Commit Graph

18 Commits

Author SHA1 Message Date
Satyam Sharma 3bd858ab1c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check
Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
users to it. This is done because we want to avoid bugs in the future
where we check for only effective fsuid of the current task against a
file's owning uid, without simultaneously checking for CAP_FOWNER as
well, thus violating its semantics.
[ XFS uses special macros and structures, and in general looked ...
untouchable, so we leave it alone -- but it has been looked over. ]

The (current->fsuid != inode->i_uid) check in generic_permission() and
exec_permission_lite() is left alone, because those operations are
covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations
falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone.

Signed-off-by: Satyam Sharma <ssatyam@cse.iitk.ac.in>
Cc: Al Viro <viro@ftp.linux.org.uk>
Acked-by: Serge E. Hallyn <serge@hallyn.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-17 12:00:03 -07:00
Dave Kleikamp 288e4d838d JFS: Update print_hex_dump() syntax
Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
2007-06-13 10:17:50 -05:00
Dave Kleikamp 209e101bf4 JFS: use print_hex_dump() rather than private dump_mem() function
Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
2007-06-06 16:30:17 -05:00
Dave Kleikamp f720e3ba55 JFS: Whitespace cleanup and remove some dead code
Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
2007-06-06 15:28:35 -05:00
Dave Kleikamp d572b87946 JFS: Remove redundant xattr permission checking
The vfs handles most permissions for setting and retrieving xattrs.
This patch removes a redundant and wrong check so that it won't override
the correct behavior which is being fixed in the vfs.

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2006-11-02 10:50:40 -06:00
Dave Kleikamp 63f83c9fcf JFS: White space cleanup
Removed trailing spaces & tabs, and spaces preceding tabs.
Also a couple very minor comment cleanups.

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
(cherry picked from f74156539964d7b3d5164fdf8848e6a682f75b97 commit)
2006-10-02 09:55:27 -05:00
Richard Knutsson 4d81715fc5 [PATCH] fs/jfs: Conversion to generic boolean
Conversion of booleans to: generic-boolean.patch (2006-08-23)

Signed-off-by: Richard Knutsson <ricknu-0@student.ltu.se>
Cc: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-01 00:39:19 -07:00
Ingo Molnar 1de87444f8 JFS: semaphore to mutex conversion.
the conversion was generated via scripts, and the result was validated
automatically via a script as well.

build and boot tested.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2006-01-24 15:22:50 -06:00
Randy Dunlap 16f7e0fe2e [PATCH] capable/capability.h (fs/)
fs: Use <linux/capability.h> where capable() is used.

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Acked-by: Tim Schmielau <tim@physik3.uni-rostock.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-11 18:42:13 -08:00
Christoph Hellwig 44a0033f6d [PATCH] remove jfs xattr permission checks
remove checks now in the VFS

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-10 08:01:29 -08:00
akpm@osdl.org e0ad7b073e [PATCH] move xattr permission checks into the VFS
)

From: Christoph Hellwig <hch@lst.de>

The xattr code has rather complex permission checks because the rules are very
different for different attribute namespaces.  This patch moves as much as we
can into the generic code.  Currently all the major disk based filesystems
duplicate these checks, while many minor filesystems or network filesystems
lack some or all of them.

To do this we need defines for the extended attribute names in common code, I
moved them up from JFS which had the nicest defintions.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-10 08:01:29 -08:00
Dave Kleikamp 1d15b10f95 JFS: Implement jfs_init_security
This atomically initializes the security xattr when an object is created

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2005-09-01 09:05:39 -05:00
Dave Kleikamp 4f4b401bfa JFS: allow extended attributes to be set within a existing transaction
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2005-09-01 09:02:43 -05:00
Ian Dall 59192ed9e7 JFS: Need to be root to create files with security context
It turns out this is due to some inverted logic in xattr.c

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2005-07-13 09:15:18 -05:00
Dave Kleikamp 6211502d7e JFS: Allow security.* xattrs to be set on symlinks
All of the different xattr namespaces have different rules.
user.* and ACL's are not allowed on symlinks, and since these were the
first xattrs implemented, I assumed there was no need to support xattrs
on symlinks.  This one-line patch should fix it.

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2005-07-13 09:07:53 -05:00
Christoph Hellwig 9a59f452ab [PATCH] remove <linux/xattr_acl.h>
This file duplicates <linux/posix_acl_xattr.h>, using slightly different
names.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-23 09:45:33 -07:00
Jesper Juhl 259692bd5a JFS: Remove redundant kfree() NULL pointer checks
kfree() can handle a NULL pointer, don't worry about passing it one. 

Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk>
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2005-05-09 10:47:14 -05:00
Linus Torvalds 1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00