Commit ddb59b52 authored by Nathan Scott's avatar Nathan Scott

[XFS] Remove crufty old cap/mac code - never used, never compiled, gone.

SGI Modid: xfs-linux:xfs-kern:19601a
Signed-off-by: default avatarNathan Scott <nathans@sgi.com>
parent 02e55c81
...@@ -67,8 +67,6 @@ endif ...@@ -67,8 +67,6 @@ endif
xfs-$(CONFIG_XFS_RT) += xfs_rtalloc.o xfs-$(CONFIG_XFS_RT) += xfs_rtalloc.o
xfs-$(CONFIG_XFS_POSIX_ACL) += xfs_acl.o xfs-$(CONFIG_XFS_POSIX_ACL) += xfs_acl.o
xfs-$(CONFIG_XFS_POSIX_CAP) += xfs_cap.o
xfs-$(CONFIG_XFS_POSIX_MAC) += xfs_mac.o
xfs-$(CONFIG_PROC_FS) += linux-2.6/xfs_stats.o xfs-$(CONFIG_PROC_FS) += linux-2.6/xfs_stats.o
xfs-$(CONFIG_SYSCTL) += linux-2.6/xfs_sysctl.o xfs-$(CONFIG_SYSCTL) += linux-2.6/xfs_sysctl.o
xfs-$(CONFIG_COMPAT) += linux-2.6/xfs_ioctl32.o xfs-$(CONFIG_COMPAT) += linux-2.6/xfs_ioctl32.o
......
/*
* Copyright (c) 2002 Silicon Graphics, Inc. All Rights Reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of version 2 of the GNU General Public License as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it would be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* Further, this software is distributed without any warranty that it is
* free of the rightful claim of any third person regarding infringement
* or the like. Any license provided herein, whether implied or
* otherwise, applies only to this software file. Patent licenses, if
* any, provided herein do not apply to combinations of this program with
* other software, or any other product whatsoever.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston MA 02111-1307, USA.
*
* Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy,
* Mountain View, CA 94043, or:
*
* http://www.sgi.com
*
* For further information regarding this notice, see:
*
* http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/
*/
#include "xfs.h"
STATIC int xfs_cap_allow_set(vnode_t *);
/*
* Test for existence of capability attribute as efficiently as possible.
*/
int
xfs_cap_vhascap(
vnode_t *vp)
{
int error;
int len = sizeof(xfs_cap_set_t);
int flags = ATTR_KERNOVAL|ATTR_ROOT;
VOP_ATTR_GET(vp, SGI_CAP_LINUX, NULL, &len, flags, sys_cred, error);
return (error == 0);
}
/*
* Convert from extended attribute representation to in-memory for XFS.
*/
STATIC int
posix_cap_xattr_to_xfs(
posix_cap_xattr *src,
size_t size,
xfs_cap_set_t *dest)
{
if (!src || !dest)
return EINVAL;
if (src->c_version != cpu_to_le32(POSIX_CAP_XATTR_VERSION))
return EINVAL;
if (src->c_abiversion != cpu_to_le32(_LINUX_CAPABILITY_VERSION))
return EINVAL;
if (size < sizeof(posix_cap_xattr))
return EINVAL;
ASSERT(sizeof(dest->cap_effective) == sizeof(src->c_effective));
dest->cap_effective = src->c_effective;
dest->cap_permitted = src->c_permitted;
dest->cap_inheritable = src->c_inheritable;
return 0;
}
/*
* Convert from in-memory XFS to extended attribute representation.
