Commit 3542c6e18f6470bad2bde1e94331e4f488a8d3f1
Committed by
Linus Torvalds
Linus Torvalds
1 parent
b98932cb51
Exists in
master
and in
7 other branches
[PATCH] remove xfs xattr permission checks
remove checks now in the VFS XFS has an additional xattr interface through obscure ioctl. it requires raised capabilities but we need to add some read-only/immutable checks anyway Signed-off-by: Christoph Hellwig <hch@lst.de> Cc: Nathan Scott <nathans@sgi.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Showing 2 changed files with 8 additions and 26 deletions Side-by-side Diff
fs/xfs/linux-2.6/xfs_ioctl.c
| ... | ... | @@ -530,6 +530,8 @@ |
| 530 | 530 | char *kbuf; |
| 531 | 531 | int error = EFAULT; |
| 532 | 532 | |
| 533 | + if (IS_RDONLY(&vp->v_inode)) | |
| 534 | + return -EROFS; | |
| 533 | 535 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) |
| 534 | 536 | return EPERM; |
| 535 | 537 | if (len > XATTR_SIZE_MAX) |
| ... | ... | @@ -557,6 +559,9 @@ |
| 557 | 559 | { |
| 558 | 560 | int error; |
| 559 | 561 | |
| 562 | + | |
| 563 | + if (IS_RDONLY(&vp->v_inode)) | |
| 564 | + return -EROFS; | |
| 560 | 565 | if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) |
| 561 | 566 | return EPERM; |
| 562 | 567 |
fs/xfs/xfs_attr.c
| ... | ... | @@ -117,11 +117,6 @@ |
| 117 | 117 | ip->i_d.di_anextents == 0)) |
| 118 | 118 | return(ENOATTR); |
| 119 | 119 | |
| 120 | - if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) { | |
| 121 | - if ((error = xfs_iaccess(ip, S_IRUSR, cred))) | |
| 122 | - return(XFS_ERROR(error)); | |
| 123 | - } | |
| 124 | - | |
| 125 | 120 | /* |
| 126 | 121 | * Fill in the arg structure for this request. |
| 127 | 122 | */ |
| ... | ... | @@ -425,7 +420,7 @@ |
| 425 | 420 | struct cred *cred) |
| 426 | 421 | { |
| 427 | 422 | xfs_inode_t *dp; |
| 428 | - int namelen, error; | |
| 423 | + int namelen; | |
| 429 | 424 | |
| 430 | 425 | namelen = strlen(name); |
| 431 | 426 | if (namelen >= MAXNAMELEN) |
| ... | ... | @@ -437,14 +432,6 @@ |
| 437 | 432 | if (XFS_FORCED_SHUTDOWN(dp->i_mount)) |
| 438 | 433 | return (EIO); |
| 439 | 434 | |
| 440 | - xfs_ilock(dp, XFS_ILOCK_SHARED); | |
| 441 | - if (!(flags & ATTR_SECURE) && | |
| 442 | - (error = xfs_iaccess(dp, S_IWUSR, cred))) { | |
| 443 | - xfs_iunlock(dp, XFS_ILOCK_SHARED); | |
| 444 | - return(XFS_ERROR(error)); | |
| 445 | - } | |
| 446 | - xfs_iunlock(dp, XFS_ILOCK_SHARED); | |
| 447 | - | |
| 448 | 435 | return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags); |
| 449 | 436 | } |
| 450 | 437 | |
| ... | ... | @@ -579,7 +566,7 @@ |
| 579 | 566 | xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) |
| 580 | 567 | { |
| 581 | 568 | xfs_inode_t *dp; |
| 582 | - int namelen, error; | |
| 569 | + int namelen; | |
| 583 | 570 | |
| 584 | 571 | namelen = strlen(name); |
| 585 | 572 | if (namelen >= MAXNAMELEN) |
| ... | ... | @@ -592,11 +579,7 @@ |
| 592 | 579 | return (EIO); |
| 593 | 580 | |
| 594 | 581 | xfs_ilock(dp, XFS_ILOCK_SHARED); |
| 595 | - if (!(flags & ATTR_SECURE) && | |
| 596 | - (error = xfs_iaccess(dp, S_IWUSR, cred))) { | |
| 597 | - xfs_iunlock(dp, XFS_ILOCK_SHARED); | |
| 598 | - return(XFS_ERROR(error)); | |
| 599 | - } else if (XFS_IFORK_Q(dp) == 0 || | |
| 582 | + if (XFS_IFORK_Q(dp) == 0 || | |
| 600 | 583 | (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS && |
| 601 | 584 | dp->i_d.di_anextents == 0)) { |
| 602 | 585 | xfs_iunlock(dp, XFS_ILOCK_SHARED); |
| ... | ... | @@ -668,12 +651,6 @@ |
| 668 | 651 | return (EIO); |
| 669 | 652 | |
| 670 | 653 | xfs_ilock(dp, XFS_ILOCK_SHARED); |
| 671 | - if (!(flags & ATTR_SECURE) && | |
| 672 | - (error = xfs_iaccess(dp, S_IRUSR, cred))) { | |
| 673 | - xfs_iunlock(dp, XFS_ILOCK_SHARED); | |
| 674 | - return(XFS_ERROR(error)); | |
| 675 | - } | |
| 676 | - | |
| 677 | 654 | /* |
| 678 | 655 | * Decide on what work routines to call based on the inode size. |
| 679 | 656 | */ |