Commit | Line | Data |
---|---|---|
b3b94faa DT |
1 | /* |
2 | * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved. | |
3a8a9a10 | 3 | * Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved. |
b3b94faa DT |
4 | * |
5 | * This copyrighted material is made available to anyone wishing to use, | |
6 | * modify, copy, or redistribute it subject to the terms and conditions | |
e9fc2aa0 | 7 | * of the GNU General Public License version 2. |
b3b94faa DT |
8 | */ |
9 | ||
b3b94faa DT |
10 | #include <linux/slab.h> |
11 | #include <linux/spinlock.h> | |
12 | #include <linux/completion.h> | |
13 | #include <linux/buffer_head.h> | |
aa0ac365 | 14 | #include <linux/capability.h> |
b3b94faa | 15 | #include <linux/xattr.h> |
5c676f6d | 16 | #include <linux/gfs2_ondisk.h> |
b3b94faa DT |
17 | #include <asm/uaccess.h> |
18 | ||
19 | #include "gfs2.h" | |
5c676f6d | 20 | #include "incore.h" |
b3b94faa DT |
21 | #include "acl.h" |
22 | #include "eaops.h" | |
23 | #include "eattr.h" | |
5c676f6d | 24 | #include "util.h" |
b3b94faa DT |
25 | |
26 | /** | |
27 | * gfs2_ea_name2type - get the type of the ea, and truncate type from the name | |
28 | * @namep: ea name, possibly with type appended | |
29 | * | |
30 | * Returns: GFS2_EATYPE_XXX | |
31 | */ | |
32 | ||
cca195c5 | 33 | unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name) |
b3b94faa DT |
34 | { |
35 | unsigned int type; | |
36 | ||
37 | if (strncmp(name, "system.", 7) == 0) { | |
38 | type = GFS2_EATYPE_SYS; | |
39 | if (truncated_name) | |
cca195c5 | 40 | *truncated_name = name + sizeof("system.") - 1; |
b3b94faa DT |
41 | } else if (strncmp(name, "user.", 5) == 0) { |
42 | type = GFS2_EATYPE_USR; | |
43 | if (truncated_name) | |
cca195c5 | 44 | *truncated_name = name + sizeof("user.") - 1; |
639b6d79 RH |
45 | } else if (strncmp(name, "security.", 9) == 0) { |
46 | type = GFS2_EATYPE_SECURITY; | |
47 | if (truncated_name) | |
cca195c5 | 48 | *truncated_name = name + sizeof("security.") - 1; |
b3b94faa DT |
49 | } else { |
50 | type = GFS2_EATYPE_UNUSED; | |
51 | if (truncated_name) | |
52 | *truncated_name = NULL; | |
53 | } | |
54 | ||
55 | return type; | |
56 | } | |
57 | ||
b3b94faa DT |
58 | static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) |
59 | { | |
60 | if (!GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) && | |
61 | !GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len) && | |
62 | !capable(CAP_SYS_ADMIN)) | |
63 | return -EPERM; | |
64 | ||
feaa7bba | 65 | if (GFS2_SB(&ip->i_inode)->sd_args.ar_posix_acl == 0 && |
b3b94faa DT |
66 | (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) || |
67 | GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len))) | |
68 | return -EOPNOTSUPP; | |
69 | ||
b3b94faa DT |
70 | return gfs2_ea_get_i(ip, er); |
71 | } | |
72 | ||
73 | static int system_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
74 | { | |
75 | int remove = 0; | |
76 | int error; | |
77 | ||
78 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
79 | if (!(er->er_flags & GFS2_ERF_MODE)) { | |
b60623c2 | 80 | er->er_mode = ip->i_inode.i_mode; |
b3b94faa DT |
81 | er->er_flags |= GFS2_ERF_MODE; |
82 | } | |
83 | error = gfs2_acl_validate_set(ip, 1, er, | |
84 | &remove, &er->er_mode); | |
85 | if (error) | |
86 | return error; | |
87 | error = gfs2_ea_set_i(ip, er); | |
88 | if (error) | |
89 | return error; | |
90 | if (remove) | |
91 | gfs2_ea_remove_i(ip, er); | |
92 | return 0; | |
93 | ||
94 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
95 | error = gfs2_acl_validate_set(ip, 0, er, | |
96 | &remove, NULL); | |
97 | if (error) | |
98 | return error; | |
99 | if (!remove) | |
100 | error = gfs2_ea_set_i(ip, er); | |
101 | else { | |
102 | error = gfs2_ea_remove_i(ip, er); | |
103 | if (error == -ENODATA) | |
104 | error = 0; | |
105 | } | |
907b9bce | 106 | return error; |
b3b94faa DT |
107 | } |
108 | ||
109 | return -EPERM; | |
110 | } | |
111 | ||
112 | static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
113 | { | |
114 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
115 | int error = gfs2_acl_validate_remove(ip, 1); | |
116 | if (error) | |
117 | return error; | |
118 | ||
119 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
120 | int error = gfs2_acl_validate_remove(ip, 0); | |
121 | if (error) | |
122 | return error; | |
123 | ||
124 | } else | |
125 | return -EPERM; | |
126 | ||
127 | return gfs2_ea_remove_i(ip, er); | |
128 | } | |
129 | ||
4ef29002 | 130 | static const struct gfs2_eattr_operations gfs2_user_eaops = { |
bcd40559 FDN |
131 | .eo_get = gfs2_ea_get_i, |
132 | .eo_set = gfs2_ea_set_i, | |
133 | .eo_remove = gfs2_ea_remove_i, | |
b3b94faa DT |
134 | .eo_name = "user", |
135 | }; | |
136 | ||
4ef29002 | 137 | const struct gfs2_eattr_operations gfs2_system_eaops = { |
b3b94faa DT |
138 | .eo_get = system_eo_get, |
139 | .eo_set = system_eo_set, | |
140 | .eo_remove = system_eo_remove, | |
141 | .eo_name = "system", | |
142 | }; | |
143 | ||
4ef29002 | 144 | static const struct gfs2_eattr_operations gfs2_security_eaops = { |
bcd40559 FDN |
145 | .eo_get = gfs2_ea_get_i, |
146 | .eo_set = gfs2_ea_set_i, | |
147 | .eo_remove = gfs2_ea_remove_i, | |
639b6d79 RH |
148 | .eo_name = "security", |
149 | }; | |
150 | ||
4ef29002 | 151 | const struct gfs2_eattr_operations *gfs2_ea_ops[] = { |
b3b94faa DT |
152 | NULL, |
153 | &gfs2_user_eaops, | |
154 | &gfs2_system_eaops, | |
e70409f5 | 155 | &gfs2_security_eaops, |
b3b94faa DT |
156 | }; |
157 |