->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

userns: rename is_owner_or_cap to inode_owner_or_capable

And give it a kernel-doc comment.

[akpm@linux-foundation.org: btrfs changed in linux-next]
Signed-off-by: Serge E. Hallyn <serge.hallyn@cano

userns: rename is_owner_or_cap to inode_owner_or_capable

And give it a kernel-doc comment.

[akpm@linux-foundation.org: btrfs changed in linux-next]
Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Daniel Lezcano <daniel.lezcano@free.fr>
Acked-by: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

show more ...

fs: provide rcu-walk aware permission i_ops

Signed-off-by: Nick Piggin <npiggin@kernel.dk>

jffs2: update ctime when changing the file's permission by setfacl

jffs2 didn't update the ctime of the file when its permission was changed.

Steps to reproduce:
# touch aaa
# stat -c %Z aaa
127

jffs2: update ctime when changing the file's permission by setfacl

jffs2 didn't update the ctime of the file when its permission was changed.

Steps to reproduce:
# touch aaa
# stat -c %Z aaa
1275289822
# setfacl -m 'u::x,g::x,o::x' aaa
# stat -c %Z aaa
1275289822 <- unchanged

But, according to the spec of the ctime, jffs2 must update it.

Port of ext3 patch by Miao Xie <miaox@cn.fujitsu.com>.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

show more ...

jffs2: constify xattr_handler

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

sanitize xattr handler prototypes

Add a flags argument to struct xattr_handler and pass it to all xattr
handler methods. This allows using the same methods for multiple
handlers, e.g. for the ACL m

sanitize xattr handler prototypes

Add a flags argument to struct xattr_handler and pass it to all xattr
handler methods. This allows using the same methods for multiple
handlers, e.g. for the ACL methods which perform exactly the same action
for the access and default ACLs, just using a different underlying
attribute. With a little more groundwork it'll also allow sharing the
methods for the regular user/trusted/secure handlers in extN, ocfs2 and
jffs2 like it's already done for xfs in this patch.

Also change the inode argument to the handlers to a dentry to allow
using the handlers mechnism for filesystems that require it later,
e.g. cifs.

[with GFS2 bits updated by Steven Whitehouse <swhiteho@redhat.com>]

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

show more ...

jffs2/jfs/xfs: switch over to 'check_acl' rather than 'permission()'

This avoids an indirect call in the VFS for each path component lookup.

Well, at least as long as you own the directory in quest

jffs2/jfs/xfs: switch over to 'check_acl' rather than 'permission()'

This avoids an indirect call in the VFS for each path component lookup.

Well, at least as long as you own the directory in question, and the ACL
check is unnecessary.

Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

show more ...

Get "no acls for this inode" right, fix shmem breakage

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

helpers for acl caching + switch to those

helpers: get_cached_acl(inode, type), set_cached_acl(inode, type, acl),
forget_cached_acl(inode, type).

ubifs/xattr.c needed includes reordered, the rest i

helpers for acl caching + switch to those

helpers: get_cached_acl(inode, type), set_cached_acl(inode, type, acl),
forget_cached_acl(inode, type).

ubifs/xattr.c needed includes reordered, the rest is a plain switchover.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

show more ...

switch jffs2 to inode->i_acl

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

New helper - current_umask()

current->fs->umask is what most of fs_struct users are doing.
Put that into a helper function.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

[JFFS2] jffs2_acl_count() tests < 0 on unsigned

size_t s is unsigned and cannot be less than 0.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.

[JFFS2] jffs2_acl_count() tests < 0 on unsigned

size_t s is unsigned and cannot be less than 0.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

show more ...

[PATCH] sanitize ->permission() prototype

* kill nameidata * argument; map the 3 bits in ->flags anybody cares
about to new MAY_... ones and pass with the mask.
* kill redundant gfs2_iop_permissio

[PATCH] sanitize ->permission() prototype

* kill nameidata * argument; map the 3 bits in ->flags anybody cares
about to new MAY_... ones and pass with the mask.
* kill redundant gfs2_iop_permission()
* sanitize ecryptfs_permission()
* fix remaining places where ->permission() instances might barf on new
MAY_... found in mask.

The obvious next target in that direction is permission(9)

folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz>

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

show more ...

[JFFS2] Add missing call to posix_acl_release

posix_acl_clone does a memory allocation and sets a reference count, so
posix_acl_release is needed afterwards to free it.

The problem was fixed using

[JFFS2] Add missing call to posix_acl_release

posix_acl_clone does a memory allocation and sets a reference count, so
posix_acl_release is needed afterwards to free it.

The problem was fixed using the following semantic patch.
(http://www.emn.fr/x-info/coccinelle/)

// <smpl>
@@
type T;
identifier E;
expression E1, E2;
int ret;
statement S;
@@

T E;
<+...
(
E = \(posix_acl_clone\|posix_acl_alloc\|posix_acl_dup\)(...);
if (E == NULL) S
|
if ((E = \(posix_acl_clone\|posix_acl_alloc\|posix_acl_dup\)(...)) == NULL) S
)
... when != E2 = E
when strict
(
posix_acl_release(E);
|
E1 = E;
|
+ posix_acl_release(E);
return;
|
+ posix_acl_release(E);
return ret;
)
...+>
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[JFFS2] make jffs2_get_acl() static

jffs2_get_acl() can now become static again.

