linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andreas Gruenbacher <agruenba@redhat.com>
To: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Andreas Gruenbacher <agruenba@redhat.com>,
	Christoph Hellwig <hch@infradead.org>,
	"Theodore Ts'o" <tytso@mit.edu>,
	Andreas Dilger <adilger.kernel@dilger.ca>,
	"J. Bruce Fields" <bfields@fieldses.org>,
	Jeff Layton <jlayton@poochiereds.net>,
	Trond Myklebust <trond.myklebust@primarydata.com>,
	Anna Schumaker <anna.schumaker@netapp.com>,
	Dave Chinner <david@fromorbit.com>,
	linux-ext4@vger.kernel.org, xfs@oss.sgi.com,
	linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-nfs@vger.kernel.org, linux-cifs@vger.kernel.org,
	linux-api@vger.kernel.org
Subject: [PATCH v27 19/21] vfs: Move check_posix_acl and check_richacl out of fs/namei.c
Date: Tue, 11 Oct 2016 14:50:54 +0200	[thread overview]
Message-ID: <1476190256-1677-20-git-send-email-agruenba@redhat.com> (raw)
In-Reply-To: <1476190256-1677-1-git-send-email-agruenba@redhat.com>

By moving those functions into fs/posix_acl.c and fs/richacl.c, the
ifdefs can be moved into include/linux/posix_acl.h and
include/linux/richacl.h.  This may be seen as a small improvement.

Suggested-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 fs/namei.c                | 72 ++++-------------------------------------------
 fs/posix_acl.c            | 28 ++++++++++++++++++
 fs/richacl.c              | 28 ++++++++++++++++++
 include/linux/posix_acl.h |  5 ++++
 include/linux/richacl.h   |  8 ++++++
 5 files changed, 74 insertions(+), 67 deletions(-)

diff --git a/fs/namei.c b/fs/namei.c
index 9808154c..4e20b87 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -258,73 +258,6 @@ void putname(struct filename *name)
 		__putname(name);
 }
 
-static int check_richacl(struct inode *inode, int mask)
-{
-#ifdef CONFIG_FS_RICHACL
-	if (mask & MAY_NOT_BLOCK) {
-		struct base_acl *base_acl;
-
-		base_acl = rcu_dereference(inode->i_acl);
-		if (!base_acl)
-			goto no_acl;
-		/* no ->get_richacl() calls in RCU mode... */
-		if (is_uncached_acl(base_acl))
-			return -ECHILD;
-		return richacl_permission(inode, richacl(base_acl),
-					  mask & ~MAY_NOT_BLOCK);
-	} else {
-		struct richacl *acl;
-
-		acl = get_richacl(inode);
-		if (IS_ERR(acl))
-			return PTR_ERR(acl);
-		if (acl) {
-			int error = richacl_permission(inode, acl, mask);
-			richacl_put(acl);
-			return error;
-		}
-	}
-no_acl:
-#endif
-	if (mask & (MAY_DELETE_SELF | MAY_TAKE_OWNERSHIP |
-		    MAY_CHMOD | MAY_SET_TIMES)) {
-		/* File permission bits cannot grant this. */
-		return -EACCES;
-	}
-	return -EAGAIN;
-}
-
-static int check_posix_acl(struct inode *inode, int mask)
-{
-#ifdef CONFIG_FS_POSIX_ACL
-	if (mask & MAY_NOT_BLOCK) {
-		struct base_acl *base_acl;
-
-		base_acl = rcu_dereference(inode->i_acl);
-	        if (!base_acl)
-	                return -EAGAIN;
-		/* no ->get_acl() calls in RCU mode... */
-		if (is_uncached_acl(base_acl))
-			return -ECHILD;
-	        return posix_acl_permission(inode, posix_acl(base_acl),
-					    mask & ~MAY_NOT_BLOCK);
-	} else {
-		struct posix_acl *acl;
-
-		acl = get_acl(inode, ACL_TYPE_ACCESS);
-		if (IS_ERR(acl))
-			return PTR_ERR(acl);
-		if (acl) {
-			int error = posix_acl_permission(inode, acl, mask);
-			posix_acl_release(acl);
-			return error;
-		}
-	}
-#endif
-
-	return -EAGAIN;
-}
-
 /*
  * This does the basic permission checking
  */
@@ -344,6 +277,11 @@ static int acl_permission_check(struct inode *inode, int mask)
 		int error = check_richacl(inode, mask);
 		if (error != -EAGAIN)
 			return error;
+		if (mask & (MAY_DELETE_SELF | MAY_TAKE_OWNERSHIP |
+			    MAY_CHMOD | MAY_SET_TIMES)) {
+			/* File permission bits cannot grant this. */
+			return -EACCES;
+		}
 	}
 	if (likely(uid_eq(current_fsuid(), inode->i_uid)))
 		mode >>= 6;
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 0bf1dc0..b373d87 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -374,6 +374,34 @@ posix_acl_permission(struct inode *inode, const struct posix_acl *acl, int want)
 	return -EACCES;
 }
 
