summaryrefslogtreecommitdiffstats
path: root/fs/jffs2/acl.c
diff options
context:
space:
mode:
authorKaiGai Kohei <kaigai@ak.jp.nec.com>2007-09-14 15:16:35 +0900
committerDavid Woodhouse <dwmw2@infradead.org>2007-10-20 14:10:54 +0100
commitcfc8dc6f6f69ede939e09c2af06a01adee577285 (patch)
treea37149d6353fb4b911beb5ad4ad18f2ec2b1468a /fs/jffs2/acl.c
parente8b8c977734193adedf2b0f607d6252c78e86394 (diff)
downloadkernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.tar.gz
kernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.tar.xz
kernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.zip
[JFFS2] Tidy up fix for ACL/permissions problem.
[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem with standard permissions on newly-created inodes, when POSIX ACLs are enabled. This cleans it up...] The attached patch separate jffs2_init_acl() into two parts. The one is jffs2_init_acl_pre() called from jffs2_new_inode(). It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL objects associated with the new inode just before when inode meta infomation is written to the medium. The other is jffs2_init_acl_post() called from jffs2_symlink(), jffs2_mkdir(), jffs2_mknod() and jffs2_do_create(). It actually writes in-memory ACL objects into the medium next to the success of writing meta-information. In the current implementation, we have to write a same inode meta infomation twice when inode->i_mode is updated by the default ACL. However, we can avoid the behavior by putting an updated i_mode before it is written at first, as jffs2_init_acl_pre() doing. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'fs/jffs2/acl.c')
-rw-r--r--fs/jffs2/acl.c101
1 files changed, 65 insertions, 36 deletions
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c
index 8ec9323e830..9728614b895 100644
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -228,11 +228,28 @@ struct posix_acl *jffs2_get_acl(struct inode *inode, int type)
return acl;
}
+static int __jffs2_set_acl(struct inode *inode, int xprefix, struct posix_acl *acl)
+{
+ char *value = NULL;
+ size_t size = 0;
+ int rc;
+
+ if (acl) {
+ value = jffs2_acl_to_medium(acl, &size);
+ if (IS_ERR(value))
+ return PTR_ERR(value);
+ }
+ rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0);
+ if (!value && rc == -ENODATA)
+ rc = 0;
+ kfree(value);
+
+ return rc;
+}
+
static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
{
struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
- size_t size = 0;
- char *value = NULL;
int rc, xprefix;
if (S_ISLNK(inode->i_mode))
@@ -267,17 +284,7 @@ static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
default:
return -EINVAL;
}
- if (acl) {
- value = jffs2_acl_to_medium(acl, &size);
- if (IS_ERR(value))
- return PTR_ERR(value);
- }
-
- rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0);
- if (!value && rc == -ENODATA)
- rc = 0;
- if (value)
- kfree(value);
+ rc = __jffs2_set_acl(inode, xprefix, acl);
if (!rc) {
switch(type) {
case ACL_TYPE_ACCESS:
@@ -312,37 +319,59 @@ int jffs2_permission(struct inode *inode, int mask, struct nameidata *nd)
return generic_permission(inode, mask, jffs2_check_acl);
}
-int jffs2_init_acl(struct inode *inode, struct posix_acl *acl)
+int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, int *i_mode)
{
struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
- struct posix_acl *clone;
- mode_t mode;
- int rc = 0;
+ struct posix_acl *acl, *clone;
+ int rc;
- f->i_acl_access = JFFS2_ACL_NOT_CACHED;
- f->i_acl_default = JFFS2_ACL_NOT_CACHED;
+ f->i_acl_default = NULL;
+ f->i_acl_access = NULL;
+
+ if (S_ISLNK(*i_mode))
+ return 0; /* Symlink always has no-ACL */
+
+ acl = jffs2_get_acl(dir_i, ACL_TYPE_DEFAULT);
+ if (IS_ERR(acl))
+ return PTR_ERR(acl);
+
+ if (!acl) {
+ *i_mode &= ~current->fs->umask;
+ } else {
+ if (S_ISDIR(*i_mode))
+ jffs2_iset_acl(inode, &f->i_acl_default, acl);
- if (acl) {
- if (S_ISDIR(inode->i_mode)) {
- rc = jffs2_set_acl(inode, ACL_TYPE_DEFAULT, acl);
- if (rc)
- goto cleanup;
- }
clone = posix_acl_clone(acl, GFP_KERNEL);
- rc = -ENOMEM;
if (!clone)
- goto cleanup;
- mode = inode->i_mode;
- rc = posix_acl_create_masq(clone, &mode);
- if (rc >= 0) {
- inode->i_mode = mode;
- if (rc > 0)
- rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, clone);
- }
+ return -ENOMEM;
+ rc = posix_acl_create_masq(clone, (mode_t *)i_mode);
+ if (rc < 0)
+ return rc;
+ if (rc > 0)
+ jffs2_iset_acl(inode, &f->i_acl_access, clone);
+
posix_acl_release(clone);
}
- cleanup:
- posix_acl_release(acl);
+ return 0;
+}
+
+int jffs2_init_acl_post(struct inode *inode)
+{
+ struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
+ int rc;
+
+ if (f->i_acl_default) {
+ rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_DEFAULT, f->i_acl_default);
+ if (rc)
+ return rc;
+ }
+
+ if (f->i_acl_access) {
+ rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_ACCESS, f->i_acl_access);
+ if (rc)
+ return rc;
+ }
+
return rc;
}