,6 @@ struct ext4_xattr_ibody_find { > > extern const struct xattr_handler ext4_xattr_user_handler; > extern const struct xattr_handler ext4_xattr_trusted_handler; > -extern const struct xattr_handler ext4_xattr_acl_access_handler; > -extern const struct xattr_handler ext4_xattr_acl_default_handler; > extern const struct xattr_handler ext4_xattr_security_handler; > > extern ssize_t ext4_listxattr(struct dentry *, char *, size_t); > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Jan Kara
2013-Dec-02 22:17 UTC
Re: [PATCH 13/18] reiserfs: use generic posix ACL infrastructure
On Sun 01-12-13 03:59:16, Christoph Hellwig wrote:> Signed-off-by: Christoph Hellwig <hch@lst.de>Looks good. You can add: Reviewed-by: Jan Kara <jack@suse.cz> Honza> --- > fs/reiserfs/acl.h | 4 +- > fs/reiserfs/file.c | 1 + > fs/reiserfs/namei.c | 3 + > fs/reiserfs/xattr.c | 5 +- > fs/reiserfs/xattr_acl.c | 175 ++++++++--------------------------------------- > 5 files changed, 36 insertions(+), 152 deletions(-) > > diff --git a/fs/reiserfs/acl.h b/fs/reiserfs/acl.h > index f096b80..4a211f5 100644 > --- a/fs/reiserfs/acl.h > +++ b/fs/reiserfs/acl.h > @@ -48,18 +48,18 @@ static inline int reiserfs_acl_count(size_t size) > > #ifdef CONFIG_REISERFS_FS_POSIX_ACL > struct posix_acl *reiserfs_get_acl(struct inode *inode, int type); > +int reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); > int reiserfs_acl_chmod(struct inode *inode); > int reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, > struct inode *dir, struct dentry *dentry, > struct inode *inode); > int reiserfs_cache_default_acl(struct inode *dir); > -extern const struct xattr_handler reiserfs_posix_acl_default_handler; > -extern const struct xattr_handler reiserfs_posix_acl_access_handler; > > #else > > #define reiserfs_cache_default_acl(inode) 0 > #define reiserfs_get_acl NULL > +#define reiserfs_set_acl NULL > > static inline int reiserfs_acl_chmod(struct inode *inode) > { > diff --git a/fs/reiserfs/file.c b/fs/reiserfs/file.c > index dcaafcf..ed58d84 100644 > --- a/fs/reiserfs/file.c > +++ b/fs/reiserfs/file.c > @@ -260,4 +260,5 @@ const struct inode_operations reiserfs_file_inode_operations = { > .removexattr = reiserfs_removexattr, > .permission = reiserfs_permission, > .get_acl = reiserfs_get_acl, > + .set_acl = reiserfs_set_acl, > }; > diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c > index dc5236f..8ba707e 100644 > --- a/fs/reiserfs/namei.c > +++ b/fs/reiserfs/namei.c > @@ -1522,6 +1522,7 @@ const struct inode_operations reiserfs_dir_inode_operations = { > .removexattr = reiserfs_removexattr, > .permission = reiserfs_permission, > .get_acl = reiserfs_get_acl, > + .set_acl = reiserfs_set_acl, > }; > > /* > @@ -1539,6 +1540,7 @@ const struct inode_operations reiserfs_symlink_inode_operations = { > .removexattr = reiserfs_removexattr, > .permission = reiserfs_permission, > .get_acl = reiserfs_get_acl, > + .set_acl = reiserfs_set_acl, > > }; > > @@ -1553,4 +1555,5 @@ const struct inode_operations reiserfs_special_inode_operations = { > .removexattr = reiserfs_removexattr, > .permission = reiserfs_permission, > .get_acl = reiserfs_get_acl, > + .set_acl = reiserfs_set_acl, > }; > diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c > index 8a9e2dc..5cdfbd6 100644 > --- a/fs/reiserfs/xattr.c > +++ b/fs/reiserfs/xattr.c > @@ -50,6 +50,7 @@ > #include <linux/stat.h> > #include <linux/quotaops.h> > #include <linux/security.h> > +#include <linux/posix_acl_xattr.h> > > #define PRIVROOT_NAME ".reiserfs_priv" > #define XAROOT_NAME "xattrs" > @@ -904,8 +905,8 @@ static const struct xattr_handler *reiserfs_xattr_handlers[] = { > &reiserfs_xattr_security_handler, > #endif > #ifdef CONFIG_REISERFS_FS_POSIX_ACL > - &reiserfs_posix_acl_access_handler, > - &reiserfs_posix_acl_default_handler, > + &posix_acl_access_xattr_handler, > + &posix_acl_default_xattr_handler, > #endif > NULL > }; > diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c > index d95c959..ff04988 100644 > --- a/fs/reiserfs/xattr_acl.c > +++ b/fs/reiserfs/xattr_acl.c > @@ -11,35 +11,19 @@ > #include "acl.h" > #include <asm/uaccess.h> > > -static int reiserfs_set_acl(struct reiserfs_transaction_handle *th, > +static int __reiserfs_set_acl(struct reiserfs_transaction_handle *th, > struct inode *inode, int type, > struct posix_acl *acl); > > -static int > -reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *value, > - size_t size, int flags, int type) > + > +int > +reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) > { > - struct inode *inode = dentry->d_inode; > - struct posix_acl *acl; > int error, error2; > struct reiserfs_transaction_handle th; > size_t jcreate_blocks; > - if (!reiserfs_posixacl(inode->i_sb)) > - return -EOPNOTSUPP; > - if (!inode_owner_or_capable(inode)) > - return -EPERM; > - > - if (value) { > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (IS_ERR(acl)) { > - return PTR_ERR(acl); > - } else if (acl) { > - error = posix_acl_valid(acl); > - if (error) > - goto release_and_out; > - } > - } else > - acl = NULL; > + int size = acl ? posix_acl_xattr_size(acl->a_count) : 0; > + > > /* Pessimism: We can''t assume that anything from the xattr root up > * has been created. */ > @@ -51,7 +35,7 @@ reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *valu > error = journal_begin(&th, inode->i_sb, jcreate_blocks); > reiserfs_write_unlock(inode->i_sb); > if (error == 0) { > - error = reiserfs_set_acl(&th, inode, type, acl); > + error = __reiserfs_set_acl(&th, inode, type, acl); > reiserfs_write_lock(inode->i_sb); > error2 = journal_end(&th, inode->i_sb, jcreate_blocks); > reiserfs_write_unlock(inode->i_sb); > @@ -59,29 +43,6 @@ reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void *valu > error = error2; > } > > - release_and_out: > - posix_acl_release(acl); > - return error; > -} > - > -static int > -reiserfs_posix_acl_get(struct dentry *dentry, const char *name, void *buffer, > - size_t size, int type) > -{ > - struct posix_acl *acl; > - int error; > - > - if (!reiserfs_posixacl(dentry->d_sb)) > - return -EOPNOTSUPP; > - > - acl = reiserfs_get_acl(dentry->d_inode, type); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (acl == NULL) > - return -ENODATA; > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > - posix_acl_release(acl); > - > return error; > } > > @@ -273,7 +234,7 @@ struct posix_acl *reiserfs_get_acl(struct inode *inode, int type) > * BKL held [before 2.5.x] > */ > static int > -reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, > +__reiserfs_set_acl(struct reiserfs_transaction_handle *th, struct inode *inode, > int type, struct posix_acl *acl) > { > char *name; > @@ -343,7 +304,7 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, > struct inode *dir, struct dentry *dentry, > struct inode *inode) > { > - struct posix_acl *acl; > + struct posix_acl *default_acl, *acl; > int err = 0; > > /* ACLs only get applied to files and directories */ > @@ -363,37 +324,28 @@ reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th, > goto apply_umask; > } > > - acl = reiserfs_get_acl(dir, ACL_TYPE_DEFAULT); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > + err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > + if (err) > + return err; > > + if (default_acl) { > + err = __reiserfs_set_acl(th, inode, ACL_TYPE_DEFAULT, > + default_acl); > + posix_acl_release(default_acl); > + } > if (acl) { > - /* Copy the default ACL to the default ACL of a new directory */ > - if (S_ISDIR(inode->i_mode)) { > - err = reiserfs_set_acl(th, inode, ACL_TYPE_DEFAULT, > - acl); > - if (err) > - goto cleanup; > - } > - > - /* Now we reconcile the new ACL and the mode, > - potentially modifying both */ > - err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > - if (err < 0) > - return err; > - > - /* If we need an ACL.. */ > - if (err > 0) > - err = reiserfs_set_acl(th, inode, ACL_TYPE_ACCESS, acl); > - cleanup: > + if (!err) > + err = __reiserfs_set_acl(th, inode, ACL_TYPE_ACCESS, > + acl); > posix_acl_release(acl); > - } else { > - apply_umask: > - /* no ACL, apply umask */ > - inode->i_mode &= ~current_umask(); > } > > return err; > + > + apply_umask: > + /* no ACL, apply umask */ > + inode->i_mode &= ~current_umask(); > + return err; > } > > /* This is used to cache the default acl before a new object is created. > @@ -442,84 +394,11 @@ int reiserfs_cache_default_acl(struct inode *inode) > */ > int reiserfs_acl_chmod(struct inode *inode) > { > - struct reiserfs_transaction_handle th; > - struct posix_acl *acl; > - size_t size; > - int error; > - > if (IS_PRIVATE(inode)) > return 0; > - > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - > if (get_inode_sd_version(inode) == STAT_DATA_V1 || > - !reiserfs_posixacl(inode->i_sb)) { > + !reiserfs_posixacl(inode->i_sb)) > return 0; > - } > > - acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS); > - if (!acl) > - return 0; > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - error = __posix_acl_chmod(&acl, GFP_NOFS, inode->i_mode); > - if (error) > - return error; > - > - size = reiserfs_xattr_nblocks(inode, reiserfs_acl_size(acl->a_count)); > - reiserfs_write_lock(inode->i_sb); > - error = journal_begin(&th, inode->i_sb, size * 2); > - reiserfs_write_unlock(inode->i_sb); > - if (!error) { > - int error2; > - error = reiserfs_set_acl(&th, inode, ACL_TYPE_ACCESS, acl); > - reiserfs_write_lock(inode->i_sb); > - error2 = journal_end(&th, inode->i_sb, size * 2); > - reiserfs_write_unlock(inode->i_sb); > - if (error2) > - error = error2; > - } > - posix_acl_release(acl); > - return error; > -} > - > -static size_t posix_acl_access_list(struct dentry *dentry, char *list, > - size_t list_size, const char *name, > - size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > - if (!reiserfs_posixacl(dentry->d_sb)) > - return 0; > - if (list && size <= list_size) > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > - return size; > + return posix_acl_chmod(inode); > } > - > -const struct xattr_handler reiserfs_posix_acl_access_handler = { > - .prefix = POSIX_ACL_XATTR_ACCESS, > - .flags = ACL_TYPE_ACCESS, > - .get = reiserfs_posix_acl_get, > - .set = reiserfs_posix_acl_set, > - .list = posix_acl_access_list, > -}; > - > -static size_t posix_acl_default_list(struct dentry *dentry, char *list, > - size_t list_size, const char *name, > - size_t name_len, int type) > -{ > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > - if (!reiserfs_posixacl(dentry->d_sb)) > - return 0; > - if (list && size <= list_size) > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > - return size; > -} > - > -const struct xattr_handler reiserfs_posix_acl_default_handler = { > - .prefix = POSIX_ACL_XATTR_DEFAULT, > - .flags = ACL_TYPE_DEFAULT, > - .get = reiserfs_posix_acl_get, > - .set = reiserfs_posix_acl_set, > - .list = posix_acl_default_list, > -}; > -- > 1.7.10.4 > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
