1. 28 Sep, 2016 1 commit
  2. 22 Sep, 2016 1 commit
  3. 31 Mar, 2016 1 commit
    • Andreas Gruenbacher's avatar
      posix_acl: Inode acl caching fixes · b8a7a3a6
      Andreas Gruenbacher authored
      When get_acl() is called for an inode whose ACL is not cached yet, the
      get_acl inode operation is called to fetch the ACL from the filesystem.
      The inode operation is responsible for updating the cached acl with
      set_cached_acl().  This is done without locking at the VFS level, so
      another task can call set_cached_acl() or forget_cached_acl() before the
      get_acl inode operation gets to calling set_cached_acl(), and then
      get_acl's call to set_cached_acl() results in caching an outdate ACL.
      
      Prevent this from happening by setting the cached ACL pointer to a
      task-specific sentinel value before calling the get_acl inode operation.
      Move the responsibility for updating the cached ACL from the get_acl
      inode operations to get_acl().  There, only set the cached ACL if the
      sentinel value hasn't changed.
      
      The sentinel values are chosen to have odd values.  Likewise, the value
      of ACL_NOT_CACHED is odd.  In contrast, ACL object pointers always have
      an even value (ACLs are aligned in memory).  This allows to distinguish
      uncached ACLs values from ACL objects.
      
      In addition, switch from guarding inode->i_acl and inode->i_default_acl
      upates by the inode->i_lock spinlock to using xchg() and cmpxchg().
      
      Filesystems that do not want ACLs returned from their get_acl inode
      operations to be cached must call forget_cached_acl() to prevent the VFS
      from doing so.
      
      (Patch written by Al Viro and Andreas Gruenbacher.)
      Signed-off-by: default avatarAndreas Gruenbacher <agruenba@redhat.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      b8a7a3a6
  4. 02 Jul, 2014 1 commit
  5. 26 Jan, 2014 3 commits
  6. 21 Sep, 2012 1 commit
  7. 18 Sep, 2012 1 commit
    • Eric W. Biederman's avatar
      userns: Pass a userns parameter into posix_acl_to_xattr and posix_acl_from_xattr · 5f3a4a28
      Eric W. Biederman authored
       - Pass the user namespace the uid and gid values in the xattr are stored
         in into posix_acl_from_xattr.
      
       - Pass the user namespace kuid and kgid values should be converted into
         when storing uid and gid values in an xattr in posix_acl_to_xattr.
      
      - Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to
        pass in &init_user_ns.
      
      In the short term this change is not strictly needed but it makes the
      code clearer.  In the longer term this change is necessary to be able to
      mount filesystems outside of the initial user namespace that natively
      store posix acls in the linux xattr format.
      
      Cc: Theodore Tso <tytso@mit.edu>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      5f3a4a28
  8. 26 Mar, 2012 1 commit
  9. 01 Aug, 2011 2 commits
  10. 25 Jul, 2011 4 commits
  11. 24 Jul, 2011 1 commit
  12. 20 Jul, 2011 2 commits
  13. 24 Mar, 2011 1 commit
  14. 07 Jan, 2011 1 commit
  15. 06 Jun, 2010 1 commit
  16. 21 May, 2010 1 commit
  17. 16 Dec, 2009 1 commit
    • Christoph Hellwig's avatar
      sanitize xattr handler prototypes · 431547b3
      Christoph Hellwig authored
      Add a flags argument to struct xattr_handler and pass it to all xattr
      handler methods.  This allows using the same methods for multiple
      handlers, e.g. for the ACL methods which perform exactly the same action
      for the access and default ACLs, just using a different underlying
      attribute.  With a little more groundwork it'll also allow sharing the
      methods for the regular user/trusted/secure handlers in extN, ocfs2 and
      jffs2 like it's already done for xfs in this patch.
      
      Also change the inode argument to the handlers to a dentry to allow
      using the handlers mechnism for filesystems that require it later,
      e.g. cifs.
      
      [with GFS2 bits updated by Steven Whitehouse <swhiteho@redhat.com>]
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Reviewed-by: default avatarJames Morris <jmorris@namei.org>
      Acked-by: default avatarJoel Becker <joel.becker@oracle.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      431547b3
  18. 08 Sep, 2009 1 commit
  19. 24 Jun, 2009 3 commits
  20. 01 Apr, 2009 1 commit
  21. 20 Mar, 2009 1 commit
  22. 27 Jul, 2008 1 commit
    • Al Viro's avatar
      [PATCH] sanitize ->permission() prototype · e6305c43
      Al Viro authored
      * kill nameidata * argument; map the 3 bits in ->flags anybody cares
        about to new MAY_... ones and pass with the mask.
      * kill redundant gfs2_iop_permission()
      * sanitize ecryptfs_permission()
      * fix remaining places where ->permission() instances might barf on new
        MAY_... found in mask.
      
      The obvious next target in that direction is permission(9)
      
      folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      e6305c43
  23. 08 Jan, 2008 1 commit
  24. 06 Nov, 2007 1 commit
  25. 27 Oct, 2007 1 commit
  26. 20 Oct, 2007 1 commit
    • KaiGai Kohei's avatar
      [JFFS2] Tidy up fix for ACL/permissions problem. · cfc8dc6f
      KaiGai Kohei authored
      [In commit 9ed437c5 we fixed a problem 
      with standard permissions on newly-created inodes, when POSIX ACLs are 
      enabled. This cleans it up...]
      
      The attached patch separate jffs2_init_acl() into two parts.
      
      The one is jffs2_init_acl_pre() called from jffs2_new_inode().
      It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL
      objects associated with the new inode just before when inode meta
      infomation is written to the medium.
      
      The other is jffs2_init_acl_post() called from jffs2_symlink(),
      jffs2_mkdir(), jffs2_mknod() and jffs2_do_create().
      It actually writes in-memory ACL objects into the medium next to
      the success of writing meta-information.
      
      In the current implementation, we have to write a same inode meta
      infomation twice when inode->i_mode is updated by the default ACL.
      However, we can avoid the behavior by putting an updated i_mode
      before it is written at first, as jffs2_init_acl_pre() doing.
      Signed-off-by: default avatarKaiGai Kohei <kaigai@ak.jp.nec.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
      cfc8dc6f
  27. 22 Aug, 2007 1 commit
  28. 17 Jul, 2007 1 commit
    • Satyam Sharma's avatar
      Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check · 3bd858ab
      Satyam Sharma authored
      Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
      users to it. This is done because we want to avoid bugs in the future
      where we check for only effective fsuid of the current task against a
      file's owning uid, without simultaneously checking for CAP_FOWNER as
      well, thus violating its semantics.
      [ XFS uses special macros and structures, and in general looked ...
      untouchable, so we leave it alone -- but it has been looked over. ]
      
      The (current->fsuid != inode->i_uid) check in generic_permission() and
      exec_permission_lite() is left alone, because those operations are
      covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations
      falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone.
      Signed-off-by: default avatarSatyam Sharma <ssatyam@cse.iitk.ac.in>
      Cc: Al Viro <viro@ftp.linux.org.uk>
      Acked-by: default avatarSerge E. Hallyn <serge@hallyn.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3bd858ab
  29. 25 Apr, 2007 1 commit
    • David Woodhouse's avatar
      [JFFS2] Tidy up licensing/copyright boilerplate. · c00c310e
      David Woodhouse authored
      In particular, remove the bit in the LICENCE file about contacting
      Red Hat for alternative arrangements. Their errant IS department broke
      that arrangement a long time ago -- the policy of collecting copyright
      assignments from contributors came to an end when the plug was pulled on
      the servers hosting the project, without notice or reason.
      
      We do still dual-license it for use with eCos, with the GPL+exception
      licence approved by the FSF as being GPL-compatible. It's just that nobody
      has the right to license it differently.
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
      c00c310e
  30. 04 Dec, 2006 1 commit
  31. 02 Jul, 2006 1 commit