Commit | Line | Data |
---|---|---|
b3b94faa DT |
1 | /* |
2 | * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved. | |
3a8a9a10 | 3 | * Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved. |
b3b94faa DT |
4 | * |
5 | * This copyrighted material is made available to anyone wishing to use, | |
6 | * modify, copy, or redistribute it subject to the terms and conditions | |
e9fc2aa0 | 7 | * of the GNU General Public License version 2. |
b3b94faa DT |
8 | */ |
9 | ||
b3b94faa DT |
10 | #include <linux/slab.h> |
11 | #include <linux/spinlock.h> | |
12 | #include <linux/completion.h> | |
13 | #include <linux/buffer_head.h> | |
aa0ac365 | 14 | #include <linux/capability.h> |
b3b94faa | 15 | #include <linux/xattr.h> |
5c676f6d | 16 | #include <linux/gfs2_ondisk.h> |
7d308590 | 17 | #include <linux/lm_interface.h> |
b3b94faa DT |
18 | #include <asm/uaccess.h> |
19 | ||
20 | #include "gfs2.h" | |
5c676f6d | 21 | #include "incore.h" |
b3b94faa DT |
22 | #include "acl.h" |
23 | #include "eaops.h" | |
24 | #include "eattr.h" | |
5c676f6d | 25 | #include "util.h" |
b3b94faa DT |
26 | |
27 | /** | |
28 | * gfs2_ea_name2type - get the type of the ea, and truncate type from the name | |
29 | * @namep: ea name, possibly with type appended | |
30 | * | |
31 | * Returns: GFS2_EATYPE_XXX | |
32 | */ | |
33 | ||
cca195c5 | 34 | unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name) |
b3b94faa DT |
35 | { |
36 | unsigned int type; | |
37 | ||
38 | if (strncmp(name, "system.", 7) == 0) { | |
39 | type = GFS2_EATYPE_SYS; | |
40 | if (truncated_name) | |
cca195c5 | 41 | *truncated_name = name + sizeof("system.") - 1; |
b3b94faa DT |
42 | } else if (strncmp(name, "user.", 5) == 0) { |
43 | type = GFS2_EATYPE_USR; | |
44 | if (truncated_name) | |
cca195c5 | 45 | *truncated_name = name + sizeof("user.") - 1; |
639b6d79 RH |
46 | } else if (strncmp(name, "security.", 9) == 0) { |
47 | type = GFS2_EATYPE_SECURITY; | |
48 | if (truncated_name) | |
cca195c5 | 49 | *truncated_name = name + sizeof("security.") - 1; |
b3b94faa DT |
50 | } else { |
51 | type = GFS2_EATYPE_UNUSED; | |
52 | if (truncated_name) | |
53 | *truncated_name = NULL; | |
54 | } | |
55 | ||
56 | return type; | |
57 | } | |
58 | ||
b3b94faa DT |
59 | static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) |
60 | { | |
61 | if (!GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) && | |
62 | !GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len) && | |
63 | !capable(CAP_SYS_ADMIN)) | |
64 | return -EPERM; | |
65 | ||
feaa7bba | 66 | if (GFS2_SB(&ip->i_inode)->sd_args.ar_posix_acl == 0 && |
b3b94faa DT |
67 | (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) || |
68 | GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len))) | |
69 | return -EOPNOTSUPP; | |
70 | ||
b3b94faa DT |
71 | return gfs2_ea_get_i(ip, er); |
72 | } | |
73 | ||
74 | static int system_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
75 | { | |
76 | int remove = 0; | |
77 | int error; | |
78 | ||
79 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
80 | if (!(er->er_flags & GFS2_ERF_MODE)) { | |
b60623c2 | 81 | er->er_mode = ip->i_inode.i_mode; |
b3b94faa DT |
82 | er->er_flags |= GFS2_ERF_MODE; |
83 | } | |
84 | error = gfs2_acl_validate_set(ip, 1, er, | |
85 | &remove, &er->er_mode); | |
86 | if (error) | |
87 | return error; | |
88 | error = gfs2_ea_set_i(ip, er); | |
89 | if (error) | |
90 | return error; | |
91 | if (remove) | |
92 | gfs2_ea_remove_i(ip, er); | |
93 | return 0; | |
94 | ||
95 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
96 | error = gfs2_acl_validate_set(ip, 0, er, | |
97 | &remove, NULL); | |
98 | if (error) | |
99 | return error; | |
100 | if (!remove) | |
101 | error = gfs2_ea_set_i(ip, er); | |
102 | else { | |
103 | error = gfs2_ea_remove_i(ip, er); | |
104 | if (error == -ENODATA) | |
105 | error = 0; | |
106 | } | |
907b9bce | 107 | return error; |
b3b94faa DT |
108 | } |
109 | ||
110 | return -EPERM; | |
111 | } | |
112 | ||
113 | static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) | |
114 | { | |
115 | if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) { | |
116 | int error = gfs2_acl_validate_remove(ip, 1); | |
117 | if (error) | |
118 | return error; | |
119 | ||
120 | } else if (GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)) { | |
121 | int error = gfs2_acl_validate_remove(ip, 0); | |
122 | if (error) | |
123 | return error; | |
124 | ||
125 | } else | |
126 | return -EPERM; | |
127 | ||
128 | return gfs2_ea_remove_i(ip, er); | |
129 | } | |
130 | ||
4ef29002 | 131 | static const struct gfs2_eattr_operations gfs2_user_eaops = { |
bcd40559 FDN |
132 | .eo_get = gfs2_ea_get_i, |
133 | .eo_set = gfs2_ea_set_i, | |
134 | .eo_remove = gfs2_ea_remove_i, | |
b3b94faa DT |
135 | .eo_name = "user", |
136 | }; | |
137 | ||
4ef29002 | 138 | const struct gfs2_eattr_operations gfs2_system_eaops = { |
b3b94faa DT |
139 | .eo_get = system_eo_get, |
140 | .eo_set = system_eo_set, | |
141 | .eo_remove = system_eo_remove, | |
142 | .eo_name = "system", | |
143 | }; | |
144 | ||
4ef29002 | 145 | static const struct gfs2_eattr_operations gfs2_security_eaops = { |
bcd40559 FDN |
146 | .eo_get = gfs2_ea_get_i, |
147 | .eo_set = gfs2_ea_set_i, | |
148 | .eo_remove = gfs2_ea_remove_i, | |
639b6d79 RH |
149 | .eo_name = "security", |
150 | }; | |
151 | ||
4ef29002 | 152 | const struct gfs2_eattr_operations *gfs2_ea_ops[] = { |
b3b94faa DT |
153 | NULL, |
154 | &gfs2_user_eaops, | |
155 | &gfs2_system_eaops, | |
e70409f5 | 156 | &gfs2_security_eaops, |
b3b94faa DT |
157 | }; |
158 |