Commit 911ee3de authored by Christoph Hellwig's avatar Christoph Hellwig Committed by Niv Sardi
Browse files

[XFS] Kill attr_capable checks as already done in xattr_permission. 



No need for addition permission checks in the xattr handler,
fs/xattr.c:xattr_permission() already does them, and in fact slightly more
strict then what was in the attr_capable handlers.

SGI-PV: 981809
SGI-Modid: xfs-linux-melb:xfs-kern:31164a

Signed-off-by: default avatarChristoph Hellwig <hch@infradead.org>
Signed-off-by: default avatarTim Shimmin <tes@sgi.com>
Signed-off-by: default avatarLachlan McIlroy <lachlan@sgi.com>
parent d748c623

fs/xfs/linux-2.6/xfs_iops.c

+1 −12
Original line number Diff line number Diff line
@@ -739,15 +739,11 @@ xfs_vn_setxattr( 
	char		*attr = (char *)name;

	attrnames_t	*namesp;

	int		xflags = 0;

	int		error;



	namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);

	if (!namesp)

		return -EOPNOTSUPP;

	attr += namesp->attr_namelen;

	error = namesp->attr_capable(vp, NULL);

	if (error)

		return error;



	/* Convert Linux syscall to XFS internal ATTR flags */

	if (flags & XATTR_CREATE)
@@ -769,15 +765,11 @@ xfs_vn_getxattr( 
	char		*attr = (char *)name;

	attrnames_t	*namesp;

	int		xflags = 0;

	ssize_t		error;



	namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);

	if (!namesp)

		return -EOPNOTSUPP;

	attr += namesp->attr_namelen;

	error = namesp->attr_capable(vp, NULL);

	if (error)

		return error;



	/* Convert Linux syscall to XFS internal ATTR flags */

	if (!size) {
@@ -817,15 +809,12 @@ xfs_vn_removexattr( 
	char		*attr = (char *)name;

	attrnames_t	*namesp;

	int		xflags = 0;

	int		error;



	namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);

	if (!namesp)

		return -EOPNOTSUPP;

	attr += namesp->attr_namelen;

	error = namesp->attr_capable(vp, NULL);

	if (error)

		return error;



	xflags |= namesp->attr_flag;

	return namesp->attr_remove(vp, attr, xflags);

}

fs/xfs/xfs_attr.c

+0 −41
Original line number Diff line number Diff line
@@ -2622,43 +2622,6 @@ attr_lookup_namespace( 
	return NULL;

}



/*

 * Some checks to prevent people abusing EAs to get over quota:

 * - Don't allow modifying user EAs on devices/symlinks;

 * - Don't allow modifying user EAs if sticky bit set;

 */

STATIC int

attr_user_capable(

	bhv_vnode_t	*vp,

	cred_t		*cred)

{

	struct inode	*inode = vn_to_inode(vp);



	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))

		return -EPERM;

	if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) &&

	    !capable(CAP_SYS_ADMIN))

		return -EPERM;

	if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&

	    (current_fsuid(cred) != inode->i_uid) && !capable(CAP_FOWNER))

		return -EPERM;

	return 0;

}



STATIC int

attr_trusted_capable(

	bhv_vnode_t	*vp,

	cred_t		*cred)

{

	struct inode	*inode = vn_to_inode(vp);



	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))

		return -EPERM;

	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;

	return 0;

}



STATIC int

attr_system_set(

	bhv_vnode_t *vp, char *name, void *data, size_t size, int xflags)
@@ -2709,7 +2672,6 @@ struct attrnames attr_system = { 
	.attr_get	= attr_system_get,

	.attr_set	= attr_system_set,

	.attr_remove	= attr_system_remove,

	.attr_capable	= (attrcapable_t)fs_noerr,

};



struct attrnames attr_trusted = {
@@ -2719,7 +2681,6 @@ struct attrnames attr_trusted = { 
	.attr_get	= attr_generic_get,

	.attr_set	= attr_generic_set,

	.attr_remove	= attr_generic_remove,

	.attr_capable	= attr_trusted_capable,

};



struct attrnames attr_secure = {
@@ -2729,7 +2690,6 @@ struct attrnames attr_secure = { 
	.attr_get	= attr_generic_get,

	.attr_set	= attr_generic_set,

	.attr_remove	= attr_generic_remove,

	.attr_capable	= (attrcapable_t)fs_noerr,

};



struct attrnames attr_user = {
@@ -2738,7 +2698,6 @@ struct attrnames attr_user = { 
	.attr_get	= attr_generic_get,

	.attr_set	= attr_generic_set,

	.attr_remove	= attr_generic_remove,

	.attr_capable	= attr_user_capable,

};



struct attrnames *attr_namespaces[] =

fs/xfs/xfs_attr.h

+0 −2
Original line number Diff line number Diff line
@@ -42,7 +42,6 @@ typedef int (*attrset_t)(bhv_vnode_t *, char *, void *, size_t, int); 
typedef int (*attrget_t)(bhv_vnode_t *, char *, void *, size_t, int);

typedef int (*attrremove_t)(bhv_vnode_t *, char *, int);

typedef int (*attrexists_t)(bhv_vnode_t *);

typedef int (*attrcapable_t)(bhv_vnode_t *, struct cred *);



typedef struct attrnames {

	char *		attr_name;
@@ -52,7 +51,6 @@ typedef struct attrnames { 
	attrset_t	attr_set;

	attrremove_t	attr_remove;

	attrexists_t	attr_exists;

	attrcapable_t	attr_capable;

} attrnames_t;



#define ATTR_NAMECOUNT	4

CRA Git | Maintained and supported by SUSTech CRA and CCSE