2 * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
3 * Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved.
5 * This copyrighted material is made available to anyone wishing to use,
6 * modify, copy, or redistribute it subject to the terms and conditions
7 * of the GNU General Public License version 2.
10 #include <linux/sched.h>
11 #include <linux/slab.h>
12 #include <linux/spinlock.h>
13 #include <linux/completion.h>
14 #include <linux/buffer_head.h>
15 #include <linux/xattr.h>
16 #include <linux/posix_acl.h>
17 #include <linux/posix_acl_xattr.h>
18 #include <linux/gfs2_ondisk.h>
30 static const char *gfs2_acl_name(int type
)
34 return GFS2_POSIX_ACL_ACCESS
;
35 case ACL_TYPE_DEFAULT
:
36 return GFS2_POSIX_ACL_DEFAULT
;
41 static struct posix_acl
*gfs2_acl_get(struct gfs2_inode
*ip
, int type
)
43 struct posix_acl
*acl
;
51 acl
= get_cached_acl(&ip
->i_inode
, type
);
52 if (acl
!= ACL_NOT_CACHED
)
55 name
= gfs2_acl_name(type
);
57 return ERR_PTR(-EINVAL
);
59 len
= gfs2_xattr_acl_get(ip
, name
, &data
);
65 acl
= posix_acl_from_xattr(data
, len
);
71 * gfs2_check_acl - Check an ACL to see if we're allowed to do something
72 * @inode: the file we want to do something to
73 * @mask: what we want to do
78 int gfs2_check_acl(struct inode
*inode
, int mask
)
80 struct posix_acl
*acl
;
83 acl
= gfs2_acl_get(GFS2_I(inode
), ACL_TYPE_ACCESS
);
88 error
= posix_acl_permission(inode
, acl
, mask
);
89 posix_acl_release(acl
);
96 static int gfs2_set_mode(struct inode
*inode
, mode_t mode
)
100 if (mode
!= inode
->i_mode
) {
103 iattr
.ia_valid
= ATTR_MODE
;
104 iattr
.ia_mode
= mode
;
106 error
= gfs2_setattr_simple(GFS2_I(inode
), &iattr
);
112 static int gfs2_acl_set(struct inode
*inode
, int type
, struct posix_acl
*acl
)
117 const char *name
= gfs2_acl_name(type
);
119 BUG_ON(name
== NULL
);
120 len
= posix_acl_to_xattr(acl
, NULL
, 0);
123 data
= kmalloc(len
, GFP_NOFS
);
126 error
= posix_acl_to_xattr(acl
, data
, len
);
129 error
= gfs2_xattr_set(inode
, GFS2_EATYPE_SYS
, name
, data
, len
, 0);
131 set_cached_acl(inode
, type
, acl
);
137 int gfs2_acl_create(struct gfs2_inode
*dip
, struct inode
*inode
)
139 struct gfs2_sbd
*sdp
= GFS2_SB(&dip
->i_inode
);
140 struct posix_acl
*acl
, *clone
;
141 mode_t mode
= inode
->i_mode
;
144 if (!sdp
->sd_args
.ar_posix_acl
)
146 if (S_ISLNK(inode
->i_mode
))
149 acl
= gfs2_acl_get(dip
, ACL_TYPE_DEFAULT
);
153 mode
&= ~current_umask();
154 if (mode
!= inode
->i_mode
)
155 error
= gfs2_set_mode(inode
, mode
);
159 if (S_ISDIR(inode
->i_mode
)) {
160 error
= gfs2_acl_set(inode
, ACL_TYPE_DEFAULT
, acl
);
165 clone
= posix_acl_clone(acl
, GFP_NOFS
);
169 posix_acl_release(acl
);
172 error
= posix_acl_create_masq(acl
, &mode
);
178 error
= gfs2_acl_set(inode
, ACL_TYPE_ACCESS
, acl
);
182 error
= gfs2_set_mode(inode
, mode
);
184 posix_acl_release(acl
);
188 int gfs2_acl_chmod(struct gfs2_inode
*ip
, struct iattr
*attr
)
190 struct posix_acl
*acl
, *clone
;
195 acl
= gfs2_acl_get(ip
, ACL_TYPE_ACCESS
);
199 return gfs2_setattr_simple(ip
, attr
);
201 clone
= posix_acl_clone(acl
, GFP_NOFS
);
205 posix_acl_release(acl
);
208 error
= posix_acl_chmod_masq(acl
, attr
->ia_mode
);
210 len
= posix_acl_to_xattr(acl
, NULL
, 0);
211 data
= kmalloc(len
, GFP_NOFS
);
215 posix_acl_to_xattr(acl
, data
, len
);
216 error
= gfs2_xattr_acl_chmod(ip
, attr
, data
);
218 set_cached_acl(&ip
->i_inode
, ACL_TYPE_ACCESS
, acl
);
222 posix_acl_release(acl
);
226 static int gfs2_acl_type(const char *name
)
228 if (strcmp(name
, GFS2_POSIX_ACL_ACCESS
) == 0)
229 return ACL_TYPE_ACCESS
;
230 if (strcmp(name
, GFS2_POSIX_ACL_DEFAULT
) == 0)
231 return ACL_TYPE_DEFAULT
;
235 static int gfs2_xattr_system_get(struct inode
*inode
, const char *name
,
236 void *buffer
, size_t size
)
238 struct posix_acl
*acl
;
242 type
= gfs2_acl_type(name
);
246 acl
= gfs2_acl_get(GFS2_I(inode
), type
);
252 error
= posix_acl_to_xattr(acl
, buffer
, size
);
253 posix_acl_release(acl
);
258 static int gfs2_xattr_system_set(struct inode
*inode
, const char *name
,
259 const void *value
, size_t size
, int flags
)
261 struct gfs2_sbd
*sdp
= GFS2_SB(inode
);
262 struct posix_acl
*acl
= NULL
;
265 if (!sdp
->sd_args
.ar_posix_acl
)
268 type
= gfs2_acl_type(name
);
271 if (flags
& XATTR_CREATE
)
273 if (type
== ACL_TYPE_DEFAULT
&& !S_ISDIR(inode
->i_mode
))
274 return value
? -EACCES
: 0;
275 if ((current_fsuid() != inode
->i_uid
) && !capable(CAP_FOWNER
))
277 if (S_ISLNK(inode
->i_mode
))
283 acl
= posix_acl_from_xattr(value
, size
);
286 * acl_set_file(3) may request that we set default ACLs with
287 * zero length -- defend (gracefully) against that here.
292 error
= PTR_ERR(acl
);
296 error
= posix_acl_valid(acl
);
301 if (acl
->a_count
> GFS2_ACL_MAX_ENTRIES
)
304 if (type
== ACL_TYPE_ACCESS
) {
305 mode_t mode
= inode
->i_mode
;
306 error
= posix_acl_equiv_mode(acl
, &mode
);
309 posix_acl_release(acl
);
316 error
= gfs2_set_mode(inode
, mode
);
322 error
= gfs2_xattr_set(inode
, GFS2_EATYPE_SYS
, name
, value
, size
, 0);
325 set_cached_acl(inode
, type
, acl
);
327 forget_cached_acl(inode
, type
);
330 posix_acl_release(acl
);
335 struct xattr_handler gfs2_xattr_system_handler
= {
336 .prefix
= XATTR_SYSTEM_PREFIX
,
337 .get
= gfs2_xattr_system_get
,
338 .set
= gfs2_xattr_system_set
,