search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'tools/kvm'
[linux-2.6/x86.git] / fs / generic_acl.c
blob8f26d1a5891226acc324798ed84bdeb27950145c
1 /*
2 * (C) 2005 Andreas Gruenbacher <agruen@suse.de>
3 *
4 * This file is released under the GPL.
5 *
6 * Generic ACL support for in-memory filesystems.
7 */
8
9 #include <linux/sched.h>
10 #include <linux/gfp.h>
11 #include <linux/fs.h>
12 #include <linux/generic_acl.h>
13 #include <linux/posix_acl.h>
14 #include <linux/posix_acl_xattr.h>
15
16
17 static size_t
18 generic_acl_list(struct dentry *dentry, char *list, size_t list_size,
19 const char *name, size_t name_len, int type)
20 {
21 struct posix_acl *acl;
22 const char *xname;
23 size_t size;
24
25 acl = get_cached_acl(dentry->d_inode, type);
26 if (!acl)
27 return 0;
28 posix_acl_release(acl);
29
30 switch (type) {
31 case ACL_TYPE_ACCESS:
32 xname = POSIX_ACL_XATTR_ACCESS;
33 break;
34 case ACL_TYPE_DEFAULT:
35 xname = POSIX_ACL_XATTR_DEFAULT;
36 break;
37 default:
38 return 0;
39 }
40 size = strlen(xname) + 1;
41 if (list && size <= list_size)
42 memcpy(list, xname, size);
43 return size;
44 }
45
46 static int
47 generic_acl_get(struct dentry *dentry, const char *name, void *buffer,
48 size_t size, int type)
49 {
50 struct posix_acl *acl;
51 int error;
52
53 if (strcmp(name, "") != 0)
54 return -EINVAL;
55
56 acl = get_cached_acl(dentry->d_inode, type);
57 if (!acl)
58 return -ENODATA;
59 error = posix_acl_to_xattr(acl, buffer, size);
60 posix_acl_release(acl);
61
62 return error;
63 }
64
65 static int
66 generic_acl_set(struct dentry *dentry, const char *name, const void *value,
67 size_t size, int flags, int type)
68 {
69 struct inode *inode = dentry->d_inode;
70 struct posix_acl *acl = NULL;
71 int error;
72
73 if (strcmp(name, "") != 0)
74 return -EINVAL;
75 if (S_ISLNK(inode->i_mode))
76 return -EOPNOTSUPP;
77 if (!inode_owner_or_capable(inode))
78 return -EPERM;
79 if (value) {
80 acl = posix_acl_from_xattr(value, size);
81 if (IS_ERR(acl))
82 return PTR_ERR(acl);
83 }
84 if (acl) {
85 mode_t mode;
86
87 error = posix_acl_valid(acl);
88 if (error)
89 goto failed;
90 switch (type) {
91 case ACL_TYPE_ACCESS:
92 mode = inode->i_mode;
93 error = posix_acl_equiv_mode(acl, &mode);
94 if (error < 0)
95 goto failed;
96 inode->i_mode = mode;
97 inode->i_ctime = CURRENT_TIME;
98 if (error == 0) {
99 posix_acl_release(acl);
100 acl = NULL;
101 }
102 break;
103 case ACL_TYPE_DEFAULT:
104 if (!S_ISDIR(inode->i_mode)) {
105 error = -EINVAL;
106 goto failed;
107 }
108 break;
109 }
110 }
111 set_cached_acl(inode, type, acl);
112 error = 0;
113 failed:
114 posix_acl_release(acl);
115 return error;
116 }
117
118 /**
119 * generic_acl_init - Take care of acl inheritance at @inode create time
120 *
121 * Files created inside a directory with a default ACL inherit the
122 * directory's default ACL.
123 */
124 int
125 generic_acl_init(struct inode *inode, struct inode *dir)
126 {
127 struct posix_acl *acl = NULL;
128 mode_t mode = inode->i_mode;
129 int error;
130
131 inode->i_mode = mode & ~current_umask();
132 if (!S_ISLNK(inode->i_mode))
133 acl = get_cached_acl(dir, ACL_TYPE_DEFAULT);
134 if (acl) {
135 struct posix_acl *clone;
136
137 if (S_ISDIR(inode->i_mode)) {
138 clone = posix_acl_clone(acl, GFP_KERNEL);
139 error = -ENOMEM;
140 if (!clone)
141 goto cleanup;
142 set_cached_acl(inode, ACL_TYPE_DEFAULT, clone);
143 posix_acl_release(clone);
144 }
145 clone = posix_acl_clone(acl, GFP_KERNEL);
146 error = -ENOMEM;
147 if (!clone)
148 goto cleanup;
149 error = posix_acl_create_masq(clone, &mode);
150 if (error >= 0) {
151 inode->i_mode = mode;
152 if (error > 0)
153 set_cached_acl(inode, ACL_TYPE_ACCESS, clone);
154 }
155 posix_acl_release(clone);
156 }
157 error = 0;
158
159 cleanup:
160 posix_acl_release(acl);
161 return error;
162 }
163
164 /**
165 * generic_acl_chmod - change the access acl of @inode upon chmod()
166 *
167 * A chmod also changes the permissions of the owner, group/mask, and
168 * other ACL entries.
169 */
170 int
171 generic_acl_chmod(struct inode *inode)
172 {
173 struct posix_acl *acl, *clone;
174 int error = 0;
175
176 if (S_ISLNK(inode->i_mode))
177 return -EOPNOTSUPP;
178 acl = get_cached_acl(inode, ACL_TYPE_ACCESS);
179 if (acl) {
180 clone = posix_acl_clone(acl, GFP_KERNEL);
181 posix_acl_release(acl);
182 if (!clone)
183 return -ENOMEM;
184 error = posix_acl_chmod_masq(clone, inode->i_mode);
185 if (!error)
186 set_cached_acl(inode, ACL_TYPE_ACCESS, clone);
187 posix_acl_release(clone);
188 }
189 return error;
190 }
191
192 int
193 generic_check_acl(struct inode *inode, int mask, unsigned int flags)
194 {
195 if (flags & IPERM_FLAG_RCU) {
196 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
197 return -ECHILD;
198 } else {
199 struct posix_acl *acl;
200
201 acl = get_cached_acl(inode, ACL_TYPE_ACCESS);
202 if (acl) {
203 int error = posix_acl_permission(inode, acl, mask);
204 posix_acl_release(acl);
205 return error;
206 }
207 }
208 return -EAGAIN;
209 }
210
211 const struct xattr_handler generic_acl_access_handler = {
212 .prefix = POSIX_ACL_XATTR_ACCESS,
213 .flags = ACL_TYPE_ACCESS,
214 .list = generic_acl_list,
215 .get = generic_acl_get,
216 .set = generic_acl_set,
217 };
218
219 const struct xattr_handler generic_acl_default_handler = {
220 .prefix = POSIX_ACL_XATTR_DEFAULT,
221 .flags = ACL_TYPE_DEFAULT,
222 .list = generic_acl_list,
223 .get = generic_acl_get,
224 .set = generic_acl_set,
225 };
x86 "subsystem" repository