gary sheppard
2013-Dec-02 22:18 UTC
Re: [Jfs-discussion] [PATCH 08/18] ext2/3/4: use generic posix ACL infrastructure
Really nice to see all the sudden activity here in JFS again! On Mon, Dec 2, 2013 at 2:13 PM, Jan Kara <jack@suse.cz> wrote:> On Sun 01-12-13 03:59:11, Christoph Hellwig wrote: > > Signed-off-by: Christoph Hellwig <hch@lst.de> > Looks good. You can add: > Reviewed-by: Jan Kara <jack@suse.cz> > > Honza > > > --- > > fs/ext2/acl.c | 176 ++++----------------------------------------- > > fs/ext2/acl.h | 8 +-- > > fs/ext2/file.c | 1 + > > fs/ext2/inode.c | 2 +- > > fs/ext2/namei.c | 2 + > > fs/ext2/xattr.c | 8 +-- > > fs/ext2/xattr.h | 2 - > > fs/ext3/acl.c | 213 > ++++++++----------------------------------------------- > > fs/ext3/acl.h | 9 +-- > > fs/ext3/file.c | 1 + > > fs/ext3/inode.c | 2 +- > > fs/ext3/namei.c | 2 + > > fs/ext3/xattr.c | 8 +-- > > fs/ext3/xattr.h | 2 - > > fs/ext4/acl.c | 213 > ++++++++----------------------------------------------- > > fs/ext4/acl.h | 9 +-- > > fs/ext4/file.c | 1 + > > fs/ext4/inode.c | 2 +- > > fs/ext4/namei.c | 2 + > > fs/ext4/xattr.c | 8 +-- > > fs/ext4/xattr.h | 2 - > > 21 files changed, 100 insertions(+), 573 deletions(-) > > > > diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c > > index 6e842a7..f04a295 100644 > > --- a/fs/ext2/acl.c > > +++ b/fs/ext2/acl.c > > @@ -189,8 +189,8 @@ ext2_get_acl(struct inode *inode, int type) > > /* > > * inode->i_mutex: down > > */ > > -static int > > -ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl) > > +int > > +ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type) > > { > > int name_index; > > void *value = NULL; > > @@ -250,169 +250,21 @@ ext2_set_acl(struct inode *inode, int type, > struct posix_acl *acl) > > int > > ext2_init_acl(struct inode *inode, struct inode *dir) > > { > > - struct posix_acl *acl = NULL; > > - int error = 0; > > - > > - if (!S_ISLNK(inode->i_mode)) { > > - if (test_opt(dir->i_sb, POSIX_ACL)) { > > - acl = ext2_get_acl(dir, ACL_TYPE_DEFAULT); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - } > > - if (!acl) > > - inode->i_mode &= ~current_umask(); > > - } > > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > > - if (S_ISDIR(inode->i_mode)) { > > - error = ext2_set_acl(inode, ACL_TYPE_DEFAULT, acl); > > - if (error) > > - goto cleanup; > > - } > > - error = __posix_acl_create(&acl, GFP_KERNEL, > &inode->i_mode); > > - if (error < 0) > > - return error; > > - if (error > 0) { > > - /* This is an extended ACL */ > > - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); > > - } > > - } > > -cleanup: > > - posix_acl_release(acl); > > - return error; > > -} > > - > > -/* > > - * Does chmod for an inode that may have an Access Control List. The > > - * inode->i_mode field must be updated to the desired value by the > caller > > - * before calling this function. > > - * Returns 0 on success, or a negative error number. > > - * > > - * We change the ACL rather than storing some ACL entries in the file > > - * mode permission bits (which would be more efficient), because that > > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > > - * for directories) are added. There are no more bits available in the > > - * file mode. > > - * > > - * inode->i_mutex: down > > - */ > > -int > > -ext2_acl_chmod(struct inode *inode) > > -{ > > - struct posix_acl *acl; > > - int error; > > + struct posix_acl *default_acl, *acl; > > + int error; > > > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > > - return 0; > > - if (S_ISLNK(inode->i_mode)) > > - return -EOPNOTSUPP; > > - acl = ext2_get_acl(inode, ACL_TYPE_ACCESS); > > - if (IS_ERR(acl) || !acl) > > - return PTR_ERR(acl); > > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > > if (error) > > return error; > > - error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl); > > - posix_acl_release(acl); > > - return error; > > -} > > - > > -/* > > - * Extended attribut handlers > > - */ > > -static size_t > > -ext2_xattr_list_acl_access(struct dentry *dentry, char *list, size_t > list_size, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_size) > > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > > - return size; > > -} > > > > -static size_t > > -ext2_xattr_list_acl_default(struct dentry *dentry, char *list, size_t > list_size, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_size) > > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > > - return size; > > -} > > - > > -static int > > -ext2_xattr_get_acl(struct dentry *dentry, const char *name, void > *buffer, > > - size_t size, int type) > > -{ > > - struct posix_acl *acl; > > - int error; > > - > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - > > - acl = ext2_get_acl(dentry->d_inode, type); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - if (acl == NULL) > > - return -ENODATA; > > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > > - posix_acl_release(acl); > > - > > - return error; > > -} > > - > > -static int > > -ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void > *value, > > - size_t size, int flags, int type) > > -{ > > - struct posix_acl *acl; > > - int error; > > - > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - if (!inode_owner_or_capable(dentry->d_inode)) > > - return -EPERM; > > - > > - if (value) { > > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - else if (acl) { > > - error = posix_acl_valid(acl); > > - if (error) > > - goto release_and_out; > > - } > > - } else > > - acl = NULL; > > - > > - error = ext2_set_acl(dentry->d_inode, type, acl); > > - > > -release_and_out: > > - posix_acl_release(acl); > > + if (default_acl) { > > + error = ext2_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); > > + posix_acl_release(default_acl); > > + } > > + if (acl) { > > + if (!error) > > + error = ext2_set_acl(inode, acl, ACL_TYPE_ACCESS); > > + posix_acl_release(acl); > > + } > > return error; > > } > > - > > -const struct xattr_handler ext2_xattr_acl_access_handler = { > > - .prefix = POSIX_ACL_XATTR_ACCESS, > > - .flags = ACL_TYPE_ACCESS, > > - .list = ext2_xattr_list_acl_access, > > - .get = ext2_xattr_get_acl, > > - .set = ext2_xattr_set_acl, > > -}; > > - > > -const struct xattr_handler ext2_xattr_acl_default_handler = { > > - .prefix = POSIX_ACL_XATTR_DEFAULT, > > - .flags = ACL_TYPE_DEFAULT, > > - .list = ext2_xattr_list_acl_default, > > - .get = ext2_xattr_get_acl, > > - .set = ext2_xattr_set_acl, > > -}; > > diff --git a/fs/ext2/acl.h b/fs/ext2/acl.h > > index 503bfb0..44937f9 100644 > > --- a/fs/ext2/acl.h > > +++ b/fs/ext2/acl.h > > @@ -55,7 +55,7 @@ static inline int ext2_acl_count(size_t size) > > > > /* acl.c */ > > extern struct posix_acl *ext2_get_acl(struct inode *inode, int type); > > -extern int ext2_acl_chmod (struct inode *); > > +extern int ext2_set_acl(struct inode *inode, struct posix_acl *acl, int > type); > > extern int ext2_init_acl (struct inode *, struct inode *); > > > > #else > > @@ -63,12 +63,6 @@ extern int ext2_init_acl (struct inode *, struct > inode *); > > #define ext2_get_acl NULL > > #define ext2_set_acl NULL > > > > -static inline int > > -ext2_acl_chmod (struct inode *inode) > > -{ > > - return 0; > > -} > > - > > static inline int ext2_init_acl (struct inode *inode, struct inode *dir) > > { > > return 0; > > diff --git a/fs/ext2/file.c b/fs/ext2/file.c > > index a5b3a5d..44c36e5 100644 > > --- a/fs/ext2/file.c > > +++ b/fs/ext2/file.c > > @@ -103,5 +103,6 @@ const struct inode_operations > ext2_file_inode_operations = { > > #endif > > .setattr = ext2_setattr, > > .get_acl = ext2_get_acl, > > + .set_acl = ext2_set_acl, > > .fiemap = ext2_fiemap, > > }; > > diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c > > index 8a33764..1be8866 100644 > > --- a/fs/ext2/inode.c > > +++ b/fs/ext2/inode.c > > @@ -1566,7 +1566,7 @@ int ext2_setattr(struct dentry *dentry, struct > iattr *iattr) > > } > > setattr_copy(inode, iattr); > > if (iattr->ia_valid & ATTR_MODE) > > - error = ext2_acl_chmod(inode); > > + error = posix_acl_chmod(inode); > > mark_inode_dirty(inode); > > > > return error; > > diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c > > index 256dd5f..c268d0a 100644 > > --- a/fs/ext2/namei.c > > +++ b/fs/ext2/namei.c > > @@ -421,6 +421,7 @@ const struct inode_operations > ext2_dir_inode_operations = { > > #endif > > .setattr = ext2_setattr, > > .get_acl = ext2_get_acl, > > + .set_acl = ext2_set_acl, > > .tmpfile = ext2_tmpfile, > > }; > > > > @@ -433,4 +434,5 @@ const struct inode_operations > ext2_special_inode_operations = { > > #endif > > .setattr = ext2_setattr, > > .get_acl = ext2_get_acl, > > + .set_acl = ext2_set_acl, > > }; > > diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c > > index 2d7557d..9142614 100644 > > --- a/fs/ext2/xattr.c > > +++ b/fs/ext2/xattr.c > > @@ -103,8 +103,8 @@ static struct mb_cache *ext2_xattr_cache; > > static const struct xattr_handler *ext2_xattr_handler_map[] = { > > [EXT2_XATTR_INDEX_USER] = &ext2_xattr_user_handler, > > #ifdef CONFIG_EXT2_FS_POSIX_ACL > > - [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] > &ext2_xattr_acl_access_handler, > > - [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] > &ext2_xattr_acl_default_handler, > > + [EXT2_XATTR_INDEX_POSIX_ACL_ACCESS] > &posix_acl_access_xattr_handler, > > + [EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT] > &posix_acl_default_xattr_handler, > > #endif > > [EXT2_XATTR_INDEX_TRUSTED] = &ext2_xattr_trusted_handler, > > #ifdef CONFIG_EXT2_FS_SECURITY > > @@ -116,8 +116,8 @@ const struct xattr_handler *ext2_xattr_handlers[] = { > > &ext2_xattr_user_handler, > > &ext2_xattr_trusted_handler, > > #ifdef CONFIG_EXT2_FS_POSIX_ACL > > - &ext2_xattr_acl_access_handler, > > - &ext2_xattr_acl_default_handler, > > + &posix_acl_access_xattr_handler, > > + &posix_acl_default_xattr_handler, > > #endif > > #ifdef CONFIG_EXT2_FS_SECURITY > > &ext2_xattr_security_handler, > > diff --git a/fs/ext2/xattr.h b/fs/ext2/xattr.h > > index 5e41ccc..60edf29 100644 > > --- a/fs/ext2/xattr.h > > +++ b/fs/ext2/xattr.h > > @@ -57,8 +57,6 @@ struct ext2_xattr_entry { > > > > extern const struct xattr_handler ext2_xattr_user_handler; > > extern const struct xattr_handler ext2_xattr_trusted_handler; > > -extern const struct xattr_handler ext2_xattr_acl_access_handler; > > -extern const struct xattr_handler ext2_xattr_acl_default_handler; > > extern const struct xattr_handler ext2_xattr_security_handler; > > > > extern ssize_t ext2_listxattr(struct dentry *, char *, size_t); > > diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c > > index 4f3d8fa..e9cb33f 100644 > > --- a/fs/ext3/acl.c > > +++ b/fs/ext3/acl.c > > @@ -190,7 +190,7 @@ ext3_get_acl(struct inode *inode, int type) > > * inode->i_mutex: down unless called from ext3_new_inode > > */ > > static int > > -ext3_set_acl(handle_t *handle, struct inode *inode, int type, > > +__ext3_set_acl(handle_t *handle, struct inode *inode, int type, > > struct posix_acl *acl) > > { > > int name_index; > > @@ -243,204 +243,49 @@ ext3_set_acl(handle_t *handle, struct inode > *inode, int type, > > return error; > > } > > > > -/* > > - * Initialize the ACLs of a new inode. Called from ext3_new_inode. > > - * > > - * dir->i_mutex: down > > - * inode->i_mutex: up (access to inode is still exclusive) > > - */ > > -int > > -ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > -{ > > - struct posix_acl *acl = NULL; > > - int error = 0; > > - > > - if (!S_ISLNK(inode->i_mode)) { > > - if (test_opt(dir->i_sb, POSIX_ACL)) { > > - acl = ext3_get_acl(dir, ACL_TYPE_DEFAULT); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - } > > - if (!acl) > > - inode->i_mode &= ~current_umask(); > > - } > > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > > - if (S_ISDIR(inode->i_mode)) { > > - error = ext3_set_acl(handle, inode, > > - ACL_TYPE_DEFAULT, acl); > > - if (error) > > - goto cleanup; > > - } > > - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > > - if (error < 0) > > - return error; > > - > > - if (error > 0) { > > - /* This is an extended ACL */ > > - error = ext3_set_acl(handle, inode, > ACL_TYPE_ACCESS, acl); > > - } > > - } > > -cleanup: > > - posix_acl_release(acl); > > - return error; > > -} > > - > > -/* > > - * Does chmod for an inode that may have an Access Control List. The > > - * inode->i_mode field must be updated to the desired value by the > caller > > - * before calling this function. > > - * Returns 0 on success, or a negative error number. > > - * > > - * We change the ACL rather than storing some ACL entries in the file > > - * mode permission bits (which would be more efficient), because that > > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > > - * for directories) are added. There are no more bits available in the > > - * file mode. > > - * > > - * inode->i_mutex: down > > - */ > > int > > -ext3_acl_chmod(struct inode *inode) > > +ext3_set_acl(struct inode *inode, struct posix_acl *acl, int type) > > { > > - struct posix_acl *acl; > > handle_t *handle; > > - int retries = 0; > > - int error; > > + int error, retries = 0; > > > > - if (S_ISLNK(inode->i_mode)) > > - return -EOPNOTSUPP; > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > > - return 0; > > - acl = ext3_get_acl(inode, ACL_TYPE_ACCESS); > > - if (IS_ERR(acl) || !acl) > > - return PTR_ERR(acl); > > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > > - if (error) > > - return error; > > retry: > > - handle = ext3_journal_start(inode, > > - EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > > - if (IS_ERR(handle)) { > > - error = PTR_ERR(handle); > > - ext3_std_error(inode->i_sb, error); > > - goto out; > > - } > > - error = ext3_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > > + handle = ext3_journal_start(inode, > EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > > + if (IS_ERR(handle)) > > + return PTR_ERR(handle); > > + error = __ext3_set_acl(handle, inode, type, acl); > > ext3_journal_stop(handle); > > - if (error == -ENOSPC && > > - ext3_should_retry_alloc(inode->i_sb, &retries)) > > + if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, > &retries)) > > goto retry; > > -out: > > - posix_acl_release(acl); > > return error; > > } > > > > /* > > - * Extended attribute handlers > > + * Initialize the ACLs of a new inode. Called from ext3_new_inode. > > + * > > + * dir->i_mutex: down > > + * inode->i_mutex: up (access to inode is still exclusive) > > */ > > -static size_t > > -ext3_xattr_list_acl_access(struct dentry *dentry, char *list, size_t > list_len, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_len) > > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > > - return size; > > -} > > - > > -static size_t > > -ext3_xattr_list_acl_default(struct dentry *dentry, char *list, size_t > list_len, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_len) > > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > > - return size; > > -} > > - > > -static int > > -ext3_xattr_get_acl(struct dentry *dentry, const char *name, void > *buffer, > > - size_t size, int type) > > +int > > +ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > { > > - struct posix_acl *acl; > > + struct posix_acl *default_acl, *acl; > > int error; > > > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - > > - acl = ext3_get_acl(dentry->d_inode, type); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - if (acl == NULL) > > - return -ENODATA; > > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > > - posix_acl_release(acl); > > - > > - return error; > > -} > > - > > -static int > > -ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void > *value, > > - size_t size, int flags, int type) > > -{ > > - struct inode *inode = dentry->d_inode; > > - handle_t *handle; > > - struct posix_acl *acl; > > - int error, retries = 0; > > - > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - if (!inode_owner_or_capable(inode)) > > - return -EPERM; > > - > > - if (value) { > > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - else if (acl) { > > - error = posix_acl_valid(acl); > > - if (error) > > - goto release_and_out; > > - } > > - } else > > - acl = NULL; > > - > > -retry: > > - handle = ext3_journal_start(inode, > EXT3_DATA_TRANS_BLOCKS(inode->i_sb)); > > - if (IS_ERR(handle)) > > - return PTR_ERR(handle); > > - error = ext3_set_acl(handle, inode, type, acl); > > - ext3_journal_stop(handle); > > - if (error == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, > &retries)) > > - goto retry; > > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > > + if (error) > > + return error; > > > > -release_and_out: > > - posix_acl_release(acl); > > + if (default_acl) { > > + error = __ext3_set_acl(handle, inode, ACL_TYPE_DEFAULT, > > + default_acl); > > + posix_acl_release(default_acl); > > + } > > + if (acl) { > > + if (!error) > > + error = __ext3_set_acl(handle, inode, > ACL_TYPE_ACCESS, > > + acl); > > + posix_acl_release(acl); > > + } > > return error; > > } > > - > > -const struct xattr_handler ext3_xattr_acl_access_handler = { > > - .prefix = POSIX_ACL_XATTR_ACCESS, > > - .flags = ACL_TYPE_ACCESS, > > - .list = ext3_xattr_list_acl_access, > > - .get = ext3_xattr_get_acl, > > - .set = ext3_xattr_set_acl, > > -}; > > - > > -const struct xattr_handler ext3_xattr_acl_default_handler = { > > - .prefix = POSIX_ACL_XATTR_DEFAULT, > > - .flags = ACL_TYPE_DEFAULT, > > - .list = ext3_xattr_list_acl_default, > > - .get = ext3_xattr_get_acl, > > - .set = ext3_xattr_set_acl, > > -}; > > diff --git a/fs/ext3/acl.h b/fs/ext3/acl.h > > index dbc921e..ea1c69e 100644 > > --- a/fs/ext3/acl.h > > +++ b/fs/ext3/acl.h > > @@ -55,18 +55,13 @@ static inline int ext3_acl_count(size_t size) > > > > /* acl.c */ > > extern struct posix_acl *ext3_get_acl(struct inode *inode, int type); > > -extern int ext3_acl_chmod (struct inode *); > > +extern int ext3_set_acl(struct inode *inode, struct posix_acl *acl, int > type); > > extern int ext3_init_acl (handle_t *, struct inode *, struct inode *); > > > > #else /* CONFIG_EXT3_FS_POSIX_ACL */ > > #include <linux/sched.h> > > #define ext3_get_acl NULL > > - > > -static inline int > > -ext3_acl_chmod(struct inode *inode) > > -{ > > - return 0; > > -} > > +#define ext3_set_acl NULL > > > > static inline int > > ext3_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > diff --git a/fs/ext3/file.c b/fs/ext3/file.c > > index 25cb413..aad0531 100644 > > --- a/fs/ext3/file.c > > +++ b/fs/ext3/file.c > > @@ -75,6 +75,7 @@ const struct inode_operations > ext3_file_inode_operations = { > > .removexattr = generic_removexattr, > > #endif > > .get_acl = ext3_get_acl, > > + .set_acl = ext3_set_acl, > > .fiemap = ext3_fiemap, > > }; > > > > diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c > > index 2bd8548..150b6c1 100644 > > --- a/fs/ext3/inode.c > > +++ b/fs/ext3/inode.c > > @@ -3365,7 +3365,7 @@ int ext3_setattr(struct dentry *dentry, struct > iattr *attr) > > mark_inode_dirty(inode); > > > > if (ia_valid & ATTR_MODE) > > - rc = ext3_acl_chmod(inode); > > + rc = posix_acl_chmod(inode); > > > > err_out: > > ext3_std_error(inode->i_sb, error); > > diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c > > index f8cde46..f197736 100644 > > --- a/fs/ext3/namei.c > > +++ b/fs/ext3/namei.c > > @@ -2569,6 +2569,7 @@ const struct inode_operations > ext3_dir_inode_operations = { > > .removexattr = generic_removexattr, > > #endif > > .get_acl = ext3_get_acl, > > + .set_acl = ext3_set_acl, > > }; > > > > const struct inode_operations ext3_special_inode_operations = { > > @@ -2580,4 +2581,5 @@ const struct inode_operations > ext3_special_inode_operations = { > > .removexattr = generic_removexattr, > > #endif > > .get_acl = ext3_get_acl, > > + .set_acl = ext3_set_acl, > > }; > > diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c > > index b1fc963..c6874be 100644 > > --- a/fs/ext3/xattr.c > > +++ b/fs/ext3/xattr.c > > @@ -102,8 +102,8 @@ static struct mb_cache *ext3_xattr_cache; > > static const struct xattr_handler *ext3_xattr_handler_map[] = { > > [EXT3_XATTR_INDEX_USER] = &ext3_xattr_user_handler, > > #ifdef CONFIG_EXT3_FS_POSIX_ACL > > - [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] > &ext3_xattr_acl_access_handler, > > - [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] > &ext3_xattr_acl_default_handler, > > + [EXT3_XATTR_INDEX_POSIX_ACL_ACCESS] > &posix_acl_access_xattr_handler, > > + [EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT] > &posix_acl_default_xattr_handler, > > #endif > > [EXT3_XATTR_INDEX_TRUSTED] = &ext3_xattr_trusted_handler, > > #ifdef CONFIG_EXT3_FS_SECURITY > > @@ -115,8 +115,8 @@ const struct xattr_handler *ext3_xattr_handlers[] = { > > &ext3_xattr_user_handler, > > &ext3_xattr_trusted_handler, > > #ifdef CONFIG_EXT3_FS_POSIX_ACL > > - &ext3_xattr_acl_access_handler, > > - &ext3_xattr_acl_default_handler, > > + &posix_acl_access_xattr_handler, > > + &posix_acl_default_xattr_handler, > > #endif > > #ifdef CONFIG_EXT3_FS_SECURITY > > &ext3_xattr_security_handler, > > diff --git a/fs/ext3/xattr.h b/fs/ext3/xattr.h > > index 2be4f69..32e93eb 100644 > > --- a/fs/ext3/xattr.h > > +++ b/fs/ext3/xattr.h > > @@ -60,8 +60,6 @@ struct ext3_xattr_entry { > > > > extern const struct xattr_handler ext3_xattr_user_handler; > > extern const struct xattr_handler