[JFFS2] Tidy up fix for ACL/permissions problem.
[In commit 9ed437c50d we fixed a problem
with standard permissions on newly-created inodes, when POSIX ACLs are
enabled. This cleans it up...]
The attached patch separate jffs2_init_acl() into two parts.
The one is jffs2_init_acl_pre() called from jffs2_new_inode().
It compute ACL oriented inode->i_mode bits, and allocate in-memory ACL
objects associated with the new inode just before when inode meta
infomation is written to the medium.
The other is jffs2_init_acl_post() called from jffs2_symlink(),
jffs2_mkdir(), jffs2_mknod() and jffs2_do_create().
It actually writes in-memory ACL objects into the medium next to
the success of writing meta-information.
In the current implementation, we have to write a same inode meta
infomation twice when inode->i_mode is updated by the default ACL.
However, we can avoid the behavior by putting an updated i_mode
before it is written at first, as jffs2_init_acl_pre() doing.
Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
KaiGai Kohei
committed by
David Woodhouse
David Woodhouse
parent
e8b8c97773
commit
cfc8dc6f6f
101
fs/jffs2/acl.c
101
fs/jffs2/acl.c
@@ -228,11 +228,28 @@ struct posix_acl *jffs2_get_acl(struct inode *inode, int type)
|
||||
return acl;
|
||||
}
|
||||
|
||||
static int __jffs2_set_acl(struct inode *inode, int xprefix, struct posix_acl *acl)
|
||||
{
|
||||
char *value = NULL;
|
||||
size_t size = 0;
|
||||
int rc;
|
||||
|
||||
if (acl) {
|
||||
value = jffs2_acl_to_medium(acl, &size);
|
||||
if (IS_ERR(value))
|
||||
return PTR_ERR(value);
|
||||
}
|
||||
rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0);
|
||||
if (!value && rc == -ENODATA)
|
||||
rc = 0;
|
||||
kfree(value);
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
|
||||
{
|
||||
struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
|
||||
size_t size = 0;
|
||||
char *value = NULL;
|
||||
int rc, xprefix;
|
||||
|
||||
if (S_ISLNK(inode->i_mode))
|
||||
@@ -267,17 +284,7 @@ static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
|
||||
default:
|
||||
return -EINVAL;
|
||||
}
|
||||
if (acl) {
|
||||
value = jffs2_acl_to_medium(acl, &size);
|
||||
if (IS_ERR(value))
|
||||
return PTR_ERR(value);
|
||||
}
|
||||
|
||||
rc = do_jffs2_setxattr(inode, xprefix, "", value, size, 0);
|
||||
if (!value && rc == -ENODATA)
|
||||
rc = 0;
|
||||
if (value)
|
||||
kfree(value);
|
||||
rc = __jffs2_set_acl(inode, xprefix, acl);
|
||||
if (!rc) {
|
||||
switch(type) {
|
||||
case ACL_TYPE_ACCESS:
|
||||
@@ -312,37 +319,59 @@ int jffs2_permission(struct inode *inode, int mask, struct nameidata *nd)
|
||||
return generic_permission(inode, mask, jffs2_check_acl);
|
||||
}
|
||||
|
||||
int jffs2_init_acl(struct inode *inode, struct posix_acl *acl)
|
||||
int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, int *i_mode)
|
||||
{
|
||||
struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
|
||||
struct posix_acl *clone;
|
||||
mode_t mode;
|
||||
int rc = 0;
|
||||
struct posix_acl *acl, *clone;
|
||||
int rc;
|
||||
|
||||
f->i_acl_access = JFFS2_ACL_NOT_CACHED;
|
||||
f->i_acl_default = JFFS2_ACL_NOT_CACHED;
|
||||
f->i_acl_default = NULL;
|
||||
f->i_acl_access = NULL;
|
||||
|
||||
if (S_ISLNK(*i_mode))
|
||||
return 0; /* Symlink always has no-ACL */
|
||||
|
||||
acl = jffs2_get_acl(dir_i, ACL_TYPE_DEFAULT);
|
||||
if (IS_ERR(acl))
|
||||
return PTR_ERR(acl);
|
||||
|
||||
if (!acl) {
|
||||
*i_mode &= ~current->fs->umask;
|
||||
} else {
|
||||
if (S_ISDIR(*i_mode))
|
||||
jffs2_iset_acl(inode, &f->i_acl_default, acl);
|
||||
|
||||
if (acl) {
|
||||
if (S_ISDIR(inode->i_mode)) {
|
||||
rc = jffs2_set_acl(inode, ACL_TYPE_DEFAULT, acl);
|
||||
if (rc)
|
||||
goto cleanup;
|
||||
}
|
||||
clone = posix_acl_clone(acl, GFP_KERNEL);
|
||||
rc = -ENOMEM;
|
||||
if (!clone)
|
||||
goto cleanup;
|
||||
mode = inode->i_mode;
|
||||
rc = posix_acl_create_masq(clone, &mode);
|
||||
if (rc >= 0) {
|
||||
inode->i_mode = mode;
|
||||
if (rc > 0)
|
||||
rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, clone);
|
||||
}
|
||||
return -ENOMEM;
|
||||
rc = posix_acl_create_masq(clone, (mode_t *)i_mode);
|
||||
if (rc < 0)
|
||||
return rc;
|
||||
if (rc > 0)
|
||||
jffs2_iset_acl(inode, &f->i_acl_access, clone);
|
||||
|
||||
posix_acl_release(clone);
|
||||
}
|
||||
cleanup:
|
||||
posix_acl_release(acl);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int jffs2_init_acl_post(struct inode *inode)
|
||||
{
|
||||
struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
|
||||
int rc;
|
||||
|
||||
if (f->i_acl_default) {
|
||||
rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_DEFAULT, f->i_acl_default);
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
|
||||
if (f->i_acl_access) {
|
||||
rc = __jffs2_set_acl(inode, JFFS2_XPREFIX_ACL_ACCESS, f->i_acl_access);
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user