]>
Commit | Line | Data |
---|---|---|
b3b94faa DT |
1 | /* |
2 | * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved. | |
3 | * Copyright (C) 2004-2005 Red Hat, Inc. All rights reserved. | |
4 | * | |
5 | * This copyrighted material is made available to anyone wishing to use, | |
6 | * modify, copy, or redistribute it subject to the terms and conditions | |
7 | * of the GNU General Public License v.2. | |
8 | */ | |
9 | ||
10 | #include <linux/sched.h> | |
11 | #include <linux/slab.h> | |
12 | #include <linux/spinlock.h> | |
13 | #include <linux/completion.h> | |
14 | #include <linux/buffer_head.h> | |
15 | #include <linux/xattr.h> | |
5c676f6d | 16 | #include <linux/gfs2_ondisk.h> |
b3b94faa DT |
17 | #include <asm/uaccess.h> |
18 | ||
19 | #include "gfs2.h" | |
5c676f6d SW |
20 | #include "lm_interface.h" |
21 | #include "incore.h" | |
b3b94faa DT |
22 | #include "acl.h" |
23 | #include "eaops.h" | |
24 | #include "eattr.h" | |
5c676f6d | 25 | #include "util.h" |
b3b94faa DT |
26 | |
27 | /** | |
28 | * gfs2_ea_name2type - get the type of the ea, and truncate type from the name | |
29 | * @namep: ea name, possibly with type appended | |
30 | * | |
31 | * Returns: GFS2_EATYPE_XXX | |
32 | */ | |
33 | ||
34 | unsigned int gfs2_ea_name2type(const char *name, char **truncated_name) | |
35 | { | |
36 | unsigned int type; | |
37 | ||
38 | if (strncmp(name, "system.", 7) == 0) { | |
39 | type = GFS2_EATYPE_SYS; | |
40 | if (truncated_name) | |
41 | *truncated_name = strchr(name, '.') + 1; | |
42 | } else if (strncmp(name, "user.", 5) == 0) { | |
43 | type = GFS2_EATYPE_USR; | |
44 | if (truncated_name) | |
45 | *truncated_name = strchr(name, '.') + 1; | |
46 | } else { | |
47 | type = GFS2_EATYPE_UNUSED; | |
48 | if (truncated_name) | |
49 | *truncated_name = NULL; | |
50 | } | |
51 | ||
52 | return type; | |
53 | } | |
54 | ||
55 | static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
56 | { | |
57 | struct inode *inode = ip->i_vnode; | |
58 | int error = permission(inode, MAY_READ, NULL); | |
59 | if (error) | |
60 | return error; | |
61 | ||
62 | return gfs2_ea_get_i(ip, er); | |
63 | } | |
64 | ||
65 | static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
66 | { | |
67 | struct inode *inode = ip->i_vnode; | |
68 | ||
69 | if (S_ISREG(inode->i_mode) || | |
70 | (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) { | |
71 | int error = permission(inode, MAY_WRITE, NULL); | |
72 | if (error) | |
73 | return error; | |
74 | } else | |
75 | return -EPERM; | |
76 | ||
77 | return gfs2_ea_set_i(ip, er); | |
78 | } | |
79 | ||
80 | static int user_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
81 | { | |
82 | struct inode *inode = ip->i_vnode; | |
83 | ||
84 | if (S_ISREG(inode->i_mode) || | |
85 | (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) { | |
86 | int error = permission(inode, MAY_WRITE, NULL); | |
87 | if (error) | |
88 | return error; | |
89 | } else | |
90 | return -EPERM; | |
91 | ||
92 | return gfs2_ea_remove_i(ip, er); | |
93 | } | |
94 | ||
95 | static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
96 | { | |
97 | if (!GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) && | |
98 | !GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len) && | |
99 | !capable(CAP_SYS_ADMIN)) | |
100 | return -EPERM; | |
101 | ||
102 | if (ip->i_sbd->sd_args.ar_posix_acl == 0 && | |
103 | (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) || | |
104 | GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len))) | |
105 | return -EOPNOTSUPP; | |
106 | ||
107 | ||
108 | ||
109 | return gfs2_ea_get_i(ip, er); | |
110 | } | |
111 | ||
112 | static int system_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
113 | { | |
114 | int remove = 0; | |
115 | int error; | |
116 | ||
117 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
118 | if (!(er->er_flags & GFS2_ERF_MODE)) { | |
119 | er->er_mode = ip->i_di.di_mode; | |
120 | er->er_flags |= GFS2_ERF_MODE; | |
121 | } | |
122 | error = gfs2_acl_validate_set(ip, 1, er, | |
123 | &remove, &er->er_mode); | |
124 | if (error) | |
125 | return error; | |
126 | error = gfs2_ea_set_i(ip, er); | |
127 | if (error) | |
128 | return error; | |
129 | if (remove) | |
130 | gfs2_ea_remove_i(ip, er); | |
131 | return 0; | |
132 | ||
133 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
134 | error = gfs2_acl_validate_set(ip, 0, er, | |
135 | &remove, NULL); | |
136 | if (error) | |
137 | return error; | |
138 | if (!remove) | |
139 | error = gfs2_ea_set_i(ip, er); | |
140 | else { | |
141 | error = gfs2_ea_remove_i(ip, er); | |
142 | if (error == -ENODATA) | |
143 | error = 0; | |
144 | } | |
145 | return error; | |
146 | } | |
147 | ||
148 | return -EPERM; | |
149 | } | |
150 | ||
151 | static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
152 | { | |
153 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
154 | int error = gfs2_acl_validate_remove(ip, 1); | |
155 | if (error) | |
156 | return error; | |
157 | ||
158 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
159 | int error = gfs2_acl_validate_remove(ip, 0); | |
160 | if (error) | |
161 | return error; | |
162 | ||
163 | } else | |
164 | return -EPERM; | |
165 | ||
166 | return gfs2_ea_remove_i(ip, er); | |
167 | } | |
168 | ||
08bc2dbc | 169 | static struct gfs2_eattr_operations gfs2_user_eaops = { |
b3b94faa DT |
170 | .eo_get = user_eo_get, |
171 | .eo_set = user_eo_set, | |
172 | .eo_remove = user_eo_remove, | |
173 | .eo_name = "user", | |
174 | }; | |
175 | ||
176 | struct gfs2_eattr_operations gfs2_system_eaops = { | |
177 | .eo_get = system_eo_get, | |
178 | .eo_set = system_eo_set, | |
179 | .eo_remove = system_eo_remove, | |
180 | .eo_name = "system", | |
181 | }; | |
182 | ||
183 | struct gfs2_eattr_operations *gfs2_ea_ops[] = { | |
184 | NULL, | |
185 | &gfs2_user_eaops, | |
186 | &gfs2_system_eaops, | |
187 | }; | |
188 |