ext3_xattr_trusted_handler; > > -extern const struct xattr_handler ext3_xattr_acl_access_handler; > > -extern const struct xattr_handler ext3_xattr_acl_default_handler; > > extern const struct xattr_handler ext3_xattr_security_handler; > > > > extern ssize_t ext3_listxattr(struct dentry *, char *, size_t); > > diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c > > index f827f3b..acaba0f 100644 > > --- a/fs/ext4/acl.c > > +++ b/fs/ext4/acl.c > > @@ -196,7 +196,7 @@ ext4_get_acl(struct inode *inode, int type) > > * inode->i_mutex: down unless called from ext4_new_inode > > */ > > static int > > -ext4_set_acl(handle_t *handle, struct inode *inode, int type, > > +__ext4_set_acl(handle_t *handle, struct inode *inode, int type, > > struct posix_acl *acl) > > { > > int name_index; > > @@ -248,208 +248,51 @@ ext4_set_acl(handle_t *handle, struct inode > *inode, int type, > > return error; > > } > > > > -/* > > - * Initialize the ACLs of a new inode. Called from ext4_new_inode. > > - * > > - * dir->i_mutex: down > > - * inode->i_mutex: up (access to inode is still exclusive) > > - */ > > -int > > -ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > -{ > > - struct posix_acl *acl = NULL; > > - int error = 0; > > - > > - if (!S_ISLNK(inode->i_mode)) { > > - if (test_opt(dir->i_sb, POSIX_ACL)) { > > - acl = ext4_get_acl(dir, ACL_TYPE_DEFAULT); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - } > > - if (!acl) > > - inode->i_mode &= ~current_umask(); > > - } > > - if (test_opt(inode->i_sb, POSIX_ACL) && acl) { > > - if (S_ISDIR(inode->i_mode)) { > > - error = ext4_set_acl(handle, inode, > > - ACL_TYPE_DEFAULT, acl); > > - if (error) > > - goto cleanup; > > - } > > - error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); > > - if (error < 0) > > - return error; > > - > > - if (error > 0) { > > - /* This is an extended ACL */ > > - error = ext4_set_acl(handle, inode, > ACL_TYPE_ACCESS, acl); > > - } > > - } > > -cleanup: > > - posix_acl_release(acl); > > - return error; > > -} > > - > > -/* > > - * Does chmod for an inode that may have an Access Control List. The > > - * inode->i_mode field must be updated to the desired value by the > caller > > - * before calling this function. > > - * Returns 0 on success, or a negative error number. > > - * > > - * We change the ACL rather than storing some ACL entries in the file > > - * mode permission bits (which would be more efficient), because that > > - * would break once additional permissions (like ACL_APPEND, ACL_DELETE > > - * for directories) are added. There are no more bits available in the > > - * file mode. > > - * > > - * inode->i_mutex: down > > - */ > > int > > -ext4_acl_chmod(struct inode *inode) > > +ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type) > > { > > - struct posix_acl *acl; > > handle_t *handle; > > - int retries = 0; > > - int error; > > - > > + int error, retries = 0; > > > > - if (S_ISLNK(inode->i_mode)) > > - return -EOPNOTSUPP; > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > > - return 0; > > - acl = ext4_get_acl(inode, ACL_TYPE_ACCESS); > > - if (IS_ERR(acl) || !acl) > > - return PTR_ERR(acl); > > - error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > > - if (error) > > - return error; > > retry: > > handle = ext4_journal_start(inode, EXT4_HT_XATTR, > > ext4_jbd2_credits_xattr(inode)); > > - if (IS_ERR(handle)) { > > - error = PTR_ERR(handle); > > - ext4_std_error(inode->i_sb, error); > > - goto out; > > - } > > - error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, acl); > > + if (IS_ERR(handle)) > > + return PTR_ERR(handle); > > + > > + error = __ext4_set_acl(handle, inode, type, acl); > > ext4_journal_stop(handle); > > - if (error == -ENOSPC && > > - ext4_should_retry_alloc(inode->i_sb, &retries)) > > + if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, > &retries)) > > goto retry; > > -out: > > - posix_acl_release(acl); > > return error; > > } > > > > /* > > - * Extended attribute handlers > > + * Initialize the ACLs of a new inode. Called from ext4_new_inode. > > + * > > + * dir->i_mutex: down > > + * inode->i_mutex: up (access to inode is still exclusive) > > */ > > -static size_t > > -ext4_xattr_list_acl_access(struct dentry *dentry, char *list, size_t > list_len, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_len) > > - memcpy(list, POSIX_ACL_XATTR_ACCESS, size); > > - return size; > > -} > > - > > -static size_t > > -ext4_xattr_list_acl_default(struct dentry *dentry, char *list, size_t > list_len, > > - const char *name, size_t name_len, int type) > > -{ > > - const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); > > - > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return 0; > > - if (list && size <= list_len) > > - memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); > > - return size; > > -} > > - > > -static int > > -ext4_xattr_get_acl(struct dentry *dentry, const char *name, void > *buffer, > > - size_t size, int type) > > +int > > +ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > { > > - struct posix_acl *acl; > > + struct posix_acl *default_acl, *acl; > > int error; > > > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(dentry->d_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - > > - acl = ext4_get_acl(dentry->d_inode, type); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - if (acl == NULL) > > - return -ENODATA; > > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > > - posix_acl_release(acl); > > - > > - return error; > > -} > > - > > -static int > > -ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void > *value, > > - size_t size, int flags, int type) > > -{ > > - struct inode *inode = dentry->d_inode; > > - handle_t *handle; > > - struct posix_acl *acl; > > - int error, retries = 0; > > - > > - if (strcmp(name, "") != 0) > > - return -EINVAL; > > - if (!test_opt(inode->i_sb, POSIX_ACL)) > > - return -EOPNOTSUPP; > > - if (!inode_owner_or_capable(inode)) > > - return -EPERM; > > - > > - if (value) { > > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > > - if (IS_ERR(acl)) > > - return PTR_ERR(acl); > > - else if (acl) { > > - error = posix_acl_valid(acl); > > - if (error) > > - goto release_and_out; > > - } > > - } else > > - acl = NULL; > > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > > + if (error) > > + return error; > > > > -retry: > > - handle = ext4_journal_start(inode, EXT4_HT_XATTR, > > - ext4_jbd2_credits_xattr(inode)); > > - if (IS_ERR(handle)) { > > - error = PTR_ERR(handle); > > - goto release_and_out; > > + if (default_acl) { > > + error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT, > > + default_acl); > > + posix_acl_release(default_acl); > > + } > > + if (acl) { > > + if (!error) > > + error = __ext4_set_acl(handle, inode, > ACL_TYPE_ACCESS, > > + acl); > > + posix_acl_release(acl); > > } > > - error = ext4_set_acl(handle, inode, type, acl); > > - ext4_journal_stop(handle); > > - if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, > &retries)) > > - goto retry; > > - > > -release_and_out: > > - posix_acl_release(acl); > > return error; > > } > > - > > -const struct xattr_handler ext4_xattr_acl_access_handler = { > > - .prefix = POSIX_ACL_XATTR_ACCESS, > > - .flags = ACL_TYPE_ACCESS, > > - .list = ext4_xattr_list_acl_access, > > - .get = ext4_xattr_get_acl, > > - .set = ext4_xattr_set_acl, > > -}; > > - > > -const struct xattr_handler ext4_xattr_acl_default_handler = { > > - .prefix = POSIX_ACL_XATTR_DEFAULT, > > - .flags = ACL_TYPE_DEFAULT, > > - .list = ext4_xattr_list_acl_default, > > - .get = ext4_xattr_get_acl, > > - .set = ext4_xattr_set_acl, > > -}; > > diff --git a/fs/ext4/acl.h b/fs/ext4/acl.h > > index 18cb39e..da2c795 100644 > > --- a/fs/ext4/acl.h > > +++ b/fs/ext4/acl.h > > @@ -55,18 +55,13 @@ static inline int ext4_acl_count(size_t size) > > > > /* acl.c */ > > struct posix_acl *ext4_get_acl(struct inode *inode, int type); > > -extern int ext4_acl_chmod(struct inode *); > > +int ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type); > > extern int ext4_init_acl(handle_t *, struct inode *, struct inode *); > > > > #else /* CONFIG_EXT4_FS_POSIX_ACL */ > > #include <linux/sched.h> > > #define ext4_get_acl NULL > > - > > -static inline int > > -ext4_acl_chmod(struct inode *inode) > > -{ > > - return 0; > > -} > > +#define ext4_set_acl NULL > > > > static inline int > > ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) > > diff --git a/fs/ext4/file.c b/fs/ext4/file.c > > index 3da2194..43e64f6 100644 > > --- a/fs/ext4/file.c > > +++ b/fs/ext4/file.c > > @@ -617,6 +617,7 @@ const struct inode_operations > ext4_file_inode_operations = { > > .listxattr = ext4_listxattr, > > .removexattr = generic_removexattr, > > .get_acl = ext4_get_acl, > > + .set_acl = ext4_set_acl, > > .fiemap = ext4_fiemap, > > }; > > > > diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c > > index 0757634..6f69f96 100644 > > --- a/fs/ext4/inode.c > > +++ b/fs/ext4/inode.c > > @@ -4675,7 +4675,7 @@ int ext4_setattr(struct dentry *dentry, struct > iattr *attr) > > ext4_orphan_del(NULL, inode); > > > > if (!rc && (ia_valid & ATTR_MODE)) > > - rc = ext4_acl_chmod(inode); > > + rc = posix_acl_chmod(inode); > > > > err_out: > > ext4_std_error(inode->i_sb, error); > > diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c > > index 5a0408d..e77c1ba 100644 > > --- a/fs/ext4/namei.c > > +++ b/fs/ext4/namei.c > > @@ -3225,6 +3225,7 @@ const struct inode_operations > ext4_dir_inode_operations = { > > .listxattr = ext4_listxattr, > > .removexattr = generic_removexattr, > > .get_acl = ext4_get_acl, > > + .set_acl = ext4_set_acl, > > .fiemap = ext4_fiemap, > > }; > > > > @@ -3235,4 +3236,5 @@ const struct inode_operations > ext4_special_inode_operations = { > > .listxattr = ext4_listxattr, > > .removexattr = generic_removexattr, > > .get_acl = ext4_get_acl, > > + .set_acl = ext4_set_acl, > > }; > > diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c > > index 1423c48..e175e94 100644 > > --- a/fs/ext4/xattr.c > > +++ b/fs/ext4/xattr.c > > @@ -95,8 +95,8 @@ static struct mb_cache *ext4_xattr_cache; > > static const struct xattr_handler *ext4_xattr_handler_map[] = { > > [EXT4_XATTR_INDEX_USER] = &ext4_xattr_user_handler, > > #ifdef CONFIG_EXT4_FS_POSIX_ACL > > - [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] > &ext4_xattr_acl_access_handler, > > - [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] > &ext4_xattr_acl_default_handler, > > + [EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] > &posix_acl_access_xattr_handler, > > + [EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] > &posix_acl_default_xattr_handler, > > #endif > > [EXT4_XATTR_INDEX_TRUSTED] = &ext4_xattr_trusted_handler, > > #ifdef CONFIG_EXT4_FS_SECURITY > > @@ -108,8 +108,8 @@ const struct xattr_handler *ext4_xattr_handlers[] = { > > &ext4_xattr_user_handler, > > &ext4_xattr_trusted_handler, > > #ifdef CONFIG_EXT4_FS_POSIX_ACL > > - &ext4_xattr_acl_access_handler, > > - &ext4_xattr_acl_default_handler, > > + &posix_acl_access_xattr_handler, > > + &posix_acl_default_xattr_handler, > > #endif > > #ifdef CONFIG_EXT4_FS_SECURITY > > &ext4_xattr_security_handler, > > diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h > > index c767dbd..819d639 100644 > > --- a/fs/ext4/xattr.h > > +++ b/fs/ext4/xattr.h > > @@ -96,8 +96,6 @@ struct ext4_xattr_ibody_find { > > > > extern const struct xattr_handler ext4_xattr_user_handler; > > extern const struct xattr_handler ext4_xattr_trusted_handler; > > -extern const struct xattr_handler ext4_xattr_acl_access_handler; > > -extern const struct xattr_handler ext4_xattr_acl_default_handler; > > extern const struct xattr_handler ext4_xattr_security_handler; > > > > extern ssize_t ext4_listxattr(struct dentry *, char *, size_t); > > -- > > 1.7.10.4 > > > > > > -- > > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" > in > > the body of a message to majordomo@vger.kernel.org > > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- > Jan Kara <jack@suse.cz> > SUSE Labs, CR > > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. Most IT > organizations don''t have a clear picture of how application performance > affects their revenue. With AppDynamics, you get 100% visibility into your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics > Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk > _______________________________________________ > Jfs-discussion mailing list > Jfs-discussion@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/jfs-discussion >_______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Jan Kara
2013-Dec-02 23:00 UTC
Re: [PATCH 12/18] ocfs2: use generic posix ACL infrastructure
On Sun 01-12-13 03:59:15, Christoph Hellwig wrote:> This contains some major refactoring for the create path so that > inodes are created with the right mode to start with instead of > fixing it up later. > > Signed-off-by: Christoph Hellwig <hch@lst.de>...> -int ocfs2_acl_chmod(struct inode *inode) > -{ > - struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); > - struct posix_acl *acl; > - int ret; > - > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - > - if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) > - return 0; > - > - acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl) || !acl) > - return PTR_ERR(acl); > - ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); > - if (ret) > - return ret; > - ret = ocfs2_set_acl(NULL, inode, NULL, ACL_TYPE_ACCESS, > - acl, NULL, NULL); > - posix_acl_release(acl); > - return ret; > -}...> diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c > index 6fff128..ac371ad 100644 > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -1236,7 +1236,7 @@ bail: > dqput(transfer_to[qtype]); > > if (!status && attr->ia_valid & ATTR_MODE) { > - status = ocfs2_acl_chmod(inode); > + status = posix_acl_chmod(inode); > if (status < 0) > mlog_errno(status); > }Hum, this changes the cluster locking. Previously ocfs2_acl_get() used from ocfs2_acl_chmod() grabbed cluster wide inode lock. Now getting of ACL isn''t protected by the inode lock. That being said the cluster locking around setattr looks fishy anyway - if two processes on different nodes are changing attributes of the same file, changing ACLs post fact after dropping inode lock could cause interesting effects. Also I''m wondering how inode_change_ok() can ever be safe without holding inode lock... Until we grab that other node is free to change e.g. owner of the inode thus leading even to security implications. But maybe I''m missing something. Mark, Joel? Honza -- Jan Kara <jack@suse.cz> SUSE Labs, CR _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Dave Chinner
2013-Dec-02 23:34 UTC
Re: [PATCH 14/18] xfs: use generic posix ACL infrastructure
On Sun, Dec 01, 2013 at 03:59:17AM -0800, Christoph Hellwig wrote:> Also create inodes with the proper mode instead of fixing it up later. > > Signed-off-by: Christoph Hellwig <hch@lst.de>Nice cleanup work, Christoph. Reviewed-by: Dave Chinner <dchinner@redhat.com> -- Dave Chinner david@fromorbit.com _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Christoph Hellwig
2013-Dec-03 10:48 UTC
Re: [PATCH 12/18] ocfs2: use generic posix ACL infrastructure
On Tue, Dec 03, 2013 at 12:00:07AM +0100, Jan Kara wrote:> Hum, this changes the cluster locking. Previously ocfs2_acl_get() used > from ocfs2_acl_chmod() grabbed cluster wide inode lock. Now getting of ACL > isn''t protected by the inode lock. That being said the cluster locking > around setattr looks fishy anyway - if two processes on different > nodes are changing attributes of the same file, changing ACLs post fact > after dropping inode lock could cause interesting effects. Also I''m > wondering how inode_change_ok() can ever be safe without holding inode > lock... Until we grab that other node is free to change e.g. owner of the > inode thus leading even to security implications. But maybe I''m missing > something. Mark, Joel?Hmm, indeed. How does ocfs2_iop_get_acl get away without that lock? Btw, ocfs2 changes will need careful testing as I couldn''t find any easy way to run xfstests on ocfs2 out of the box. ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/
Steven Whitehouse
2013-Dec-04 12:12 UTC
Re: [Cluster-devel] [PATCH 16/18] gfs2: use generic posix ACL infrastructure
Hi, On Sun, 2013-12-01 at 03:59 -0800, Christoph Hellwig wrote:> plain text document attachment > (0016-gfs2-use-generic-posix-ACL-infrastructure.patch) > This contains some major refactoring for the create path so that > inodes are created with the right mode to start with instead of > fixing it up later. > > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/gfs2/acl.c | 229 +++++++------------------------------------------------ > fs/gfs2/acl.h | 4 +- > fs/gfs2/inode.c | 33 ++++++-- > fs/gfs2/xattr.c | 4 +- > 4 files changed, 61 insertions(+), 209 deletions(-) >Looks very good. I''d really like to be able to do something similar with the security xattrs, in terms of the refactoring that at inode creation to give the xattrs ahead of the inode allocation itself. That way it should be possible to allocate the xattr blocks at the same time as the inode, rather than as an after thought. Some more comments below....> diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c > index e82e4ac..e6c7a2c 100644 > --- a/fs/gfs2/acl.c > +++ b/fs/gfs2/acl.c[snip]> - > -static int gfs2_xattr_system_set(struct dentry *dentry, const char *name, > - const void *value, size_t size, int flags, > - int xtype) > -{ > - struct inode *inode = dentry->d_inode; > - struct gfs2_sbd *sdp = GFS2_SB(inode); > - struct posix_acl *acl = NULL; > - int error = 0, type; > - > - if (!sdp->sd_args.ar_posix_acl) > - return -EOPNOTSUPP; > - > - type = gfs2_acl_type(name); > - if (type < 0) > - return type; > - if (flags & XATTR_CREATE) > - return -EINVAL; > - if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) > - return value ? -EACCES : 0; > - if (!uid_eq(current_fsuid(), inode->i_uid) && !capable(CAP_FOWNER)) > - return -EPERM; > - if (S_ISLNK(inode->i_mode)) > - return -EOPNOTSUPP; > - > - if (!value) > - goto set_acl; > > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (!acl) { > - /* > - * acl_set_file(3) may request that we set default ACLs with > - * zero length -- defend (gracefully) against that here. > - */ > - goto out; > - } > - if (IS_ERR(acl)) { > - error = PTR_ERR(acl); > - goto out; > - } > - > - error = posix_acl_valid(acl); > - if (error) > - goto out_release; > - > - error = -EINVAL; > if (acl->a_count > GFS2_ACL_MAX_ENTRIES) > - goto out_release; > + return -EINVAL; > > if (type == ACL_TYPE_ACCESS) { > umode_t mode = inode->i_mode; > + > error = posix_acl_equiv_mode(acl, &mode); > + if (error < 0) >Andy Price has pointed out a missing "return error;" here> - if (error <= 0) { > - posix_acl_release(acl); > + if (error == 0) > acl = NULL; > > - if (error < 0) > - return error; > - } > -Also, there seems to be a white space error in the xfs patch around line 170 in fs/xfs/xfs_iops.c where there is an added "if (default_acl)" with a space before the tab, Steve. _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Andreas Gruenbacher
2013-Dec-05 17:57 UTC
Re: [PATCH 00/18] Consolidate Posix ACL implementation
Christoph, nice work, and a pretty diffstat. I see that get_acl and set_acl are being defined in some but not all symlink inode operations (for example, btrfs them while ext4 does not), and that posix_acl_xattr_set() doesn''t check if set_acl is defined. Symlinks cannot have ACLs, so set_acl should either never be defined for symlinks (and a NULL check is then needed in posix_acl_xattr_set()), or it is defined in all inode operations, and S_ISNLNK() check is needed in posix_acl_xattr_set(). That latter check should probably be added in any case to be on the safe side. Test case: setfattr -h -n system.posix_acl_access \ -v 0sAgAAAAEABgD/////AgAGABMEAAAEAAYA/////xAABgD/////IAAEAP////8= \ symlink Patch 6 also declares posix_acl_prepare() but this function is never introduced; this must be a leftover from a previous version. Thanks, Andreas _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs
Jaegeuk Kim
2013-Dec-06 01:37 UTC
Re: [PATCH 09/18] f2fs: use generic posix ACL infrastructure
