search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
[linux-2.6/cjktty.git] / fs / gfs2 / acl.c
blob7118f1a780a9592ac67114f25ca7e9e040f937d4
1 /*
2 * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
3 * Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved.
4 *
5 * This copyrighted material is made available to anyone wishing to use,
6 * modify, copy, or redistribute it subject to the terms and conditions
7 * of the GNU General Public License version 2.
8 */
9
10 #include <linux/sched.h>
11 #include <linux/slab.h>
12 #include <linux/spinlock.h>
13 #include <linux/completion.h>
14 #include <linux/buffer_head.h>
15 #include <linux/xattr.h>
16 #include <linux/posix_acl.h>
17 #include <linux/posix_acl_xattr.h>
18 #include <linux/gfs2_ondisk.h>
19
20 #include "gfs2.h"
21 #include "incore.h"
22 #include "acl.h"
23 #include "xattr.h"
24 #include "glock.h"
25 #include "inode.h"
26 #include "meta_io.h"
27 #include "trans.h"
28 #include "util.h"
29
30 static const char *gfs2_acl_name(int type)
31 {
32 switch (type) {
33 case ACL_TYPE_ACCESS:
34 return GFS2_POSIX_ACL_ACCESS;
35 case ACL_TYPE_DEFAULT:
36 return GFS2_POSIX_ACL_DEFAULT;
37 }
38 return NULL;
39 }
40
41 static struct posix_acl *gfs2_acl_get(struct gfs2_inode *ip, int type)
42 {
43 struct posix_acl *acl;
44 const char *name;
45 char *data;
46 int len;
47
48 if (!ip->i_eattr)
49 return NULL;
50
51 acl = get_cached_acl(&ip->i_inode, type);
52 if (acl != ACL_NOT_CACHED)
53 return acl;
54
55 name = gfs2_acl_name(type);
56 if (name == NULL)
57 return ERR_PTR(-EINVAL);
58
59 len = gfs2_xattr_acl_get(ip, name, &data);
60 if (len < 0)
61 return ERR_PTR(len);
62 if (len == 0)
63 return NULL;
64
65 acl = posix_acl_from_xattr(data, len);
66 kfree(data);
67 return acl;
68 }
69
70 /**
71 * gfs2_check_acl - Check an ACL to see if we're allowed to do something
72 * @inode: the file we want to do something to
73 * @mask: what we want to do
74 *
75 * Returns: errno
76 */
77
78 int gfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
79 {
80 struct posix_acl *acl;
81 int error;
82
83 if (flags & IPERM_FLAG_RCU)
84 return -ECHILD;
85
86 acl = gfs2_acl_get(GFS2_I(inode), ACL_TYPE_ACCESS);
87 if (IS_ERR(acl))
88 return PTR_ERR(acl);
89
90 if (acl) {
91 error = posix_acl_permission(inode, acl, mask);
92 posix_acl_release(acl);
93 return error;
94 }
95
96 return -EAGAIN;
97 }
98
99 static int gfs2_set_mode(struct inode *inode, mode_t mode)
100 {
101 int error = 0;
102
103 if (mode != inode->i_mode) {
104 struct iattr iattr;
105
106 iattr.ia_valid = ATTR_MODE;
107 iattr.ia_mode = mode;
108
109 error = gfs2_setattr_simple(GFS2_I(inode), &iattr);
110 }
111
112 return error;
113 }
114
115 static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
116 {
117 int error;
118 int len;
119 char *data;
120 const char *name = gfs2_acl_name(type);
121
122 BUG_ON(name == NULL);
123 len = posix_acl_to_xattr(acl, NULL, 0);
124 if (len == 0)
125 return 0;
126 data = kmalloc(len, GFP_NOFS);
127 if (data == NULL)
128 return -ENOMEM;
129 error = posix_acl_to_xattr(acl, data, len);
130 if (error < 0)
131 goto out;
132 error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS);
133 if (!error)
134 set_cached_acl(inode, type, acl);
135 out:
136 kfree(data);
137 return error;
138 }
139
140 int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode)
141 {
142 struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
143 struct posix_acl *acl, *clone;
144 mode_t mode = inode->i_mode;
145 int error = 0;
146
147 if (!sdp->sd_args.ar_posix_acl)
148 return 0;
149 if (S_ISLNK(inode->i_mode))
150 return 0;
151
152 acl = gfs2_acl_get(dip, ACL_TYPE_DEFAULT);
153 if (IS_ERR(acl))
154 return PTR_ERR(acl);
155 if (!acl) {
156 mode &= ~current_umask();
157 if (mode != inode->i_mode)
158 error = gfs2_set_mode(inode, mode);
159 return error;
160 }
161
162 if (S_ISDIR(inode->i_mode)) {
163 error = gfs2_acl_set(inode, ACL_TYPE_DEFAULT, acl);
164 if (error)
165 goto out;
166 }
167
168 clone = posix_acl_clone(acl, GFP_NOFS);
169 error = -ENOMEM;
170 if (!clone)
171 goto out;
172 posix_acl_release(acl);
173 acl = clone;
174
175 error = posix_acl_create_masq(acl, &mode);
176 if (error < 0)
177 goto out;
178 if (error == 0)
179 goto munge;
180
181 error = gfs2_acl_set(inode, ACL_TYPE_ACCESS, acl);
182 if (error)
183 goto out;
184 munge:
185 error = gfs2_set_mode(inode, mode);
186 out:
187 posix_acl_release(acl);
188 return error;
189 }
190
191 int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
192 {
193 struct posix_acl *acl, *clone;
194 char *data;
195 unsigned int len;
196 int error;
197
198 acl = gfs2_acl_get(ip, ACL_TYPE_ACCESS);
199 if (IS_ERR(acl))
200 return PTR_ERR(acl);
201 if (!acl)
202 return gfs2_setattr_simple(ip, attr);
203
204 clone = posix_acl_clone(acl, GFP_NOFS);
205 error = -ENOMEM;
206 if (!clone)
207 goto out;
208 posix_acl_release(acl);
209 acl = clone;
210
211 error = posix_acl_chmod_masq(acl, attr->ia_mode);
212 if (!error) {
213 len = posix_acl_to_xattr(acl, NULL, 0);
214 data = kmalloc(len, GFP_NOFS);
215 error = -ENOMEM;
216 if (data == NULL)
217 goto out;
218 posix_acl_to_xattr(acl, data, len);
219 error = gfs2_xattr_acl_chmod(ip, attr, data);
220 kfree(data);
221 set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl);
222 }
223
224 out:
225 posix_acl_release(acl);
226 return error;
227 }
228
229 static int gfs2_acl_type(const char *name)
230 {
231 if (strcmp(name, GFS2_POSIX_ACL_ACCESS) == 0)
232 return ACL_TYPE_ACCESS;
233 if (strcmp(name, GFS2_POSIX_ACL_DEFAULT) == 0)
234 return ACL_TYPE_DEFAULT;
235 return -EINVAL;
236 }
237
238 static int gfs2_xattr_system_get(struct dentry *dentry, const char *name,
239 void *buffer, size_t size, int xtype)
240 {
241 struct inode *inode = dentry->d_inode;
242 struct gfs2_sbd *sdp = GFS2_SB(inode);
243 struct posix_acl *acl;
244 int type;
245 int error;
246
247 if (!sdp->sd_args.ar_posix_acl)
248 return -EOPNOTSUPP;
249
250 type = gfs2_acl_type(name);
251 if (type < 0)
252 return type;
253
254 acl = gfs2_acl_get(GFS2_I(inode), type);
255 if (IS_ERR(acl))
256 return PTR_ERR(acl);
257 if (acl == NULL)
258 return -ENODATA;
259
260 error = posix_acl_to_xattr(acl, buffer, size);
261 posix_acl_release(acl);
262
263 return error;
264 }
265
266 static int gfs2_xattr_system_set(struct dentry *dentry, const char *name,
267 const void *value, size_t size, int flags,
268 int xtype)
269 {
270 struct inode *inode = dentry->d_inode;
271 struct gfs2_sbd *sdp = GFS2_SB(inode);
272 struct posix_acl *acl = NULL;
273 int error = 0, type;
274
275 if (!sdp->sd_args.ar_posix_acl)
276 return -EOPNOTSUPP;
277
278 type = gfs2_acl_type(name);
279 if (type < 0)
280 return type;
281 if (flags & XATTR_CREATE)
282 return -EINVAL;
283 if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode))
284 return value ? -EACCES : 0;
285 if ((current_fsuid() != inode->i_uid) && !capable(CAP_FOWNER))
286 return -EPERM;
287 if (S_ISLNK(inode->i_mode))
288 return -EOPNOTSUPP;
289
290 if (!value)
291 goto set_acl;
292
293 acl = posix_acl_from_xattr(value, size);
294 if (!acl) {
295 /*
296 * acl_set_file(3) may request that we set default ACLs with
297 * zero length -- defend (gracefully) against that here.
298 */
299 goto out;
300 }
301 if (IS_ERR(acl)) {
302 error = PTR_ERR(acl);
303 goto out;
304 }
305
306 error = posix_acl_valid(acl);
307 if (error)
308 goto out_release;
309
310 error = -EINVAL;
311 if (acl->a_count > GFS2_ACL_MAX_ENTRIES)
312 goto out_release;
313
314 if (type == ACL_TYPE_ACCESS) {
315 mode_t mode = inode->i_mode;
316 error = posix_acl_equiv_mode(acl, &mode);
317
318 if (error <= 0) {
319 posix_acl_release(acl);
320 acl = NULL;
321
322 if (error < 0)
323 return error;
324 }
325
326 error = gfs2_set_mode(inode, mode);
327 if (error)
328 goto out_release;
329 }
330
331 set_acl:
332 error = __gfs2_xattr_set(inode, name, value, size, 0, GFS2_EATYPE_SYS);
333 if (!error) {
334 if (acl)
335 set_cached_acl(inode, type, acl);
336 else
337 forget_cached_acl(inode, type);
338 }
339 out_release:
340 posix_acl_release(acl);
341 out:
342 return error;
343 }
344
345 const struct xattr_handler gfs2_xattr_system_handler = {
346 .prefix = XATTR_SYSTEM_PREFIX,
347 .flags = GFS2_EATYPE_SYS,
348 .get = gfs2_xattr_system_get,
349 .set = gfs2_xattr_system_set,
350 };
351
CJK support for tty framebuffer vt