diff options
author | KaiGai Kohei <kaigai@ak.jp.nec.com> | 2007-09-14 15:16:35 +0900 |
---|---|---|
committer | David Woodhouse <dwmw2@infradead.org> | 2007-10-20 14:10:54 +0100 |
commit | cfc8dc6f6f69ede939e09c2af06a01adee577285 (patch) | |
tree | a37149d6353fb4b911beb5ad4ad18f2ec2b1468a /fs/jffs2/acl.c | |
parent | e8b8c977734193adedf2b0f607d6252c78e86394 (diff) | |
download | kernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.tar.gz kernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.tar.xz kernel-crypto-cfc8dc6f6f69ede939e09c2af06a01adee577285.zip |
[JFFS2] Tidy up fix for ACL/permissions problem.
[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem
with standard permissions on newly-created inodes, when POSIX ACLs are
enabled. This cleans it up...]
The attached patch separate jffs2_init_acl() into two parts.
The one is jffs2_init_acl_pre() called from jffs2_new_inode().
It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL
objects associated with the new inode just before when inode meta
infomation is written to the medium.
The other is jffs2_init_acl_post() called from jffs2_symlink(),
jffs2_mkdir(), jffs2_mknod() and jffs2_do_create().
It actually writes in-memory ACL objects into the medium next to
the success of writing meta-information.
In the current implementation, we have to write a same inode meta
infomation twice when inode->i_mode is updated by the default ACL.
However, we can avoid the behavior by putting an updated i_mode
before it is written at first, as jffs2_init_acl_pre() doing.
Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'fs/jffs2/acl.c')
-rw-r--r-- | fs/jffs2/acl.c | 101 |
1 files changed, 65 insertions, 36 deletions
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c index 8ec9323e830..9728614b895 100644 --- a/fs/jffs2/acl.c +++ b/fs/jffs2/acl.c @@ -228,11 +228,28 @@ struct posix_acl *jffs2_get_acl(struct inode *inode, int type) return acl; } +static int __jffs2_set_acl(struct inode *inode, int xprefix, struct posix_acl *acl) +{ + char *value = NULL; + size_t size = 0; + int rc; + + if (acl) { + value = jffs2_acl_to_medium(acl, &size); + if (IS_ERR(value)) + return PTR_ERR(value); + } + rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0); + if (!value && rc == -ENODATA) + rc = 0; + kfree(value); + + return rc; +} + static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl) { struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode); - size_t size = 0; - char *value = NULL; int rc, xprefix; if (S_ISLNK(inode->i_mode)) @@ -267,17 +284,7 @@ static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl) default: return -EINVAL; } - if (acl) { - value = jffs2_acl_to_medium(acl, &size); - if (IS_ERR(value)) - return PTR_ERR(value); - } - - rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0); - if (!value && rc == -ENODATA) - rc = 0; - if (value) - kfree(value); + rc = __jffs2_set_acl(inode, xprefix, acl); if (!rc) { switch(type) { case ACL_TYPE_ACCESS: @@ -312,37 +319,59 @@ int jffs2_permission(struct inode *inode, int mask, struct nameidata *nd) return generic_permission(inode, mask, jffs2_check_acl); } -int jffs2_init_acl(struct inode *inode, struct posix_acl *acl) +int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, int *i_mode) { struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode); - struct posix_acl *clone; - mode_t mode; - int rc = 0; + struct posix_acl *acl, *clone; + int rc; - f->i_acl_access = JFFS2_ACL_NOT_CACHED; - f->i_acl_default = JFFS2_ACL_NOT_CACHED; + f->i_acl_default = NULL; + f->i_acl_access = NULL; + + if (S_ISLNK(*i_mode)) + return 0; /* Symlink always has no-ACL */ + + acl = jffs2_get_acl(dir_i, ACL_TYPE_DEFAULT); + if (IS_ERR(acl)) + return PTR_ERR(acl); + + if (!acl) { + *i_mode &= ~current->fs->umask; + } else { + if (S_ISDIR(*i_mode)) + jffs2_iset_acl(inode, &f->i_acl_default, acl); - if (acl) { - if (S_ISDIR(inode->i_mode)) { - rc = jffs2_set_acl(inode, ACL_TYPE_DEFAULT, acl); - if (rc) - goto cleanup; - } clone = posix_acl_clone(acl, GFP_KERNEL); - rc = -ENOMEM; if (!clone) - goto cleanup; - mode = inode->i_mode; - rc = posix_acl_create_masq(clone, &mode); - if (rc >= 0) { - inode->i_mode = mode; - if (rc > 0) - rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, clone); - } + return -ENOMEM; + rc = posix_acl_create_masq(clone, (mode_t *)i_mode); + if (rc < 0) + return rc; + if (rc > 0) + jffs2_iset_acl(inode, &f->i_acl_access, clone); + posix_acl_release(clone); } - cleanup: - posix_acl_release(acl); + return 0; +} + +int jffs2_init_acl_post(struct inode *inode) +{ + struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode); + int rc; + + if (f->i_acl_default) { + rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_DEFAULT, f->i_acl_default); + if (rc) + return rc; + } + + if (f->i_acl_access) { + rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_ACCESS, f->i_acl_access); + if (rc) + return rc; + } + return rc; } |