summaryrefslogtreecommitdiffstats
path: root/fs/9p/acl.c
AgeCommit message (Collapse)AuthorFilesLines
2013-02-269p: switch v9fs_set_create_acl() to inode+fid, do it before d_instantiate()Al Viro1-8/+5
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-269p: split dropping the acls from v9fs_set_create_acl()Al Viro1-12/+14
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-269p: switch v9fs_acl_chmod() from dentry to inode+fidAl Viro1-5/+1
caller has both, might as well pass them explicitly. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-269p: switch v9fs_set_acl() from dentry to fidAl Viro1-5/+12
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-269p: lift the call of set_cached_acl() into the callers of v9fs_set_acl()Al Viro1-4/+3
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-09-18userns: Pass a userns parameter into posix_acl_to_xattr and posix_acl_from_xattrEric W. Biederman1-4/+4
- Pass the user namespace the uid and gid values in the xattr are stored in into posix_acl_from_xattr. - Pass the user namespace kuid and kgid values should be converted into when storing uid and gid values in an xattr in posix_acl_to_xattr. - Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to pass in &init_user_ns. In the short term this change is not strictly needed but it makes the code clearer. In the longer term this change is necessary to be able to mount filesystems outside of the initial user namespace that natively store posix acls in the linux xattr format. Cc: Theodore Tso <tytso@mit.edu> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andreas Dilger <adilger.kernel@dilger.ca> Cc: Jan Kara <jack@suse.cz> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2011-08-01switch posix_acl_equiv_mode() to umode_t *Al Viro1-1/+1
... so that &inode->i_mode could be passed to it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-08-01switch posix_acl_create() to umode_t *Al Viro1-2/+2
so we can pass &inode->i_mode to it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25p9: avoid unused variable warningLinus Torvalds1-1/+0
Commit 4e34e719e457 ("fs: take the ACL checks to common code") removed the use of the 'acl' variable in v9fs_iop_get_acl(), but left the variable definition around. Remove it to get rid of the warning: fs/9p/acl.c: In function ‘v9fs_iop_get_acl’: fs/9p/acl.c:101:20: warning: unused variable ‘acl’ Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-07-25fs: take the ACL checks to common codeChristoph Hellwig1-11/+3
Replace the ->check_acl method with a ->get_acl method that simply reads an ACL from disk after having a cache miss. This means we can replace the ACL checking boilerplate code with a single implementation in namei.c. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25kill boilerplates around posix_acl_create_masq()Al Viro1-17/+5
new helper: posix_acl_create(&acl, gfp, mode_p). Replaces acl with modified clone, on failure releases acl and replaces with NULL. Returns 0 or -ve on error. All callers of posix_acl_create_masq() switched. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25kill boilerplate around posix_acl_chmod_masq()Al Viro1-8/+5
new helper: posix_acl_chmod(&acl, gfp, mode). Replaces acl with modified clone or with NULL if that has failed; returns 0 or -ve on error. All callers of posix_acl_chmod_masq() switched to that - they'd been doing exactly the same thing. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-259p: do no return 0 from ->check_acl without actually checkingChristoph Hellwig1-1/+1
If we do not want to use ACLs we at least need to perform normal Unix permission checks. From the comment I'm not quite sure that's what is intended, but if 0p wants to do permission checks entirely on the server it needs to do so in ->permission, not in ->check_acl. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25vfs: move ACL cache lookup into generic codeLinus Torvalds1-3/+0
This moves logic for checking the cached ACL values from low-level filesystems into generic code. The end result is a streamlined ACL check that doesn't need to load the inode->i_op->check_acl pointer at all for the common cached case. The filesystems also don't need to check for a non-blocking RCU walk case in their acl_check() functions, because that is all handled at a VFS layer. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-249p: close ACL leaksAl Viro1-9/+13
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20->permission() sanitizing: don't pass flags to ->check_acl()Al Viro1-1/+1
not used in the instances anymore. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()Al Viro1-1/+1
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-03-23userns: rename is_owner_or_cap to inode_owner_or_capableSerge E. Hallyn1-1/+1
And give it a kernel-doc comment. [akpm@linux-foundation.org: btrfs changed in linux-next] Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-22fs/9p: Add v9fs_dentry2v9sesAneesh Kumar K.V1-2/+2
Add the new static inline and use the same Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-03-15fs/9p: Add inode hashingAneesh Kumar K.V1-1/+1
We didn't add the inode to inode hash in 9p. We need to do that to get sync to work, otherwise __mark_inode_dirty will not add the inode to super block's dirty list. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-03-15[fs/9P] Add posixacl mount optionVenkateswararao Jujjuri (JV)1-3/+5
The mount option access=client is overloaded as it assumes acl too. Adding posixacl option to enable POSIX ACLs makes it explicit and clear. Also it is convenient in the future to add other types of acls like richacls. Ideally, the access mode 'client' should be just like V9FS_ACCESS_USER except it underscores the location of access check. Traditional 9P protocol lets the server perform access checks but with this mode, all the access checks will be performed on the client itself. Server just follows the client's directive. Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-03-15[fs/9p] Initialze cached acls both in cached/uncached mode.Venkateswararao Jujjuri (JV)1-4/+6
With create/mkdir/mknod in non cached mode we initialize the inode using v9fs_get_inode. v9fs_get_inode doesn't initialize the cache inode value to NULL. This is causing to trip on BUG_ON in v9fs_get_cached_acl. Fix is to initialize acls to NULL and not to leave them in ACL_NOT_CACHED state. Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-03-15[fs/9p] Plug potential acl leakVenkateswararao Jujjuri (JV)1-2/+6
In v9fs_get_acl() if __v9fs_get_acl() gets only one of the dacl/pacl we are not releasing it. Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-01-11fs/9p: Fix the return error on default acl removalAneesh Kumar K.V1-1/+1
If we don't have default ACL, then trying to remove default acl on a file should return 0. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
2011-01-11fs/9p: Remove unnecessary semicolonsJoe Perches1-1/+1
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-01-07fs: provide rcu-walk aware permission i_opsNick Piggin1-1/+4
Signed-off-by: Nick Piggin <npiggin@kernel.dk>
2010-10-28fs/9p: Add access = client option to opt in acl evaluation.Aneesh Kumar K.V1-1/+77
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2010-10-28fs/9p: Implement create time inheritanceAneesh Kumar K.V1-0/+52
Inherit default ACL on create Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2010-10-28fs/9p: Update ACL on chmodAneesh Kumar K.V1-0/+55
We need update the acl value on chmod Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2010-10-28fs/9p: Implement setting posix aclAneesh Kumar K.V1-1/+73
This patch also update mode bits, as a normal file system. I am not sure wether we should do that, considering that a setxattr on the server will again update the ACL/mode value Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2010-10-28fs/9p: Add xattr callbacks for POSIX ACLAneesh Kumar K.V1-0/+41
This patch implement fetching POSIX ACL from the server Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2010-10-28fs/9p: Implement POSIX ACL permission checking functionAneesh Kumar K.V1-0/+96
The ACL value is fetched as a part of inode initialization from the server and the permission checking function use the cached value of the ACL Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>