summaryrefslogtreecommitdiff
path: root/fs/jffs2/acl.h
AgeCommit message (Collapse)AuthorFilesLines
2021-01-24fs: make helpers idmap mount awareChristian Brauner1-1/+2
Extend some inode methods with an additional user namespace argument. A filesystem that is aware of idmapped mounts will receive the user namespace the mount has been marked with. This can be used for additional permission checking and also to enable filesystems to translate between uids and gids if they need to. We have implemented all relevant helpers in earlier patches. As requested we simply extend the exisiting inode method instead of introducing new ones. This is a little more code churn but it's mostly mechanical and doesnt't leave us with additional inode methods. Link: https://lore.kernel.org/r/20210121131959.646623-25-christian.brauner@ubuntu.com Cc: Christoph Hellwig <hch@lst.de> Cc: David Howells <dhowells@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: linux-fsdevel@vger.kernel.org Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-06-13Convert jffs2 acl to struct_sizeMatthew Wilcox1-0/+1
Need to tell the compiler that the acl entries follow the acl header. Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com> Signed-off-by: Kees Cook <keescook@chromium.org>
2014-01-26jffs2: use generic posix ACL infrastructureChristoph Hellwig1-5/+2
Also don't bother to set up a .get_acl method for symlinks as we do not support access control (ACLs or even mode bits) for symlinks in Linux. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-08-01switch posix_acl_create() to umode_t *Al Viro1-1/+1
so we can pass &inode->i_mode to it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-25fs: take the ACL checks to common codeChristoph Hellwig1-2/+2
Replace the ->check_acl method with a ->get_acl method that simply reads an ACL from disk after having a cache miss. This means we can replace the ACL checking boilerplate code with a single implementation in namei.c. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-24fix jffs2 ACLs on big-endian with 16bit mode_tAl Viro1-1/+1
casting int * to mode_t * is not a good thing - on a *lot* of big-endian architectures mode_t happens to be smaller than int and there it breaks quite spectaculary... Fucked-up-by: commit cfc8dc6f6f69ede939e09c2af06a01adee577285 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20->permission() sanitizing: don't pass flags to ->check_acl()Al Viro1-1/+1
not used in the instances anymore. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-01-07fs: provide rcu-walk aware permission i_opsNick Piggin1-1/+1
Signed-off-by: Nick Piggin <npiggin@kernel.dk>
2010-05-22jffs2: constify xattr_handlerStephen Hemminger1-2/+2
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-09-08jffs2/jfs/xfs: switch over to 'check_acl' rather than 'permission()'Linus Torvalds1-2/+2
This avoids an indirect call in the VFS for each path component lookup. Well, at least as long as you own the directory in question, and the ACL check is unnecessary. Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-06-24switch jffs2 to inode->i_aclAl Viro1-4/+0
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-07-27[PATCH] sanitize ->permission() prototypeAl Viro1-1/+1
* kill nameidata * argument; map the 3 bits in ->flags anybody cares about to new MAY_... ones and pass with the mask. * kill redundant gfs2_iop_permission() * sanitize ecryptfs_permission() * fix remaining places where ->permission() instances might barf on new MAY_... found in mask. The obvious next target in that direction is permission(9) folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2007-11-06[JFFS2] make jffs2_get_acl() staticAdrian Bunk1-2/+0
jffs2_get_acl() can now become static again. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-10-20[JFFS2] Tidy up fix for ACL/permissions problem.KaiGai Kohei1-5/+7
[In commit 9ed437c50d89eabae763dd422579f73fdebf288d we fixed a problem with standard permissions on newly-created inodes, when POSIX ACLs are enabled. This cleans it up...] The attached patch separate jffs2_init_acl() into two parts. The one is jffs2_init_acl_pre() called from jffs2_new_inode(). It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL objects associated with the new inode just before when inode meta infomation is written to the medium. The other is jffs2_init_acl_post() called from jffs2_symlink(), jffs2_mkdir(), jffs2_mknod() and jffs2_do_create(). It actually writes in-memory ACL objects into the medium next to the success of writing meta-information. In the current implementation, we have to write a same inode meta infomation twice when inode->i_mode is updated by the default ACL. However, we can avoid the behavior by putting an updated i_mode before it is written at first, as jffs2_init_acl_pre() doing. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-08-22[JFFS2] Fix ACL vs. mode handling.David Woodhouse1-1/+3
When POSIX ACL support was enabled, we weren't writing correct legacy modes to the medium on inode creation, or when the ACL was set. This meant that the permissions would be incorrect after the file system was remounted. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2007-04-25[JFFS2] Tidy up licensing/copyright boilerplate.David Woodhouse1-1/+2
In particular, remove the bit in the LICENCE file about contacting Red Hat for alternative arrangements. Their errant IS department broke that arrangement a long time ago -- the policy of collecting copyright assignments from contributors came to an end when the plug was pulled on the servers hosting the project, without notice or reason. We do still dual-license it for use with eCos, with the GPL+exception licence approved by the FSF as being GPL-compatible. It's just that nobody has the right to license it differently. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-07-02[JFFS2][XATTR] Fix memory leak in POSIX-ACL supportKaiGai Kohei1-2/+2
jffs2_clear_acl() which releases acl caches allocated by kmalloc() was defined but it was never called. Thus, we faced to the risk of memory leaking. This patch plugs jffs2_clear_acl() into jffs2_do_clear_inode(). It ensures to release acl cache when inode is cleared. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-13[JFFS2][XATTR] remove '__KERNEL__' from acl.hKaiGai Kohei1-2/+0
[9/10] jffs2-xattr-v5.1-09-remove__KERNEL__.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] Unify each file header part with any jffs2 file.KaiGai Kohei1-7/+8
Unify each file header part with any jffs2 file. [7/10] jffs2-xattr-v5.1-07-unify_file_header.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] remove typedef from posix_acl related definition.KaiGai Kohei1-6/+6
jffs2_acl_header, jffs2_acl_entry and jffs2_acl_entry_short were redefined with using 'struct' instead of 'typedef' in kernel implementation. [1/10] jffs2-xattr-v5.1-01-remove_typedef_kernel.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
2006-05-13[JFFS2][XATTR] XATTR support on JFFS2 (version. 5)KaiGai Kohei1-0/+46
This attached patches provide xattr support including POSIX-ACL and SELinux support on JFFS2 (version.5). There are some significant differences from previous version posted at last December. The biggest change is addition of EBS(Erase Block Summary) support. Currently, both kernel and usermode utility (sumtool) can recognize xattr nodes which have JFFS2_NODETYPE_XATTR/_XREF nodetype. In addition, some bugs are fixed. - A potential race condition was fixed. - Unexpected fail when updating a xattr by same name/value pair was fixed. - A bug when removing xattr name/value pair was fixed. The fundamental structures (such as using two new nodetypes and exclusion mechanism by rwsem) are unchanged. But most of implementation were reviewed and updated if necessary. Espacially, we had to change several internal implementations related to load_xattr_datum() to avoid a potential race condition. [1/2] xattr_on_jffs2.kernel.version-5.patch [2/2] xattr_on_jffs2.utils.version-5.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>