*/
STATIC int
posix_cap_xfs_to_xattr(
xfs_cap_set_t *src,
posix_cap_xattr *xattr_cap,
size_t size)
{
size_t new_size = posix_cap_xattr_size();
if (size < new_size)
return -ERANGE;
ASSERT(sizeof(xattr_cap->c_effective) == sizeof(src->cap_effective));
xattr_cap->c_version = cpu_to_le32(POSIX_CAP_XATTR_VERSION);
xattr_cap->c_abiversion = cpu_to_le32(_LINUX_CAPABILITY_VERSION);
xattr_cap->c_effective = src->cap_effective;
xattr_cap->c_permitted = src->cap_permitted;
xattr_cap->c_inheritable= src->cap_inheritable;
return new_size;
}
int
xfs_cap_vget(
vnode_t *vp,
void *cap,
size_t size)
{
int error;
int len = sizeof(xfs_cap_set_t);
int flags = ATTR_ROOT;
xfs_cap_set_t xfs_cap = { 0 };
posix_cap_xattr *xattr_cap = cap;
char *data = (char *)&xfs_cap;
VN_HOLD(vp);
if ((error = _MAC_VACCESS(vp, NULL, VREAD)))
goto out;
if (!size) {
flags |= ATTR_KERNOVAL;
data = NULL;
}
VOP_ATTR_GET(vp, SGI_CAP_LINUX, data, &len, flags, sys_cred, error);
if (error)
goto out;
ASSERT(len == sizeof(xfs_cap_set_t));
error = (size)? -posix_cap_xattr_size() :
-posix_cap_xfs_to_xattr(&xfs_cap, xattr_cap, size);
out:
VN_RELE(vp);
return -error;
}
int
xfs_cap_vremove(
vnode_t *vp)
{
int error;
VN_HOLD(vp);
error = xfs_cap_allow_set(vp);
if (!error) {
VOP_ATTR_REMOVE(vp, SGI_CAP_LINUX, ATTR_ROOT, sys_cred, error);
if (error == ENOATTR)
error = 0; /* 'scool */
}
VN_RELE(vp);
return -error;
}
int
xfs_cap_vset(
vnode_t *vp,
void *cap,
size_t size)
{
posix_cap_xattr *xattr_cap = cap;
xfs_cap_set_t xfs_cap;
int error;
if (!cap)
return -EINVAL;
error = posix_cap_xattr_to_xfs(xattr_cap, size, &xfs_cap);
if (error)
return -error;
VN_HOLD(vp);
error = xfs_cap_allow_set(vp);
if (error)
goto out;
VOP_ATTR_SET(vp, SGI_CAP_LINUX, (char *)&xfs_cap,
sizeof(xfs_cap_set_t), ATTR_ROOT, sys_cred, error);
out:
VN_RELE(vp);
return -error;
}
STATIC int
xfs_cap_allow_set(
vnode_t *vp)
{
vattr_t va;
int error;
if (vp->v_vfsp->vfs_flag & VFS_RDONLY)
return EROFS;
if (vp->v_inode.i_flags & (S_IMMUTABLE|S_APPEND))
return EPERM;
if ((error = _MAC_VACCESS(vp, NULL, VWRITE)))
return error;
va.va_mask = XFS_AT_UID;
VOP_GETATTR(vp, &va, 0, NULL, error);
if (error)
return error;
if (va.va_uid != current->fsuid && !capable(CAP_FOWNER))
return EPERM;
return error;
}
/*
* Copyright (c) 2000-2002 Silicon Graphics, Inc. All Rights Reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of version 2 of the GNU General Public License as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it would be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* Further, this software is distributed without any warranty that it is
* free of the rightful claim of any third person regarding infringement
* or the like. Any license provided herein, whether implied or
* otherwise, applies only to this software file. Patent licenses, if
* any, provided herein do not apply to combinations of this program with
* other software, or any other product whatsoever.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston MA 02111-1307, USA.
*
* Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy,
* Mountain View, CA 94043, or:
*
* http://www.sgi.com
*
* For further information regarding this notice, see:
*
* http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/
*/
#include "xfs.h"
static xfs_mac_label_t *mac_low_high_lp;
static xfs_mac_label_t *mac_high_low_lp;
static xfs_mac_label_t *mac_admin_high_lp;
static xfs_mac_label_t *mac_equal_equal_lp;
/*
* Test for the existence of a MAC label as efficiently as possible.
*/
int
xfs_mac_vhaslabel(
vnode_t *vp)
{
int error;
int len = sizeof(xfs_mac_label_t);
int flags = ATTR_KERNOVAL|ATTR_ROOT;
VOP_ATTR_GET(vp, SGI_MAC_FILE, NULL, &len, flags, sys_cred, error);
return (error == 0);
}
int
xfs_mac_iaccess(xfs_inode_t *ip, mode_t mode, struct cred *cr)
{
xfs_mac_label_t mac;
xfs_mac_label_t *mp = mac_high_low_lp;
if (cr == NULL || sys_cred == NULL ) {
return EACCES;
}
if (xfs_attr_fetch(ip, SGI_MAC_FILE, (char *)&mac, sizeof(mac)) == 0) {
if ((mp = mac_add_label(&mac)) == NULL) {
return mac_access(mac_high_low_lp, cr, mode);
}
}
return mac_access(mp, cr, mode);
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment