Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
phyus
/
linux-vybrid_public
8
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Browse Source

[PATCH] remove xfs xattr permission checks

remove checks now in the VFS

XFS has an additional xattr interface through obscure ioctl.  it requires
raised capabilities but we need to add some read-only/immutable checks anyway

Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Nathan Scott <nathans@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Christoph Hellwig 19 năm trước cách đây
mục cha
b98932cb51
commit
3542c6e18f
2 tập tin đã thay đổi với 8 bổ sung26 xóa
Split View Hiển thị tình trạng sai khác
  1. 5 0
      fs/xfs/linux-2.6/xfs_ioctl.c
  2. 3 26
      fs/xfs/xfs_attr.c

+ 5 - 0
fs/xfs/linux-2.6/xfs_ioctl.c
Xem Tập Tin 

@@ -530,6 +530,8 @@ xfs_attrmulti_attr_set(
 
 	char			*kbuf;
 
 	int			error = EFAULT;
 
 
+	if (IS_RDONLY(&vp->v_inode))
 
+		return -EROFS;
 
 	if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
 
 		return EPERM;
 
 	if (len > XATTR_SIZE_MAX)
 
@@ -557,6 +559,9 @@ xfs_attrmulti_attr_remove(
 
 {
 
 	int			error;
 
 
+
 
+	if (IS_RDONLY(&vp->v_inode))
 
+		return -EROFS;
 
 	if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
 
 		return EPERM;

+ 3 - 26
fs/xfs/xfs_attr.c
Xem Tập Tin 

@@ -117,11 +117,6 @@ xfs_attr_fetch(xfs_inode_t *ip, const char *name, int namelen,
 
 	     ip->i_d.di_anextents == 0))
 
 		return(ENOATTR);
 
 
-	if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) {
 
-		if ((error = xfs_iaccess(ip, S_IRUSR, cred)))
 
-			return(XFS_ERROR(error));
 
-	}
 
-
 
 	/*
 
 	 * Fill in the arg structure for this request.
 
 	 */
 
@@ -425,7 +420,7 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f
 
 	     struct cred *cred)
 
 {
 
 	xfs_inode_t	*dp;
 
-	int             namelen, error;
 
+	int             namelen;
 
 
 	namelen = strlen(name);
 
 	if (namelen >= MAXNAMELEN)
 
@@ -437,14 +432,6 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f
 
 	if (XFS_FORCED_SHUTDOWN(dp->i_mount))
 
 		return (EIO);
 
 
-	xfs_ilock(dp, XFS_ILOCK_SHARED);
 
-	if (!(flags & ATTR_SECURE) &&
 
-	     (error = xfs_iaccess(dp, S_IWUSR, cred))) {
 
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
 
-		return(XFS_ERROR(error));
 
-	}
 
-	xfs_iunlock(dp, XFS_ILOCK_SHARED);
 
-
 
 	return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags);
 
 }
 
 
@@ -579,7 +566,7 @@ int
 
 xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred)
 
 {
 
 	xfs_inode_t         *dp;
 
-	int                 namelen, error;
 
+	int                 namelen;
 
 
 	namelen = strlen(name);
 
 	if (namelen >= MAXNAMELEN)
 
@@ -592,11 +579,7 @@ xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred)
 
 		return (EIO);
 
 
 	xfs_ilock(dp, XFS_ILOCK_SHARED);
 
-	if (!(flags & ATTR_SECURE) &&
 
-	     (error = xfs_iaccess(dp, S_IWUSR, cred))) {
 
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
 
-		return(XFS_ERROR(error));
 
-	} else if (XFS_IFORK_Q(dp) == 0 ||
 
+	if (XFS_IFORK_Q(dp) == 0 ||
 
 		   (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS &&
 
 		    dp->i_d.di_anextents == 0)) {
 
 		xfs_iunlock(dp, XFS_ILOCK_SHARED);
 
@@ -668,12 +651,6 @@ xfs_attr_list(bhv_desc_t *bdp, char *buffer, int bufsize, int flags,
 
 		return (EIO);
 
 
 	xfs_ilock(dp, XFS_ILOCK_SHARED);
 
-	if (!(flags & ATTR_SECURE) &&
 
-	     (error = xfs_iaccess(dp, S_IRUSR, cred))) {
 
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
 
-		return(XFS_ERROR(error));
 
-	}
 
-
 
 	/*
 
 	 * Decide on what work routines to call based on the inode size.
 
 	 */