Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
d58fda90
Commit
d58fda90
authored
Dec 12, 2004
by
Dave Kleikamp
Browse files
Options
Browse Files
Download
Plain Diff
Merge
bk://linux.bkbits.net/linux-2.5
into bkbits.net:/repos/j/jfs/linux-2.5
parents
48b28cc7
d6828b19
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
75 additions
and
7 deletions
+75
-7
fs/Kconfig
fs/Kconfig
+12
-0
fs/jfs/inode.c
fs/jfs/inode.c
+8
-3
fs/jfs/xattr.c
fs/jfs/xattr.c
+55
-4
No files found.
fs/Kconfig
View file @
d58fda90
...
...
@@ -266,6 +266,18 @@ config JFS_POSIX_ACL
If you don't know what Access Control Lists are, say N
config JFS_SECURITY
bool "JFS Security Labels"
depends on JFS_FS
help
Security labels support alternative access control models
implemented by security modules like SELinux. This option
enables an extended attribute handler for file security
labels in the jfs filesystem.
If you are not using a security module that requires using
extended attributes for file security labels, say N.
config JFS_DEBUG
bool "JFS debugging"
depends on JFS_FS
...
...
fs/jfs/inode.c
View file @
d58fda90
...
...
@@ -81,8 +81,7 @@ int jfs_commit_inode(struct inode *inode, int wait)
* Don't commit if inode has been committed since last being
* marked dirty, or if it has been deleted.
*/
if
(
test_cflag
(
COMMIT_Nolink
,
inode
)
||
!
test_cflag
(
COMMIT_Dirty
,
inode
))
if
(
inode
->
i_nlink
==
0
||
!
test_cflag
(
COMMIT_Dirty
,
inode
))
return
0
;
if
(
isReadOnly
(
inode
))
{
...
...
@@ -100,7 +99,13 @@ int jfs_commit_inode(struct inode *inode, int wait)
tid
=
txBegin
(
inode
->
i_sb
,
COMMIT_INODE
);
down
(
&
JFS_IP
(
inode
)
->
commit_sem
);
rc
=
txCommit
(
tid
,
1
,
&
inode
,
wait
?
COMMIT_SYNC
:
0
);
/*
* Retest inode state after taking commit_sem
*/
if
(
inode
->
i_nlink
&&
test_cflag
(
COMMIT_Dirty
,
inode
))
rc
=
txCommit
(
tid
,
1
,
&
inode
,
wait
?
COMMIT_SYNC
:
0
);
txEnd
(
tid
);
up
(
&
JFS_IP
(
inode
)
->
commit_sem
);
return
rc
;
...
...
fs/jfs/xattr.c
View file @
d58fda90
...
...
@@ -91,6 +91,12 @@ struct ea_buffer {
#define XATTR_OS2_PREFIX "os2."
#define XATTR_OS2_PREFIX_LEN (sizeof (XATTR_OS2_PREFIX) - 1)
/* XATTR_SECURITY_PREFIX is defined in include/linux/xattr.h */
#define XATTR_SECURITY_PREFIX_LEN (sizeof (XATTR_SECURITY_PREFIX) - 1)
#define XATTR_TRUSTED_PREFIX "trusted."
#define XATTR_TRUSTED_PREFIX_LEN (sizeof (XATTR_TRUSTED_PREFIX) - 1)
/*
* These three routines are used to recognize on-disk extended attributes
* that are in a recognized namespace. If the attribute is not recognized,
...
...
@@ -110,6 +116,19 @@ static inline int is_os2_xattr(struct jfs_ea *ea)
if
((
ea
->
namelen
>=
XATTR_USER_PREFIX_LEN
)
&&
!
strncmp
(
ea
->
name
,
XATTR_USER_PREFIX
,
XATTR_USER_PREFIX_LEN
))
return
FALSE
;
/*
* Check for "security."
*/
if
((
ea
->
namelen
>=
XATTR_SECURITY_PREFIX_LEN
)
&&
!
strncmp
(
ea
->
name
,
XATTR_SECURITY_PREFIX
,
XATTR_SECURITY_PREFIX_LEN
))
return
FALSE
;
/*
* Check for "trusted."
*/
if
((
ea
->
namelen
>=
XATTR_TRUSTED_PREFIX_LEN
)
&&
!
strncmp
(
ea
->
name
,
XATTR_TRUSTED_PREFIX
,
XATTR_TRUSTED_PREFIX_LEN
))
return
FALSE
;
/*
* Add any other valid namespace prefixes here
*/
...
...
@@ -770,6 +789,15 @@ static int can_set_xattr(struct inode *inode, const char *name,
*/
return
can_set_system_xattr
(
inode
,
name
,
value
,
value_len
);
if
(
strncmp
(
name
,
XATTR_TRUSTED_PREFIX
,
XATTR_TRUSTED_PREFIX_LEN
)
!=
0
)
return
(
capable
(
CAP_SYS_ADMIN
)
?
0
:
-
EPERM
);
#ifdef CONFIG_JFS_SECURITY
if
(
strncmp
(
name
,
XATTR_SECURITY_PREFIX
,
XATTR_SECURITY_PREFIX_LEN
)
!=
0
)
return
0
;
/* Leave it to the security module */
#endif
if
((
strncmp
(
name
,
XATTR_USER_PREFIX
,
XATTR_USER_PREFIX_LEN
)
!=
0
)
&&
(
strncmp
(
name
,
XATTR_OS2_PREFIX
,
XATTR_OS2_PREFIX_LEN
)
!=
0
))
return
-
EOPNOTSUPP
;
...
...
@@ -937,8 +965,17 @@ int jfs_setxattr(struct dentry *dentry, const char *name, const void *value,
static
int
can_get_xattr
(
struct
inode
*
inode
,
const
char
*
name
)
{
#ifdef CONFIG_JFS_SECURITY
if
(
strncmp
(
name
,
XATTR_SECURITY_PREFIX
,
XATTR_SECURITY_PREFIX_LEN
)
==
0
)
return
0
;
#endif
if
(
strncmp
(
name
,
XATTR_TRUSTED_PREFIX
,
XATTR_TRUSTED_PREFIX_LEN
)
==
0
)
return
(
capable
(
CAP_SYS_ADMIN
)
?
0
:
-
EPERM
);
if
(
strncmp
(
name
,
XATTR_SYSTEM_PREFIX
,
XATTR_SYSTEM_PREFIX_LEN
)
==
0
)
return
0
;
return
permission
(
inode
,
MAY_READ
,
NULL
);
}
...
...
@@ -1021,6 +1058,16 @@ ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data,
return
err
;
}
/*
* No special permissions are needed to list attributes except for trusted.*
*/
static
inline
int
can_list
(
struct
jfs_ea
*
ea
)
{
return
(
strncmp
(
ea
->
name
,
XATTR_TRUSTED_PREFIX
,
XATTR_TRUSTED_PREFIX_LEN
)
||
capable
(
CAP_SYS_ADMIN
));
}
ssize_t
jfs_listxattr
(
struct
dentry
*
dentry
,
char
*
data
,
size_t
buf_size
)
{
struct
inode
*
inode
=
dentry
->
d_inode
;
...
...
@@ -1045,8 +1092,10 @@ ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size)
ealist
=
(
struct
jfs_ea_list
*
)
ea_buf
.
xattr
;
/* compute required size of list */
for
(
ea
=
FIRST_EA
(
ealist
);
ea
<
END_EALIST
(
ealist
);
ea
=
NEXT_EA
(
ea
))
size
+=
name_size
(
ea
)
+
1
;
for
(
ea
=
FIRST_EA
(
ealist
);
ea
<
END_EALIST
(
ealist
);
ea
=
NEXT_EA
(
ea
))
{
if
(
can_list
(
ea
))
size
+=
name_size
(
ea
)
+
1
;
}
if
(
!
data
)
goto
release
;
...
...
@@ -1059,8 +1108,10 @@ ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size)
/* Copy attribute names to buffer */
buffer
=
data
;
for
(
ea
=
FIRST_EA
(
ealist
);
ea
<
END_EALIST
(
ealist
);
ea
=
NEXT_EA
(
ea
))
{
int
namelen
=
copy_name
(
buffer
,
ea
);
buffer
+=
namelen
+
1
;
if
(
can_list
(
ea
))
{
int
namelen
=
copy_name
(
buffer
,
ea
);
buffer
+=
namelen
+
1
;
}
}
release:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment