From 3542c6e18f6470bad2bde1e94331e4f488a8d3f1 Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Mon, 9 Jan 2006 20:52:00 -0800
Subject: [PATCH] remove xfs xattr permission checks
remove checks now in the VFS
XFS has an additional xattr interface through obscure ioctl. it requires
raised capabilities but we need to add some read-only/immutable checks anyway
Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Nathan Scott <nathans@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
fs/xfs/linux-2.6/xfs_ioctl.c | 5 +++++
fs/xfs/xfs_attr.c | 29 +++--------------------------
2 files changed, 8 insertions(+), 26 deletions(-)
(limited to 'fs')
diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c
index b78b5eb9e96c..f98c5be3dfe7 100644
--- a/fs/xfs/linux-2.6/xfs_ioctl.c
+++ b/fs/xfs/linux-2.6/xfs_ioctl.c
@@ -530,6 +530,8 @@ xfs_attrmulti_attr_set(
char *kbuf;
int error = EFAULT;
+ if (IS_RDONLY(&vp->v_inode))
+ return -EROFS;
if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
return EPERM;
if (len > XATTR_SIZE_MAX)
@@ -557,6 +559,9 @@ xfs_attrmulti_attr_remove(
{
int error;
+
+ if (IS_RDONLY(&vp->v_inode))
+ return -EROFS;
if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
return EPERM;
diff --git a/fs/xfs/xfs_attr.c b/fs/xfs/xfs_attr.c
index 5484eeb460c8..1a11c2b51701 100644
--- a/fs/xfs/xfs_attr.c
+++ b/fs/xfs/xfs_attr.c
@@ -117,11 +117,6 @@ xfs_attr_fetch(xfs_inode_t *ip, const char *name, int namelen,
ip->i_d.di_anextents == 0))
return(ENOATTR);
- if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) {
- if ((error = xfs_iaccess(ip, S_IRUSR, cred)))
- return(XFS_ERROR(error));
- }
-
/*
* Fill in the arg structure for this request.
*/
@@ -425,7 +420,7 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f
struct cred *cred)
{
xfs_inode_t *dp;
- int namelen, error;
+ int namelen;
namelen = strlen(name);
if (namelen >= MAXNAMELEN)
@@ -437,14 +432,6 @@ xfs_attr_set(bhv_desc_t *bdp, const char *name, char *value, int valuelen, int f
if (XFS_FORCED_SHUTDOWN(dp->i_mount))
return (EIO);
- xfs_ilock(dp, XFS_ILOCK_SHARED);
- if (!(flags & ATTR_SECURE) &&
- (error = xfs_iaccess(dp, S_IWUSR, cred))) {
- xfs_iunlock(dp, XFS_ILOCK_SHARED);
- return(XFS_ERROR(error));
- }
- xfs_iunlock(dp, XFS_ILOCK_SHARED);
-
return xfs_attr_set_int(dp, name, namelen, value, valuelen, flags);
}
@@ -579,7 +566,7 @@ int
xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred)
{
xfs_inode_t *dp;
- int namelen, error;
+ int namelen;
namelen = strlen(name);
if (namelen >= MAXNAMELEN)
@@ -592,11 +579,7 @@ xfs_attr_remove(bhv_desc_t *bdp, const char *name, int flags, struct cred *cred)
return (EIO);
xfs_ilock(dp, XFS_ILOCK_SHARED);
- if (!(flags & ATTR_SECURE) &&
- (error = xfs_iaccess(dp, S_IWUSR, cred))) {
- xfs_iunlock(dp, XFS_ILOCK_SHARED);
- return(XFS_ERROR(error));
- } else if (XFS_IFORK_Q(dp) == 0 ||
+ if (XFS_IFORK_Q(dp) == 0 ||
(dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS &&
dp->i_d.di_anextents == 0)) {
xfs_iunlock(dp, XFS_ILOCK_SHARED);
@@ -668,12 +651,6 @@ xfs_attr_list(bhv_desc_t *bdp, char *buffer, int bufsize, int flags,
return (EIO);
xfs_ilock(dp, XFS_ILOCK_SHARED);
- if (!(flags & ATTR_SECURE) &&
- (error = xfs_iaccess(dp, S_IRUSR, cred))) {
- xfs_iunlock(dp, XFS_ILOCK_SHARED);
- return(XFS_ERROR(error));
- }
-
/*
* Decide on what work routines to call based on the inode size.
*/
--
cgit v1.2.3