2013-12-01 (일), 03:59 -0800, Christoph Hellwig:> f2fs has some weird mode bit handling, so still using the old > chmod code for now.f2fs caches a new mode bit for a while to make the consistency between xattr''s acl mode and the inode mode. Anyway, it''s a very good job. Thanks, You can add: Reviewed-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>> > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > fs/f2fs/acl.c | 140 +++++++++---------------------------------------------- > fs/f2fs/acl.h | 1 + > fs/f2fs/file.c | 1 + > fs/f2fs/namei.c | 2 + > fs/f2fs/xattr.c | 9 ++-- > fs/f2fs/xattr.h | 2 - > 6 files changed, 30 insertions(+), 125 deletions(-) > > diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c > index 45e8430..4f52fe0f 100644 > --- a/fs/f2fs/acl.c > +++ b/fs/f2fs/acl.c > @@ -205,7 +205,7 @@ struct posix_acl *f2fs_get_acl(struct inode *inode, int type) > return acl; > } > > -static int f2fs_set_acl(struct inode *inode, int type, > +static int __f2fs_set_acl(struct inode *inode, int type, > struct posix_acl *acl, struct page *ipage) > { > struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); > @@ -261,37 +261,32 @@ static int f2fs_set_acl(struct inode *inode, int type, > return error; > } > > +int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type) > +{ > + return __f2fs_set_acl(inode, type, acl, NULL); > +} > + > int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) > { > - struct f2fs_sb_info *sbi = F2FS_SB(dir->i_sb); > - struct posix_acl *acl = NULL; > + struct posix_acl *default_acl, *acl; > int error = 0; > > - if (!S_ISLNK(inode->i_mode)) { > - if (test_opt(sbi, POSIX_ACL)) { > - acl = f2fs_get_acl(dir, ACL_TYPE_DEFAULT); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - } > - if (!acl) > - inode->i_mode &= ~current_umask(); > - } > - > - if (!test_opt(sbi, POSIX_ACL) || !acl) > - goto cleanup; > + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); > + if (error) > + return error; > > - if (S_ISDIR(inode->i_mode)) { > - error = f2fs_set_acl(inode, ACL_TYPE_DEFAULT, acl, ipage); > + if (default_acl) { > + error = __f2fs_set_acl(inode, ACL_TYPE_DEFAULT, default_acl, > + ipage); > + posix_acl_release(default_acl); > + } > + if (acl) { > if (error) > - goto cleanup; > + error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, > + ipage); > + posix_acl_release(acl); > } > - error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode); > - if (error < 0) > - return error; > - if (error > 0) > - error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, ipage); > -cleanup: > - posix_acl_release(acl); > + > return error; > } > > @@ -315,100 +310,7 @@ int f2fs_acl_chmod(struct inode *inode) > if (error) > return error; > > - error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); > - posix_acl_release(acl); > - return error; > -} > - > -static size_t f2fs_xattr_list_acl(struct dentry *dentry, char *list, > - size_t list_size, const char *name, size_t name_len, int type) > -{ > - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); > - const char *xname = POSIX_ACL_XATTR_DEFAULT; > - size_t size; > - > - if (!test_opt(sbi, POSIX_ACL)) > - return 0; > - > - if (type == ACL_TYPE_ACCESS) > - xname = POSIX_ACL_XATTR_ACCESS; > - > - size = strlen(xname) + 1; > - if (list && size <= list_size) > - memcpy(list, xname, size); > - return size; > -} > - > -static int f2fs_xattr_get_acl(struct dentry *dentry, const char *name, > - void *buffer, size_t size, int type) > -{ > - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); > - struct posix_acl *acl; > - int error; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(sbi, POSIX_ACL)) > - return -EOPNOTSUPP; > - > - acl = f2fs_get_acl(dentry->d_inode, type); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (!acl) > - return -ENODATA; > - error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); > - posix_acl_release(acl); > - > - return error; > -} > - > -static int f2fs_xattr_set_acl(struct dentry *dentry, const char *name, > - const void *value, size_t size, int flags, int type) > -{ > - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); > - struct inode *inode = dentry->d_inode; > - struct posix_acl *acl = NULL; > - int error; > - > - if (strcmp(name, "") != 0) > - return -EINVAL; > - if (!test_opt(sbi, POSIX_ACL)) > - return -EOPNOTSUPP; > - if (!inode_owner_or_capable(inode)) > - return -EPERM; > - > - if (value) { > - acl = posix_acl_from_xattr(&init_user_ns, value, size); > - if (IS_ERR(acl)) > - return PTR_ERR(acl); > - if (acl) { > - error = posix_acl_valid(acl); > - if (error) > - goto release_and_out; > - } > - } else { > - acl = NULL; > - } > - > - error = f2fs_set_acl(inode, type, acl, NULL); > - > -release_and_out: > + error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); > posix_acl_release(acl); > return error; > } > - > -const struct xattr_handler f2fs_xattr_acl_default_handler = { > - .prefix = POSIX_ACL_XATTR_DEFAULT, > - .flags = ACL_TYPE_DEFAULT, > - .list = f2fs_xattr_list_acl, > - .get = f2fs_xattr_get_acl, > - .set = f2fs_xattr_set_acl, > -}; > - > -const struct xattr_handler f2fs_xattr_acl_access_handler = { > - .prefix = POSIX_ACL_XATTR_ACCESS, > - .flags = ACL_TYPE_ACCESS, > - .list = f2fs_xattr_list_acl, > - .get = f2fs_xattr_get_acl, > - .set = f2fs_xattr_set_acl, > -}; > diff --git a/fs/f2fs/acl.h b/fs/f2fs/acl.h > index 4963313..2af31fe 100644 > --- a/fs/f2fs/acl.h > +++ b/fs/f2fs/acl.h > @@ -37,6 +37,7 @@ struct f2fs_acl_header { > #ifdef CONFIG_F2FS_FS_POSIX_ACL > > extern struct posix_acl *f2fs_get_acl(struct inode *, int); > +extern int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type); > extern int f2fs_acl_chmod(struct inode *); > extern int f2fs_init_acl(struct inode *, struct inode *, struct page *); > #else > diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c > index 7d714f4..13eff60 100644 > --- a/fs/f2fs/file.c > +++ b/fs/f2fs/file.c > @@ -405,6 +405,7 @@ const struct inode_operations f2fs_file_inode_operations = { > .getattr = f2fs_getattr, > .setattr = f2fs_setattr, > .get_acl = f2fs_get_acl, > + .set_acl = f2fs_set_acl, > #ifdef CONFIG_F2FS_FS_XATTR > .setxattr = generic_setxattr, > .getxattr = generic_getxattr, > diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c > index 575adac..5846eeb 100644 > --- a/fs/f2fs/namei.c > +++ b/fs/f2fs/namei.c > @@ -496,6 +496,7 @@ const struct inode_operations f2fs_dir_inode_operations = { > .getattr = f2fs_getattr, > .setattr = f2fs_setattr, > .get_acl = f2fs_get_acl, > + .set_acl = f2fs_set_acl, > #ifdef CONFIG_F2FS_FS_XATTR > .setxattr = generic_setxattr, > .getxattr = generic_getxattr, > @@ -522,6 +523,7 @@ const struct inode_operations f2fs_special_inode_operations = { > .getattr = f2fs_getattr, > .setattr = f2fs_setattr, > .get_acl = f2fs_get_acl, > + .set_acl = f2fs_set_acl, > #ifdef CONFIG_F2FS_FS_XATTR > .setxattr = generic_setxattr, > .getxattr = generic_getxattr, > diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c > index aa7a3f1..e2b9299 100644 > --- a/fs/f2fs/xattr.c > +++ b/fs/f2fs/xattr.c > @@ -21,6 +21,7 @@ > #include <linux/rwsem.h> > #include <linux/f2fs_fs.h> > #include <linux/security.h> > +#include <linux/posix_acl_xattr.h> > #include "f2fs.h" > #include "xattr.h" > > @@ -216,8 +217,8 @@ const struct xattr_handler f2fs_xattr_security_handler = { > static const struct xattr_handler *f2fs_xattr_handler_map[] = { > [F2FS_XATTR_INDEX_USER] = &f2fs_xattr_user_handler, > #ifdef CONFIG_F2FS_FS_POSIX_ACL > - [F2FS_XATTR_INDEX_POSIX_ACL_ACCESS] = &f2fs_xattr_acl_access_handler, > - [F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT] = &f2fs_xattr_acl_default_handler, > + [F2FS_XATTR_INDEX_POSIX_ACL_ACCESS] = &posix_acl_access_xattr_handler, > + [F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler, > #endif > [F2FS_XATTR_INDEX_TRUSTED] = &f2fs_xattr_trusted_handler, > #ifdef CONFIG_F2FS_FS_SECURITY > @@ -229,8 +230,8 @@ static const struct xattr_handler *f2fs_xattr_handler_map[] = { > const struct xattr_handler *f2fs_xattr_handlers[] = { > &f2fs_xattr_user_handler, > #ifdef CONFIG_F2FS_FS_POSIX_ACL > - &f2fs_xattr_acl_access_handler, > - &f2fs_xattr_acl_default_handler, > + &posix_acl_access_xattr_handler, > + &posix_acl_default_xattr_handler, > #endif > &f2fs_xattr_trusted_handler, > #ifdef CONFIG_F2FS_FS_SECURITY > diff --git a/fs/f2fs/xattr.h b/fs/f2fs/xattr.h > index 02a08fb..b21d9eb 100644 > --- a/fs/f2fs/xattr.h > +++ b/fs/f2fs/xattr.h > @@ -108,8 +108,6 @@ struct f2fs_xattr_entry { > #ifdef CONFIG_F2FS_FS_XATTR > extern const struct xattr_handler f2fs_xattr_user_handler; > extern const struct xattr_handler f2fs_xattr_trusted_handler; > -extern const struct xattr_handler f2fs_xattr_acl_access_handler; > -extern const struct xattr_handler f2fs_xattr_acl_default_handler; > extern const struct xattr_handler f2fs_xattr_advise_handler; > extern const struct xattr_handler f2fs_xattr_security_handler; >-- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Christoph Hellwig
2013-Dec-06 19:46 UTC
Re: [PATCH 00/18] Consolidate Posix ACL implementation
On Thu, Dec 05, 2013 at 06:57:14PM +0100, Andreas Gruenbacher wrote:> I see that get_acl and set_acl are being defined in some but not all symlink inode operations (for example, btrfs them while ext4 does not), and that posix_acl_xattr_set() doesn''t check if set_acl is defined. Symlinks cannot have ACLs, so set_acl should either never be defined for symlinks (and a NULL check is then needed in posix_acl_xattr_set()), or it is defined in all inode operations, and S_ISNLNK() check is needed in posix_acl_xattr_set(). That latter check should probably be added in any case to be on the safe side.Yes, we should add the check. We also in general should not have set_acl/get_acl on links and I''ll look over it.> Patch 6 also declares posix_acl_prepare() but this function is never introduced; this must be a leftover from a previous version.Indeed. Thanks for the review! -- To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Christoph Hellwig
2013-Dec-06 19:47 UTC
Re: [Cluster-devel] [PATCH 16/18] gfs2: use generic posix ACL infrastructure
On Wed, Dec 04, 2013 at 12:12:37PM +0000, Steven Whitehouse wrote:> > error = posix_acl_equiv_mode(acl, &mode); > > + if (error < 0) > > > Andy Price has pointed out a missing "return error;" here > > > - if (error <= 0) { > > - posix_acl_release(acl); > > + if (error == 0) > > acl = NULL; > > > > - if (error < 0) > > - return error; > > - } > > - > > Also, there seems to be a white space error in the xfs patch around line > 170 in fs/xfs/xfs_iops.c where there is an added "if (default_acl)" with > a space before the tab,I''ll take care of these for the next version. -- To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Christoph Hellwig
2013-Dec-08 09:14 UTC
Re: [PATCH 09/18] f2fs: use generic posix ACL infrastructure
