/* * No need for i_mutex because the inode is not yet exposed to the VFS. */ int xfs_inherit_acl(struct inode *inode, struct posix_acl *acl) { umode_t mode = inode->i_mode; int error = 0, inherit = 0; if (S_ISDIR(inode->i_mode)) { error = xfs_set_acl(inode, ACL_TYPE_DEFAULT, acl); if (error) goto out; } error = posix_acl_create(&acl, GFP_KERNEL, &mode); if (error < 0) return error; /* * If posix_acl_create returns a positive value we need to * inherit a permission that can't be represented using the Unix * mode bits and we actually need to set an ACL. */ if (error > 0) inherit = 1; error = xfs_set_mode(inode, mode); if (error) goto out; if (inherit) error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl); out: posix_acl_release(acl); return error; }
int xfs_acl_chmod(struct inode *inode) { struct posix_acl *acl, *clone; int error; if (S_ISLNK(inode->i_mode)) return -EOPNOTSUPP; acl = xfs_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); clone = posix_acl_clone(acl, GFP_KERNEL); posix_acl_release(acl); if (!clone) return -ENOMEM; error = posix_acl_chmod_masq(clone, inode->i_mode); if (!error) error = xfs_set_acl(inode, ACL_TYPE_ACCESS, clone); posix_acl_release(clone); return error; }
static int xfs_xattr_acl_set(struct dentry *dentry, const char *name, const void *value, size_t size, int flags, int type) { struct inode *inode = dentry->d_inode; struct posix_acl *acl = NULL; int error = 0; if (flags & XATTR_CREATE) return -EINVAL; if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) return value ? -EACCES : 0; if ((current_fsuid() != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (!value) goto set_acl; acl = posix_acl_from_xattr(&init_user_ns, value, size); if (!acl) { /* * acl_set_file(3) may request that we set default ACLs with * zero length -- defend (gracefully) against that here. */ goto out; } if (IS_ERR(acl)) { error = PTR_ERR(acl); goto out; } error = posix_acl_valid(acl); if (error) goto out_release; error = -EINVAL; if (acl->a_count > XFS_ACL_MAX_ENTRIES(XFS_M(inode->i_sb))) goto out_release; if (type == ACL_TYPE_ACCESS) { umode_t mode = inode->i_mode; struct posix_acl *old_acl = acl; error = posix_acl_update_mode(inode, &mode, &acl); if (!acl) posix_acl_release(old_acl); if (error) goto out_release; error = xfs_set_mode(inode, mode); if (error) goto out_release; } set_acl: error = xfs_set_acl(inode, type, acl); out_release: posix_acl_release(acl); out: return error; }
/* * No need for i_mutex because the inode is not yet exposed to the VFS. */ int xfs_inherit_acl(struct inode *inode, struct posix_acl *default_acl) { struct posix_acl *clone; mode_t mode; int error = 0, inherit = 0; if (S_ISDIR(inode->i_mode)) { error = xfs_set_acl(inode, ACL_TYPE_DEFAULT, default_acl); if (error) return error; } clone = posix_acl_clone(default_acl, GFP_KERNEL); if (!clone) return -ENOMEM; mode = inode->i_mode; error = posix_acl_create_masq(clone, &mode); if (error < 0) goto out_release_clone; /* * If posix_acl_create_masq returns a positive value we need to * inherit a permission that can't be represented using the Unix * mode bits and we actually need to set an ACL. */ if (error > 0) inherit = 1; error = xfs_set_mode(inode, mode); if (error) goto out_release_clone; if (inherit) error = xfs_set_acl(inode, ACL_TYPE_ACCESS, clone); out_release_clone: posix_acl_release(clone); return error; }
int xfs_acl_chmod(struct inode *inode) { struct posix_acl *acl; int error; if (S_ISLNK(inode->i_mode)) return -EOPNOTSUPP; acl = xfs_get_acl(inode, ACL_TYPE_ACCESS); if (IS_ERR(acl) || !acl) return PTR_ERR(acl); error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode); if (error) return error; error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl); posix_acl_release(acl); return error; }
STATIC int xfs_vn_mknod( struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; struct xfs_inode *ip = NULL; struct posix_acl *default_acl, *acl; struct xfs_name name; int error; /* * Irix uses Missed'em'V split, but doesn't want to see * the upper 5 bits of (14bit) major. */ if (S_ISCHR(mode) || S_ISBLK(mode)) { if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) return -EINVAL; rdev = sysv_encode_dev(rdev); } else { rdev = 0; } error = posix_acl_create(dir, &mode, &default_acl, &acl); if (error) return error; xfs_dentry_to_name(&name, dentry, mode); error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); if (unlikely(error)) goto out_free_acl; inode = VFS_I(ip); error = xfs_init_security(inode, dir, &dentry->d_name); if (unlikely(error)) goto out_cleanup_inode; #ifdef CONFIG_XFS_POSIX_ACL if (default_acl) { error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); if (error) goto out_cleanup_inode; } if (acl) { error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); if (error) goto out_cleanup_inode; } #endif d_instantiate(dentry, inode); out_free_acl: if (default_acl) posix_acl_release(default_acl); if (acl) posix_acl_release(acl); return -error; out_cleanup_inode: xfs_cleanup_inode(dir, inode, dentry); goto out_free_acl; }
static int xfs_xattr_system_set(struct inode *inode, const char *name, const void *value, size_t size, int flags) { struct posix_acl *acl = NULL; int error = 0, type; type = xfs_decode_acl(name); if (type < 0) return type; if (flags & XATTR_CREATE) return -EINVAL; if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) return value ? -EACCES : 0; if ((current_fsuid() != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (!value) goto set_acl; acl = posix_acl_from_xattr(value, size); if (!acl) { /* * acl_set_file(3) may request that we set default ACLs with * zero length -- defend (gracefully) against that here. */ goto out; } if (IS_ERR(acl)) { error = PTR_ERR(acl); goto out; } error = posix_acl_valid(acl); if (error) goto out_release; error = -EINVAL; if (acl->a_count > XFS_ACL_MAX_ENTRIES) goto out_release; if (type == ACL_TYPE_ACCESS) { mode_t mode = inode->i_mode; error = posix_acl_equiv_mode(acl, &mode); if (error <= 0) { posix_acl_release(acl); acl = NULL; if (error < 0) return error; } error = xfs_set_mode(inode, mode); if (error) goto out_release; } set_acl: error = xfs_set_acl(inode, type, acl); out_release: posix_acl_release(acl); out: return error; }