+int check_posix_acl(struct inode *inode, int mask)
+{
+	if (mask & MAY_NOT_BLOCK) {
+		struct base_acl *base_acl;
+
+		base_acl = rcu_dereference(inode->i_acl);
+	        if (!base_acl)
+	                return -EAGAIN;
+		/* no ->get_acl() calls in RCU mode... */
+		if (is_uncached_acl(base_acl))
+			return -ECHILD;
+	        return posix_acl_permission(inode, posix_acl(base_acl),
+					    mask & ~MAY_NOT_BLOCK);
+	} else {
+		struct posix_acl *acl;
+
+		acl = get_acl(inode, ACL_TYPE_ACCESS);
+		if (IS_ERR(acl))
+			return PTR_ERR(acl);
+		if (acl) {
+			int error = posix_acl_permission(inode, acl, mask);
+			posix_acl_release(acl);
+			return error;
+		}
+	}
+	return -EAGAIN;
+}
+
 /*
  * Modify acl when creating a new inode. The caller must ensure the acl is
  * only referenced once.
diff --git a/fs/richacl.c b/fs/richacl.c
index 1945691..ece9d0b 100644
--- a/fs/richacl.c
+++ b/fs/richacl.c
@@ -385,6 +385,34 @@ richacl_permission(struct inode *inode, const struct richacl *acl,
 }
 EXPORT_SYMBOL_GPL(richacl_permission);
 
+int check_richacl(struct inode *inode, int mask)
+{
+	if (mask & MAY_NOT_BLOCK) {
+		struct base_acl *base_acl;
+
+		base_acl = rcu_dereference(inode->i_acl);
+		if (!base_acl)
+			return -EAGAIN;
+		/* no ->get_richacl() calls in RCU mode... */
+		if (is_uncached_acl(base_acl))
+			return -ECHILD;
+		return richacl_permission(inode, richacl(base_acl),
+					  mask & ~MAY_NOT_BLOCK);
+	} else {
+		struct richacl *acl;
+
+		acl = get_richacl(inode);
+		if (IS_ERR(acl))
+			return PTR_ERR(acl);
+		if (acl) {
+			int error = richacl_permission(inode, acl, mask);
+			richacl_put(acl);
+			return error;
+		}
+	}
+	return -EAGAIN;
+}
+
 /*
  * Note: functions like richacl_allowed_to_who(), richacl_group_class_allowed(),
  * and richacl_compute_max_masks() iterate through the entire acl in reverse
diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h
index abfb786..5c65dc9 100644
--- a/include/linux/posix_acl.h
+++ b/include/linux/posix_acl.h
@@ -74,6 +74,7 @@ extern struct posix_acl *get_posix_acl(struct inode *, int);
 extern int set_posix_acl(struct inode *, int, struct posix_acl *);
 