On Fri, Dec 06, 2013 at 10:37:34AM +0900, Jaegeuk Kim wrote:> f2fs caches a new mode bit for a while to make the consistency between > xattr''s acl mode and the inode mode.Can you explain what exactly you''re trying to do there? I''ve been trying to unwrap what''s going on and can''t really see the point: - i_acl_mode and FI_ACL_MODE get set in __setattr_copy, but right after that call, still under i_mutex and before marking the inode dirty f2fs_acl_chmod makes use of it, and it gets cleared right after. Is there any race that could happen with a locked inode not marked dirty yet on f2fs? We could pass a mode argument to posix_acl_create, but I''d prefer to avoid that if we can. - on the set_acl side it gets set in __f2fs_set_acl, and then i_mode is update in __f2fs_setxattr which could easily done with a stack variable. RFC patch below: diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c index 4f52fe0f..6647545 100644 --- a/fs/f2fs/acl.c +++ b/fs/f2fs/acl.c @@ -17,9 +17,6 @@ #include "xattr.h" #include "acl.h" -#define get_inode_mode(i) ((is_inode_flag_set(F2FS_I(i), FI_ACL_MODE)) ? \ - (F2FS_I(i)->i_acl_mode) : ((i)->i_mode)) - static inline size_t f2fs_acl_size(int count) { if (count <= 4) { @@ -209,11 +206,11 @@ static int __f2fs_set_acl(struct inode *inode, int type, struct posix_acl *acl, struct page *ipage) { struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); - struct f2fs_inode_info *fi = F2FS_I(inode); int name_index; void *value = NULL; size_t size = 0; int error; + umode_t mode = 0; if (!test_opt(sbi, POSIX_ACL)) return 0; @@ -224,10 +221,10 @@ static int __f2fs_set_acl(struct inode *inode, int type, case ACL_TYPE_ACCESS: name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS; if (acl) { - error = posix_acl_equiv_mode(acl, &inode->i_mode); + mode = inode->i_mode; + error = posix_acl_equiv_mode(acl, &mode); if (error < 0) return error; - set_acl_inode(fi, inode->i_mode); if (error == 0) acl = NULL; } @@ -245,19 +242,15 @@ static int __f2fs_set_acl(struct inode *inode, int type, if (acl) { value = f2fs_acl_to_disk(acl, &size); - if (IS_ERR(value)) { - cond_clear_inode_flag(fi, FI_ACL_MODE); + if (IS_ERR(value)) return (int)PTR_ERR(value); - } } - error = f2fs_setxattr(inode, name_index, "", value, size, ipage); + error = f2fs_setxattr(inode, name_index, "", value, size, ipage, mode); kfree(value); if (!error) set_cached_acl(inode, type, acl); - - cond_clear_inode_flag(fi, FI_ACL_MODE); return error; } @@ -289,28 +282,3 @@ int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) return error; } - -int f2fs_acl_chmod(struct inode *inode) -{ - struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); - struct posix_acl *acl; - int error; - umode_t mode = get_inode_mode(inode); - - if (!test_opt(sbi, POSIX_ACL)) - return 0; - if (S_ISLNK(mode)) - return -EOPNOTSUPP; - - acl = f2fs_get_acl(inode, ACL_TYPE_ACCESS); - if (IS_ERR(acl) || !acl) - return PTR_ERR(acl); - - error = __posix_acl_chmod(&acl, GFP_KERNEL, mode); - if (error) - return error; - - error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); - posix_acl_release(acl); - return error; -} diff --git a/fs/f2fs/acl.h b/fs/f2fs/acl.h index 2af31fe..e086465 100644 --- a/fs/f2fs/acl.h +++ b/fs/f2fs/acl.h @@ -38,18 +38,12 @@ struct f2fs_acl_header { extern struct posix_acl *f2fs_get_acl(struct inode *, int); extern int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type); -extern int f2fs_acl_chmod(struct inode *); extern int f2fs_init_acl(struct inode *, struct inode *, struct page *); #else #define f2fs_check_acl NULL #define f2fs_get_acl NULL #define f2fs_set_acl NULL -static inline int f2fs_acl_chmod(struct inode *inode) -{ - return 0; -} - static inline int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *page) { diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 89dc750..1e774e6 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -181,7 +181,6 @@ struct f2fs_inode_info { unsigned char i_advise; /* use to give file attribute hints */ unsigned int i_current_depth; /* use only in directory structure */ unsigned int i_pino; /* parent inode number */ - umode_t i_acl_mode; /* keep file acl mode temporarily */ /* Use below internally in f2fs*/ unsigned long flags; /* use to pass per-file flags */ @@ -872,7 +871,6 @@ enum { FI_NEW_INODE, /* indicate newly allocated inode */ FI_DIRTY_INODE, /* indicate inode is dirty or not */ FI_INC_LINK, /* need to increment i_nlink */ - FI_ACL_MODE, /* indicate acl mode */ FI_NO_ALLOC, /* should not allocate any blocks */ FI_UPDATE_DIR, /* should update inode block for consistency */ FI_DELAY_IPUT, /* used for the recovery */ @@ -894,21 +892,6 @@ static inline void clear_inode_flag(struct f2fs_inode_info *fi, int flag) clear_bit(flag, &fi->flags); } -static inline void set_acl_inode(struct f2fs_inode_info *fi, umode_t mode) -{ - fi->i_acl_mode = mode; - set_inode_flag(fi, FI_ACL_MODE); -} - -static inline int cond_clear_inode_flag(struct f2fs_inode_info *fi, int flag) -{ - if (is_inode_flag_set(fi, FI_ACL_MODE)) { - clear_inode_flag(fi, FI_ACL_MODE); - return 1; - } - return 0; -} - static inline void get_inline_info(struct f2fs_inode_info *fi, struct f2fs_inode *ri) { diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 13eff60..80ef669 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -339,41 +339,9 @@ int f2fs_getattr(struct vfsmount *mnt, return 0; } -#ifdef CONFIG_F2FS_FS_POSIX_ACL -static void __setattr_copy(struct inode *inode, const struct iattr *attr) -{ - struct f2fs_inode_info *fi = F2FS_I(inode); - unsigned int ia_valid = attr->ia_valid; - - if (ia_valid & ATTR_UID) - inode->i_uid = attr->ia_uid; - if (ia_valid & ATTR_GID) - inode->i_gid = attr->ia_gid; - if (ia_valid & ATTR_ATIME) - inode->i_atime = timespec_trunc(attr->ia_atime, - inode->i_sb->s_time_gran); - if (ia_valid & ATTR_MTIME) - inode->i_mtime = timespec_trunc(attr->ia_mtime, - inode->i_sb->s_time_gran); - if (ia_valid & ATTR_CTIME) - inode->i_ctime = timespec_trunc(attr->ia_ctime, - inode->i_sb->s_time_gran); - if (ia_valid & ATTR_MODE) { - umode_t mode = attr->ia_mode; - - if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID)) - mode &= ~S_ISGID; - set_acl_inode(fi, mode); - } -} -#else -#define __setattr_copy setattr_copy -#endif - int f2fs_setattr(struct dentry *dentry, struct iattr *attr) { struct inode *inode = dentry->d_inode; - struct f2fs_inode_info *fi = F2FS_I(inode); int err; err = inode_change_ok(inode, attr); @@ -387,15 +355,9 @@ int f2fs_setattr(struct dentry *dentry, struct iattr *attr) f2fs_balance_fs(F2FS_SB(inode->i_sb)); } - __setattr_copy(inode, attr); - - if (attr->ia_valid & ATTR_MODE) { - err = f2fs_acl_chmod(inode); - if (err || is_inode_flag_set(fi, FI_ACL_MODE)) { - inode->i_mode = fi->i_acl_mode; - clear_inode_flag(fi, FI_ACL_MODE); - } - } + setattr_copy(inode, attr); + if (attr->ia_valid & ATTR_MODE) + err = posix_acl_chmod(inode); mark_inode_dirty(inode); return err; diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c index e2b9299..8820857 100644 --- a/fs/f2fs/xattr.c +++ b/fs/f2fs/xattr.c @@ -108,7 +108,7 @@ static int f2fs_xattr_generic_set(struct dentry *dentry, const char *name, if (strcmp(name, "") == 0) return -EINVAL; - return f2fs_setxattr(dentry->d_inode, type, name, value, size, NULL); + return f2fs_setxattr(dentry->d_inode, type, name, value, size, NULL, 0); } static size_t f2fs_xattr_advise_list(struct dentry *dentry, char *list, @@ -157,7 +157,7 @@ static int f2fs_xattr_advise_set(struct dentry *dentry, const char *name, #ifdef CONFIG_F2FS_FS_SECURITY static int __f2fs_setxattr(struct inode *inode, int name_index, const char *name, const void *value, size_t value_len, - struct page *ipage); + struct page *ipage, umode_t mode); static int f2fs_initxattrs(struct inode *inode, const struct xattr *xattr_array, void *page) { @@ -167,7 +167,7 @@ static int f2fs_initxattrs(struct inode *inode, const struct xattr *xattr_array, for (xattr = xattr_array; xattr->name != NULL; xattr++) { err = __f2fs_setxattr(inode, F2FS_XATTR_INDEX_SECURITY, xattr->name, xattr->value, - xattr->value_len, (struct page *)page); + xattr->value_len, (struct page *)page, 0); if (err < 0) break; } @@ -475,9 +475,8 @@ cleanup: static int __f2fs_setxattr(struct inode *inode, int name_index, const char *name, const void *value, size_t value_len, - struct page *ipage) + struct page *ipage, umode_t mode) { - struct f2fs_inode_info *fi = F2FS_I(inode); struct f2fs_xattr_entry *here, *last; void *base_addr; int found, newsize; @@ -566,10 +565,9 @@ static int __f2fs_setxattr(struct inode *inode, int name_index, if (error) goto exit; - if (is_inode_flag_set(fi, FI_ACL_MODE)) { - inode->i_mode = fi->i_acl_mode; + if (mode) { + inode->i_mode = mode; inode->i_ctime = CURRENT_TIME; - clear_inode_flag(fi, FI_ACL_MODE); } if (ipage) @@ -582,7 +580,8 @@ exit: } int f2fs_setxattr(struct inode *inode, int name_index, const char *name, - const void *value, size_t value_len, struct page *ipage) + const void *value, size_t value_len, struct page *ipage, + umode_t mode) { struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); int err; @@ -590,7 +589,8 @@ int f2fs_setxattr(struct inode *inode, int name_index, const char *name, f2fs_balance_fs(sbi); f2fs_lock_op(sbi); - err = __f2fs_setxattr(inode, name_index, name, value, value_len, ipage); + err = __f2fs_setxattr(inode, name_index, name, value, value_len, ipage, + mode); f2fs_unlock_op(sbi); return err; diff --git a/fs/f2fs/xattr.h b/fs/f2fs/xattr.h index b21d9eb..c73588a 100644 --- a/fs/f2fs/xattr.h +++ b/fs/f2fs/xattr.h @@ -114,14 +114,15 @@ extern const struct xattr_handler f2fs_xattr_security_handler; extern const struct xattr_handler *f2fs_xattr_handlers[]; extern int f2fs_setxattr(struct inode *, int, const char *, - const void *, size_t, struct page *); + const void *, size_t, struct page *, umode_t); extern int f2fs_getxattr(struct inode *, int, const char *, void *, size_t); extern ssize_t f2fs_listxattr(struct dentry *, char *, size_t); #else #define f2fs_xattr_handlers NULL static inline int f2fs_setxattr(struct inode *inode, int name_index, - const char *name, const void *value, size_t value_len) + const char *name, const void *value, size_t value_len, + umode_t mode) { return -EOPNOTSUPP; } -- To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Jaegeuk Kim
2013-Dec-08 23:28 UTC
Re: [PATCH 09/18] f2fs: use generic posix ACL infrastructure
