18 Jul, 2007

1 commit

• 3bd858ab1   Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check ... Browse Code »

  Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
  users to it. This is done because we want to avoid bugs in the future
  where we check for only effective fsuid of the current task against a
  file's owning uid, without simultaneously checking for CAP_FOWNER as
  well, thus violating its semantics.
  [ XFS uses special macros and structures, and in general looked ...
  untouchable, so we leave it alone -- but it has been looked over. ]

  The (current->fsuid != inode->i_uid) check in generic_permission() and
  exec_permission_lite() is left alone, because those operations are
  covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations
  falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone.

  Signed-off-by: Satyam Sharma
  Cc: Al Viro
  Acked-by: Serge E. Hallyn
  Signed-off-by: Linus Torvalds

  Satyam Sharma

  2007-07-18 03:00:03 +0800  

17 Jul, 2007

1 commit

• 5b37696fd   utime(s): Honour CAP_FOWNER when times==NULL ... Browse Code »

  do_utimes() does not honour CAP_FOWNER when times==NULL.
  Trivial and obvious one-line fix.

  Signed-off-by: Satyam Sharma
  Signed-off-by: Linus Torvalds

  Satyam Sharma

  2007-07-17 03:14:08 +0800  

09 Jul, 2007

1 commit

• 1e5de2837   Fix permission checking for the new utimensat() system call ... Browse Code »

  Commit 1c710c896eb461895d3c399e15bb5f20b39c9073 added the utimensat()
  system call, but didn't handle the case of checking for the writability
  of the target right, when the target was a file descriptor, not a
  filename.

  We cannot use vfs_permission(MAY_WRITE) for that case, and need to
  simply check whether the file descriptor is writable. The oops from
  using the wrong function was noticed and narrowed down by Markus
  Trippelsdorf.

  Cc: Ulrich Drepper
  Cc: Markus Trippelsdorf
  Cc: Andrew Morton
  Acked-by: Al Viro
  Signed-off-by: Linus Torvalds

  Linus Torvalds

  2007-07-09 03:02:55 +0800  

09 May, 2007

1 commit

• 1c710c896   utimensat implementation ... Browse Code »

  Implement utimensat(2) which is an extension to futimesat(2) in that it

  a) supports nano-second resolution for the timestamps
  b) allows to selectively ignore the atime/mtime value
  c) allows to selectively use the current time for either atime or mtime
  d) supports changing the atime/mtime of a symlink itself along the lines
  of the BSD lutimes(3) functions

  For this change the internally used do_utimes() functions was changed to
  accept a timespec time value and an additional flags parameter.

  Additionally the sys_utime function was changed to match compat_sys_utime
  which already use do_utimes instead of duplicating the work.

  Also, the completely missing futimensat() functionality is added. We have
  such a function in glibc but we have to resort to using /proc/self/fd/* which
  not everybody likes (chroot etc).

  Test application (the syscall number will need per-arch editing):

  #include
  #include
  #include
  #include
  #include
  #include

  #define __NR_utimensat 280

  #define UTIME_NOW ((1l << 30) - 1l)
  #define UTIME_OMIT ((1l << 30) - 2l)

  int
  main(void)
  {
  int status = 0;

  int fd = open("ttt", O_RDWR|O_CREAT|O_EXCL, 0666);
  if (fd == -1)
  error (1, errno, "failed to create test file \"ttt\"");

  struct stat64 st1;
  if (fstat64 (fd, &st1) != 0)
  error (1, errno, "fstat failed");

  struct timespec t[2];
  t[0].tv_sec = 0;
  t[0].tv_nsec = 0;
  t[1].tv_sec = 0;
  t[1].tv_nsec = 0;
  if (syscall(__NR_utimensat, AT_FDCWD, "ttt", t, 0) != 0)
  error (1, errno, "utimensat failed");

  struct stat64 st2;
  if (fstat64 (fd, &st2) != 0)
  error (1, errno, "fstat failed");

  if (st2.st_atim.tv_sec != 0 || st2.st_atim.tv_nsec != 0)
  {
  puts ("atim not reset to zero");
  status = 1;
  }
  if (st2.st_mtim.tv_sec != 0 || st2.st_mtim.tv_nsec != 0)
  {
  puts ("mtim not reset to zero");
  status = 1;
  }
  if (status != 0)
  goto out;

  t[0] = st1.st_atim;
  t[1].tv_sec = 0;
  t[1].tv_nsec = UTIME_OMIT;
  if (syscall(__NR_utimensat, AT_FDCWD, "ttt", t, 0) != 0)
  error (1, errno, "utimensat failed");

  if (fstat64 (fd, &st2) != 0)
  error (1, errno, "fstat failed");

  if (st2.st_atim.tv_sec != st1.st_atim.tv_sec
  || st2.st_atim.tv_nsec != st1.st_atim.tv_nsec)
  {
  puts ("atim not set");
  status = 1;
  }
  if (st2.st_mtim.tv_sec != 0 || st2.st_mtim.tv_nsec != 0)
  {
  puts ("mtim changed from zero");
  status = 1;
  }
  if (status != 0)
  goto out;

  t[0].tv_sec = 0;
  t[0].tv_nsec = UTIME_OMIT;
  t[1] = st1.st_mtim;
  if (syscall(__NR_utimensat, AT_FDCWD, "ttt", t, 0) != 0)
  error (1, errno, "utimensat failed");

  if (fstat64 (fd, &st2) != 0)
  error (1, errno, "fstat failed");

  if (st2.st_atim.tv_sec != st1.st_atim.tv_sec
  || st2.st_atim.tv_nsec != st1.st_atim.tv_nsec)
  {
  puts ("mtim changed from original time");
  status = 1;
  }
  if (st2.st_mtim.tv_sec != st1.st_mtim.tv_sec
  || st2.st_mtim.tv_nsec != st1.st_mtim.tv_nsec)
  {
  puts ("mtim not set");
  status = 1;
  }
  if (status != 0)
  goto out;

  sleep (2);

  t[0].tv_sec = 0;
  t[0].tv_nsec = UTIME_NOW;
  t[1].tv_sec = 0;
  t[1].tv_nsec = UTIME_NOW;
  if (syscall(__NR_utimensat, AT_FDCWD, "ttt", t, 0) != 0)
  error (1, errno, "utimensat failed");

  if (fstat64 (fd, &st2) != 0)
  error (1, errno, "fstat failed");

  struct timeval tv;
  gettimeofday(&tv,NULL);

  if (st2.st_atim.tv_sec tv.tv_sec)
  {
  puts ("atim not set to NOW");
  status = 1;
  }
  if (st2.st_mtim.tv_sec tv.tv_sec)
  {
  puts ("mtim not set to NOW");
  status = 1;
  }

  if (symlink ("ttt", "tttsym") != 0)
  error (1, errno, "cannot create symlink");

  t[0].tv_sec = 0;
  t[0].tv_nsec = 0;
  t[1].tv_sec = 0;
  t[1].tv_nsec = 0;
  if (syscall(__NR_utimensat, AT_FDCWD, "tttsym", t, AT_SYMLINK_NOFOLLOW) != 0)
  error (1, errno, "utimensat failed");

  if (lstat64 ("tttsym", &st2) != 0)
  error (1, errno, "lstat failed");

  if (st2.st_atim.tv_sec != 0 || st2.st_atim.tv_nsec != 0)
  {
  puts ("symlink atim not reset to zero");
  status = 1;
  }
  if (st2.st_mtim.tv_sec != 0 || st2.st_mtim.tv_nsec != 0)
  {
  puts ("symlink mtim not reset to zero");
  status = 1;
  }
  if (status != 0)
  goto out;

  t[0].tv_sec = 1;
  t[0].tv_nsec = 0;
  t[1].tv_sec = 1;
  t[1].tv_nsec = 0;
  if (syscall(__NR_utimensat, fd, NULL, t, 0) != 0)
  error (1, errno, "utimensat failed");

  if (fstat64 (fd, &st2) != 0)
  error (1, errno, "fstat failed");

  if (st2.st_atim.tv_sec != 1 || st2.st_atim.tv_nsec != 0)
  {
  puts ("atim not reset to one");
  status = 1;
  }
  if (st2.st_mtim.tv_sec != 1 || st2.st_mtim.tv_nsec != 0)
  {
  puts ("mtim not reset to one");
  status = 1;
  }

  if (status == 0)
  puts ("all OK");

  out:
  close (fd);
  unlink ("ttt");
  unlink ("tttsym");

  return status;
  }

  [akpm@linux-foundation.org: add missing i386 syscall table entry]
  Signed-off-by: Ulrich Drepper
  Cc: Alexey Dobriyan
  Cc: Michael Kerrisk
  Cc:
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Ulrich Drepper

  2007-05-09 02:15:18 +0800  

04 Dec, 2006

1 commit

• 914e26379   [PATCH] severing fs.h, radix-tree.h -> sched.h ... Browse Code »

  Signed-off-by: Al Viro

  Al Viro

  2006-12-04 15:00:24 +0800  

01 Oct, 2006

1 commit

• 82b0547cf   [PATCH] Create fs/utimes.c ... Browse Code »

  * fs/open.c is getting bit crowdy
  * preparation to lutimes(2)

  Signed-off-by: Alexey Dobriyan
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Alexey Dobriyan

  2006-10-01 15:39:19 +0800