From: Christoph Hellwig Date: Tue, 10 Jan 2006 04:52:00 +0000 (-0800) Subject: [PATCH] remove xfs xattr permission checks X-Git-Url: http://drtracing.org/?a=commitdiff_plain;h=3542c6e18f6470bad2bde1e94331e4f488a8d3f1;p=deliverable%2Flinux.git [PATCH] remove xfs xattr permission checks remove checks now in the VFS XFS has an additional xattr interface through obscure ioctl. it requires raised capabilities but we need to add some read-only/immutable checks anyway Signed-off-by: Christoph Hellwig Cc: Nathan Scott Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c index b78b5eb9e96c..f98c5be3dfe7 100644 --- a/fs/xfs/linux-2.6/xfs_ioctl.c +++ b/fs/xfs/linux-2.6/xfs_ioctl.c @@ -530,6 +530,8 @@ xfs_attrmulti_attr_set( char *kbuf; int error = EFAULT; + if (IS_RDONLY(&vp->v_inode)) + return -EROFS; if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) return EPERM; if (len > XATTR_SIZE_MAX) @@ -557,6 +559,9 @@ xfs_attrmulti_attr_remove( { int error; + + if (IS_RDONLY(&vp->v_inode)) + return -EROFS; if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode)) return EPERM; diff --git a/fs/xfs/xfs_attr.c b/fs/xfs/xfs_attr.c index 5484eeb460c8..1a11c2b51701 100644 --- a/fs/xfs/xfs_attr.c +++ b/fs/xfs/xfs_attr.c @@ -117,11 +117,6 @@ xfs_attr_fetch(xfs_inode_t *ip, const char *name, int namelen, ip->i_d.di_anextents == 0)) return(ENOATTR); - if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) { - if ((error = xfs_iaccess(ip, S_IRUSR, cred))) - return(XFS_ERROR(error)); - } - /* * Fill in the arg structure for this request. */ @@ -425,7 +420,7 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f struct cred *cred) { xfs_inode_t *dp; - int namelen, error; + int namelen; namelen = strlen(name); if (namelen >= MAXNAMELEN) @@ -437,14 +432,6 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f if (XFS_FORCED_SHUTDOWN(dp->i_mount)) return (EIO); - xfs_ilock(dp, XFS_ILOCK_SHARED); - if (!(flags & ATTR_SECURE) && - (error = xfs_iaccess(dp, S_IWUSR, cred))) { - xfs_iunlock(dp, XFS_ILOCK_SHARED); - return(XFS_ERROR(error)); - } - xfs_iunlock(dp, XFS_ILOCK_SHARED); - return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags); } @@ -579,7 +566,7 @@ int xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) { xfs_inode_t *dp; - int namelen, error; + int namelen; namelen = strlen(name); if (namelen >= MAXNAMELEN) @@ -592,11 +579,7 @@ xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred) return (EIO); xfs_ilock(dp, XFS_ILOCK_SHARED); - if (!(flags & ATTR_SECURE) && - (error = xfs_iaccess(dp, S_IWUSR, cred))) { - xfs_iunlock(dp, XFS_ILOCK_SHARED); - return(XFS_ERROR(error)); - } else if (XFS_IFORK_Q(dp) == 0 || + if (XFS_IFORK_Q(dp) == 0 || (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS && dp->i_d.di_anextents == 0)) { xfs_iunlock(dp, XFS_ILOCK_SHARED); @@ -668,12 +651,6 @@ xfs_attr_list(bhv_desc_t *bdp, char *buffer, int bufsize, int flags, return (EIO); xfs_ilock(dp, XFS_ILOCK_SHARED); - if (!(flags & ATTR_SECURE) && - (error = xfs_iaccess(dp, S_IRUSR, cred))) { - xfs_iunlock(dp, XFS_ILOCK_SHARED); - return(XFS_ERROR(error)); - } - /* * Decide on what work routines to call based on the inode size. */