 #ifdef CONFIG_FS_POSIX_ACL
+extern int check_posix_acl(struct inode *, int);
 extern int posix_acl_chmod(struct inode *, umode_t);
 extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **,
 		struct posix_acl **);
@@ -93,6 +94,10 @@ static inline void cache_no_acl(struct inode *inode)
 	inode->i_default_acl = NULL;
 }
 #else
+static inline int check_posix_acl(struct inode *inode, int mask) {
+	return -EAGAIN;
+}
+
 static inline int posix_acl_chmod(struct inode *inode, umode_t mode)
 {
 	return 0;
diff --git a/include/linux/richacl.h b/include/linux/richacl.h
index 7530920..368e918 100644
--- a/include/linux/richacl.h
+++ b/include/linux/richacl.h
@@ -207,4 +207,12 @@ extern struct richacl *richacl_inherit(const struct richacl *, int);
 extern struct richacl *richacl_create(umode_t *, struct inode *);
 extern int set_richacl(struct inode *, struct richacl *);
 
+#ifdef CONFIG_FS_RICHACL
+extern int check_richacl(struct inode *, int);
+#else
+static inline int check_richacl(struct inode *inode, int mask) {
+	return -EAGAIN;
+}
+#endif  /* CONFIG_FS_RICHACL */
+
 #endif /* __RICHACL_H */
-- 
2.7.4

  parent reply	other threads:[~2016-10-11 12:53 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-11 12:50 [PATCH v27 00/21] Richacls (Core and Ext4) Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 01/21] vfs: Add IS_ACL() and IS_RICHACL() tests Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 02/21] vfs: Add MAY_CREATE_FILE and MAY_CREATE_DIR permission flags Andreas Gruenbacher
2016-12-02  9:22   ` Miklos Szeredi
2017-02-13 15:34     ` Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 03/21] vfs: Add MAY_DELETE_SELF and MAY_DELETE_CHILD " Andreas Gruenbacher
2016-12-02  9:57   ` Miklos Szeredi
2016-12-06 20:15     ` J. Bruce Fields
2016-12-06 21:13       ` Jeremy Allison
2016-12-06 21:25         ` Miklos Szeredi
2016-12-06 21:36           ` Jeremy Allison
2017-02-13 15:40           ` Andreas Gruenbacher
2017-02-13 15:42     ` Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 04/21] vfs: Add permission flags for setting file attributes Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 05/21] richacl: In-memory representation and helper functions Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 06/21] richacl: Permission mapping functions Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 07/21] richacl: Permission check algorithm Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 08/21] richacl: Compute maximum file masks from an acl Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 09/21] vfs: Cache base_acl objects in inodes Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 10/21] vfs: Add get_richacl and set_richacl inode operations Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 11/21] vfs: Cache richacl in struct inode Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 12/21] richacl: Update the file masks in chmod() Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 13/21] richacl: Check if an acl is equivalent to a file mode Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 14/21] richacl: Create-time inheritance Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 15/21] richacl: Automatic Inheritance Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 16/21] richacl: xattr mapping functions Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 17/21] richacl: Add richacl xattr handler Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 18/21] vfs: Add richacl permission checking Andreas Gruenbacher
2016-10-11 12:50 ` Andreas Gruenbacher [this message]
2016-10-11 12:50 ` [PATCH v27 20/21] ext4: Add richacl support Andreas Gruenbacher
2016-10-11 12:50 ` [PATCH v27 21/21] ext4: Add richacl feature flag Andreas Gruenbacher

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1476190256-1677-20-git-send-email-agruenba@redhat.com \
    --to=agruenba@redhat.com \
    --cc=adilger.kernel@dilger.ca \
    --cc=anna.schumaker@netapp.com \
    --cc=bfields@fieldses.org \
    --cc=david@fromorbit.com \
    --cc=hch@infradead.org \
    --cc=jlayton@poochiereds.net \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-cifs@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=trond.myklebust@primarydata.com \
    --cc=tytso@mit.edu \
    --cc=viro@zeniv.linux.org.uk \
    --cc=xfs@oss.sgi.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).