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: Andrew Mor

[JFFS2] make jffs2_get_acl() static

jffs2_get_acl() can now become static again.

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[JFFS2] Prevent return of initialised variable in jffs2_init_acl_post()

Spotted by the Coverity checker, and pointed out by Adrian Bunk.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Tidy up fix for ACL/permissions problem.

[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem
with standard permissions on newly-created inodes, when POSIX ACLs are
enabl

[JFFS2] Tidy up fix for ACL/permissions problem.

[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem
with standard permissions on newly-created inodes, when POSIX ACLs are
enabled. This cleans it up...]

The attached patch separate jffs2_init_acl() into two parts.

The one is jffs2_init_acl_pre() called from jffs2_new_inode().
It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL
objects associated with the new inode just before when inode meta
infomation is written to the medium.

The other is jffs2_init_acl_post() called from jffs2_symlink(),
jffs2_mkdir(), jffs2_mknod() and jffs2_do_create().
It actually writes in-memory ACL objects into the medium next to
the success of writing meta-information.

In the current implementation, we have to write a same inode meta
infomation twice when inode->i_mode is updated by the default ACL.
However, we can avoid the behavior by putting an updated i_mode
before it is written at first, as jffs2_init_acl_pre() doing.

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[JFFS2] Fix ACL vs. mode handling.

When POSIX ACL support was enabled, we weren't writing correct
legacy modes to the medium on inode creation, or when the ACL was set.
This meant that the permissio

[JFFS2] Fix ACL vs. mode handling.

When POSIX ACL support was enabled, we weren't writing correct
legacy modes to the medium on inode creation, or when the ACL was set.
This meant that the permissions would be incorrect after the file system
was remounted.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check

Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
users to it. This is done because we want to avoid bugs in th

Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check

Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
users to it. This is done because we want to avoid bugs in the future
where we check for only effective fsuid of the current task against a
file's owning uid, without simultaneously checking for CAP_FOWNER as
well, thus violating its semantics.
[ XFS uses special macros and structures, and in general looked ...
untouchable, so we leave it alone -- but it has been looked over. ]

The (current->fsuid != inode->i_uid) check in generic_permission() and
exec_permission_lite() is left alone, because those operations are
covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations
falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone.

Signed-off-by: Satyam Sharma <ssatyam@cse.iitk.ac.in>
Cc: Al Viro <viro@ftp.linux.org.uk>
Acked-by: Serge E. Hallyn <serge@hallyn.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

show more ...

[JFFS2] Tidy up licensing/copyright boilerplate.

In particular, remove the bit in the LICENCE file about contacting
Red Hat for alternative arrangements. Their errant IS department broke
that arrang

[JFFS2] Tidy up licensing/copyright boilerplate.

In particular, remove the bit in the LICENCE file about contacting
Red Hat for alternative arrangements. Their errant IS department broke
that arrangement a long time ago -- the policy of collecting copyright
assignments from contributors came to an end when the plug was pulled on
the servers hosting the project, without notice or reason.

We do still dual-license it for use with eCos, with the GPL+exception
licence approved by the FSF as being GPL-compatible. It's just that nobody
has the right to license it differently.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[PATCH] severing fs.h, radix-tree.h -> sched.h

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

[JFFS2][XATTR] Fix memory leak in POSIX-ACL support

jffs2_clear_acl() which releases acl caches allocated by kmalloc()
was defined but it was never called. Thus, we faced to the risk
of memory leaki

[JFFS2][XATTR] Fix memory leak in POSIX-ACL support

jffs2_clear_acl() which releases acl caches allocated by kmalloc()
was defined but it was never called. Thus, we faced to the risk
of memory leaking.

This patch plugs jffs2_clear_acl() into jffs2_do_clear_inode().
It ensures to release acl cache when inode is cleared.

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[JFFS2][XATTR] Fix ACL bug when updating null xattr by null ACL.

This patch enable to handle the case when updating null xattr
by null ACL.

When we try to set NULL into NULL xattr, xattr subsystem

[JFFS2][XATTR] Fix ACL bug when updating null xattr by null ACL.

This patch enable to handle the case when updating null xattr
by null ACL.

When we try to set NULL into NULL xattr, xattr subsystem returns
-ENODATA. This patch enables to handle this error code.

[2/3] jffs2-xattr-v6-02-fix_posixacl_bug.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

show more ...

[JFFS2][XATTR] remove redundant pointer cast in acl.c

remove redundant pointer cast in acl.c.

[10/10] jffs2-xattr-v5.1-10-remove_pointer_cast.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.co

[JFFS2][XATTR] remove redundant pointer cast in acl.c

remove redundant pointer cast in acl.c.

[10/10] jffs2-xattr-v5.1-10-remove_pointer_cast.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>

show more ...

[JFFS2][XATTR] Unify each file header part with any jffs2 file.

Unify each file header part with any jffs2 file.

[7/10] jffs2-xattr-v5.1-07-unify_file_header.patch

Signed-off-by: KaiGai Kohei <kai

[JFFS2][XATTR] Unify each file header part with any jffs2 file.

Unify each file header part with any jffs2 file.

[7/10] jffs2-xattr-v5.1-07-unify_file_header.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>

show more ...