2013-12-08 (일), 01:14 -0800, Christoph Hellwig:> On Fri, Dec 06, 2013 at 10:37:34AM +0900, Jaegeuk Kim wrote: > > f2fs caches a new mode bit for a while to make the consistency between > > xattr's acl mode and the inode mode. > > Can you explain what exactly you're trying to do there? I've been > trying to unwrap what's going on and can't really see the point: > > - i_acl_mode and FI_ACL_MODE get set in __setattr_copy, but right > after that call, still under i_mutex and before marking the inode > dirty f2fs_acl_chmod makes use of it, and it gets cleared right > after. Is there any race that could happen with a locked inode > not marked dirty yet on f2fs?As you guess, there is no race problem, but the problem is on acl consistency between xattr->mode and inode->mode. Previously, f2fs_setattr triggers: new_mode inode->mode xattr->mode iblock->mode f2fs_setattr x -> x y y [update_inode] x --- [ y ] ---> x [checkpoint] x y x __f2fs_setxattr x -> x x In this flow, f2fs is able to break the consistency between xattr->mode and iblock->mode after checkpoint followed by sudden-power-off. So, fi->mode was introduced to address the problem. The new f2fs_setattr triggers: new_mode inode->mode fi->mode xattr->mode iblock->mode f2fs_setattr x --- [y] ---> x y y [update_inode] y x y y [checkpoint] y x y y __f2fs_setxattr x <- x -> x -> x Finally, __f2fs_setxattr synchronizes inode->mode, xattr->mode, and iblock->mode all together. The root question is "is it possible to call update_inode in the i_mutex-covered region like f2fs_setattr?". The update_inode of f2fs is called from a bunch of places so currently I'm not sure it can be impossible. Thanks,> We could pass a mode argument > to posix_acl_create, but I'd prefer to avoid that if we can. > - on the set_acl side it gets set in __f2fs_set_acl, and then > i_mode is update in __f2fs_setxattr which could easily done with > a stack variable. > > RFC patch below: > > > diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c > index 4f52fe0f..6647545 100644 > --- a/fs/f2fs/acl.c > +++ b/fs/f2fs/acl.c > @@ -17,9 +17,6 @@ > #include "xattr.h" > #include "acl.h" > > -#define get_inode_mode(i) ((is_inode_flag_set(F2FS_I(i), FI_ACL_MODE)) ? \ > - (F2FS_I(i)->i_acl_mode) : ((i)->i_mode)) > - > static inline size_t f2fs_acl_size(int count) > { > if (count <= 4) { > @@ -209,11 +206,11 @@ static int __f2fs_set_acl(struct inode *inode, int type, > struct posix_acl *acl, struct page *ipage) > { > struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); > - struct f2fs_inode_info *fi = F2FS_I(inode); > int name_index; > void *value = NULL; > size_t size = 0; > int error; > + umode_t mode = 0; > > if (!test_opt(sbi, POSIX_ACL)) > return 0; > @@ -224,10 +221,10 @@ static int __f2fs_set_acl(struct inode *inode, int type, > case ACL_TYPE_ACCESS: > name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS; > if (acl) { > - error = posix_acl_equiv_mode(acl, &inode->i_mode); > + mode = inode->i_mode; > + error = posix_acl_equiv_mode(acl, &mode); > if (error < 0) > return error; > - set_acl_inode(fi, inode->i_mode); > if (error == 0) > acl = NULL; > } > @@ -245,19 +242,15 @@ static int __f2fs_set_acl(struct inode *inode, int type, > > if (acl) { > value = f2fs_acl_to_disk(acl, &size); > - if (IS_ERR(value)) { > - cond_clear_inode_flag(fi, FI_ACL_MODE); > + if (IS_ERR(value)) > return (int)PTR_ERR(value); > - } > } > > - error = f2fs_setxattr(inode, name_index, "", value, size, ipage); > + error = f2fs_setxattr(inode, name_index, "", value, size, ipage, mode); > > kfree(value); > if (!error) > set_cached_acl(inode, type, acl); > - > - cond_clear_inode_flag(fi, FI_ACL_MODE); > return error; > } > > @@ -289,28 +282,3 @@ int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage) > > return error; > } > - > -int f2fs_acl_chmod(struct inode *inode) > -{ > - struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); > - struct posix_acl *acl; > - int error; > - umode_t mode = get_inode_mode(inode); > - > - if (!test_opt(sbi, POSIX_ACL)) > - return 0; > - if (S_ISLNK(mode)) > - return -EOPNOTSUPP; > - > - acl = f2fs_get_acl(inode, ACL_TYPE_ACCESS); > - if (IS_ERR(acl) || !acl) > - return PTR_ERR(acl); > - > - error = __posix_acl_chmod(&acl, GFP_KERNEL, mode); > - if (error) > - return error; > - > - error = __f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL); > - posix_acl_release(acl); > - return error; > -} > diff --git a/fs/f2fs/acl.h b/fs/f2fs/acl.h > index 2af31fe..e086465 100644 > --- a/fs/f2fs/acl.h > +++ b/fs/f2fs/acl.h > @@ -38,18 +38,12 @@ struct f2fs_acl_header { > > extern struct posix_acl *f2fs_get_acl(struct inode *, int); > extern int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type); > -extern int f2fs_acl_chmod(struct inode *); > extern int f2fs_init_acl(struct inode *, struct inode *, struct page *); > #else > #define f2fs_check_acl NULL > #define f2fs_get_acl NULL > #define f2fs_set_acl NULL > > -static inline int f2fs_acl_chmod(struct inode *inode) > -{ > - return 0; > -} > - > static inline int f2fs_init_acl(struct inode *inode, struct inode *dir, > struct page *page) > { > diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h > index 89dc750..1e774e6 100644 > --- a/fs/f2fs/f2fs.h > +++ b/fs/f2fs/f2fs.h > @@ -181,7 +181,6 @@ struct f2fs_inode_info { > unsigned char i_advise; /* use to give file attribute hints */ > unsigned int i_current_depth; /* use only in directory structure */ > unsigned int i_pino; /* parent inode number */ > - umode_t i_acl_mode; /* keep file acl mode temporarily */ > > /* Use below internally in f2fs*/ > unsigned long flags; /* use to pass per-file flags */ > @@ -872,7 +871,6 @@ enum { > FI_NEW_INODE, /* indicate newly allocated inode */ > FI_DIRTY_INODE, /* indicate inode is dirty or not */ > FI_INC_LINK, /* need to increment i_nlink */ > - FI_ACL_MODE, /* indicate acl mode */ > FI_NO_ALLOC, /* should not allocate any blocks */ > FI_UPDATE_DIR, /* should update inode block for consistency */ > FI_DELAY_IPUT, /* used for the recovery */ > @@ -894,21 +892,6 @@ static inline void clear_inode_flag(struct f2fs_inode_info *fi, int flag) > clear_bit(flag, &fi->flags); > } > > -static inline void set_acl_inode(struct f2fs_inode_info *fi, umode_t mode) > -{ > - fi->i_acl_mode = mode; > - set_inode_flag(fi, FI_ACL_MODE); > -} > - > -static inline int cond_clear_inode_flag(struct f2fs_inode_info *fi, int flag) > -{ > - if (is_inode_flag_set(fi, FI_ACL_MODE)) { > - clear_inode_flag(fi, FI_ACL_MODE); > - return 1; > - } > - return 0; > -} > - > static inline void get_inline_info(struct f2fs_inode_info *fi, > struct f2fs_inode *ri) > { > diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c > index 13eff60..80ef669 100644 > --- a/fs/f2fs/file.c > +++ b/fs/f2fs/file.c > @@ -339,41 +339,9 @@ int f2fs_getattr(struct vfsmount *mnt, > return 0; > } > > -#ifdef CONFIG_F2FS_FS_POSIX_ACL > -static void __setattr_copy(struct inode *inode, const struct iattr *attr) > -{ > - struct f2fs_inode_info *fi = F2FS_I(inode); > - unsigned int ia_valid = attr->ia_valid; > - > - if (ia_valid & ATTR_UID) > - inode->i_uid = attr->ia_uid; > - if (ia_valid & ATTR_GID) > - inode->i_gid = attr->ia_gid; > - if (ia_valid & ATTR_ATIME) > - inode->i_atime = timespec_trunc(attr->ia_atime, > - inode->i_sb->s_time_gran); > - if (ia_valid & ATTR_MTIME) > - inode->i_mtime = timespec_trunc(attr->ia_mtime, > - inode->i_sb->s_time_gran); > - if (ia_valid & ATTR_CTIME) > - inode->i_ctime = timespec_trunc(attr->ia_ctime, > - inode->i_sb->s_time_gran); > - if (ia_valid & ATTR_MODE) { > - umode_t mode = attr->ia_mode; > - > - if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID)) > - mode &= ~S_ISGID; > - set_acl_inode(fi, mode); > - } > -} > -#else > -#define __setattr_copy setattr_copy > -#endif > - > int f2fs_setattr(struct dentry *dentry, struct iattr *attr) > { > struct inode *inode = dentry->d_inode; > - struct f2fs_inode_info *fi = F2FS_I(inode); > int err; > > err = inode_change_ok(inode, attr); > @@ -387,15 +355,9 @@ int f2fs_setattr(struct dentry *dentry, struct iattr *attr) > f2fs_balance_fs(F2FS_SB(inode->i_sb)); > } > > - __setattr_copy(inode, attr); > - > - if (attr->ia_valid & ATTR_MODE) { > - err = f2fs_acl_chmod(inode); > - if (err || is_inode_flag_set(fi, FI_ACL_MODE)) { > - inode->i_mode = fi->i_acl_mode; > - clear_inode_flag(fi, FI_ACL_MODE); > - } > - } > + setattr_copy(inode, attr); > + if (attr->ia_valid & ATTR_MODE) > + err = posix_acl_chmod(inode); > > mark_inode_dirty(inode); > return err; > diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c > index e2b9299..8820857 100644 > --- a/fs/f2fs/xattr.c > +++ b/fs/f2fs/xattr.c > @@ -108,7 +108,7 @@ static int f2fs_xattr_generic_set(struct dentry *dentry, const char *name, > if (strcmp(name, "") == 0) > return -EINVAL; > > - return f2fs_setxattr(dentry->d_inode, type, name, value, size, NULL); > + return f2fs_setxattr(dentry->d_inode, type, name, value, size, NULL, 0); > } > > static size_t f2fs_xattr_advise_list(struct dentry *dentry, char *list, > @@ -157,7 +157,7 @@ static int f2fs_xattr_advise_set(struct dentry *dentry, const char *name, > #ifdef CONFIG_F2FS_FS_SECURITY > static int __f2fs_setxattr(struct inode *inode, int name_index, > const char *name, const void *value, size_t value_len, > - struct page *ipage); > + struct page *ipage, umode_t mode); > static int f2fs_initxattrs(struct inode *inode, const struct xattr *xattr_array, > void *page) > { > @@ -167,7 +167,7 @@ static int f2fs_initxattrs(struct inode *inode, const struct xattr *xattr_array, > for (xattr = xattr_array; xattr->name != NULL; xattr++) { > err = __f2fs_setxattr(inode, F2FS_XATTR_INDEX_SECURITY, > xattr->name, xattr->value, > - xattr->value_len, (struct page *)page); > + xattr->value_len, (struct page *)page, 0); > if (err < 0) > break; > } > @@ -475,9 +475,8 @@ cleanup: > > static int __f2fs_setxattr(struct inode *inode, int name_index, > const char *name, const void *value, size_t value_len, > - struct page *ipage) > + struct page *ipage, umode_t mode) > { > - struct f2fs_inode_info *fi = F2FS_I(inode); > struct f2fs_xattr_entry *here, *last; > void *base_addr; > int found, newsize; > @@ -566,10 +565,9 @@ static int __f2fs_setxattr(struct inode *inode, int name_index, > if (error) > goto exit; > > - if (is_inode_flag_set(fi, FI_ACL_MODE)) { > - inode->i_mode = fi->i_acl_mode; > + if (mode) { > + inode->i_mode = mode; > inode->i_ctime = CURRENT_TIME; > - clear_inode_flag(fi, FI_ACL_MODE); > } > > if (ipage) > @@ -582,7 +580,8 @@ exit: > } > > int f2fs_setxattr(struct inode *inode, int name_index, const char *name, > - const void *value, size_t value_len, struct page *ipage) > + const void *value, size_t value_len, struct page *ipage, > + umode_t mode) > { > struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); > int err; > @@ -590,7 +589,8 @@ int f2fs_setxattr(struct inode *inode, int name_index, const char *name, > f2fs_balance_fs(sbi); > > f2fs_lock_op(sbi); > - err = __f2fs_setxattr(inode, name_index, name, value, value_len, ipage); > + err = __f2fs_setxattr(inode, name_index, name, value, value_len, ipage, > + mode); > f2fs_unlock_op(sbi); > > return err; > diff --git a/fs/f2fs/xattr.h b/fs/f2fs/xattr.h > index b21d9eb..c73588a 100644 > --- a/fs/f2fs/xattr.h > +++ b/fs/f2fs/xattr.h > @@ -114,14 +114,15 @@ extern const struct xattr_handler f2fs_xattr_security_handler; > extern const struct xattr_handler *f2fs_xattr_handlers[]; > > extern int f2fs_setxattr(struct inode *, int, const char *, > - const void *, size_t, struct page *); > + const void *, size_t, struct page *, umode_t); > extern int f2fs_getxattr(struct inode *, int, const char *, void *, size_t); > extern ssize_t f2fs_listxattr(struct dentry *, char *, size_t); > #else > > #define f2fs_xattr_handlers NULL > static inline int f2fs_setxattr(struct inode *inode, int name_index, > - const char *name, const void *value, size_t value_len) > + const char *name, const void *value, size_t value_len, > + umode_t mode) > { > return -EOPNOTSUPP; > } > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html-- Jaegeuk Kim Samsung _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs