X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=fs%2Fgfs2%2Feaops.c;h=cd747c00f670363db6f2dbe41164858e56b4778f;hb=2b2842146cb4105877c2be51d3857ec61ebd4ff9;hp=2914731250c5df8a73397359b884e55737c2a93a;hpb=f3b270a47882b958e9e3c5bd86894e3a7072899a;p=linux-2.6

diff --git a/fs/gfs2/eaops.c b/fs/gfs2/eaops.c
index 2914731250..cd747c00f6 100644
--- a/fs/gfs2/eaops.c
+++ b/fs/gfs2/eaops.c
@@ -1,10 +1,10 @@
 /*
  * Copyright (C) Sistina Software, Inc.  1997-2003 All rights reserved.
- * Copyright (C) 2004-2005 Red Hat, Inc.  All rights reserved.
+ * Copyright (C) 2004-2006 Red Hat, Inc.  All rights reserved.
  *
  * This copyrighted material is made available to anyone wishing to use,
  * modify, copy, or redistribute it subject to the terms and conditions
- * of the GNU General Public License v.2.
+ * of the GNU General Public License version 2.
  */
 
 #include <linux/sched.h>
@@ -13,13 +13,16 @@
 #include <linux/completion.h>
 #include <linux/buffer_head.h>
 #include <linux/xattr.h>
-#include <asm/semaphore.h>
+#include <linux/gfs2_ondisk.h>
+#include <linux/lm_interface.h>
 #include <asm/uaccess.h>
 
 #include "gfs2.h"
+#include "incore.h"
 #include "acl.h"
 #include "eaops.h"
 #include "eattr.h"
+#include "util.h"
 
 /**
  * gfs2_ea_name2type - get the type of the ea, and truncate type from the name
@@ -28,18 +31,22 @@
  * Returns: GFS2_EATYPE_XXX
  */
 
-unsigned int gfs2_ea_name2type(const char *name, char **truncated_name)
+unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name)
 {
 	unsigned int type;
 
 	if (strncmp(name, "system.", 7) == 0) {
 		type = GFS2_EATYPE_SYS;
 		if (truncated_name)
-			*truncated_name = strchr(name, '.') + 1;
+			*truncated_name = name + sizeof("system.") - 1;
 	} else if (strncmp(name, "user.", 5) == 0) {
 		type = GFS2_EATYPE_USR;
 		if (truncated_name)
-			*truncated_name = strchr(name, '.') + 1;
+			*truncated_name = name + sizeof("user.") - 1;
+	} else if (strncmp(name, "security.", 9) == 0) {
+		type = GFS2_EATYPE_SECURITY;
+		if (truncated_name)
+			*truncated_name = name + sizeof("security.") - 1;
 	} else {
 		type = GFS2_EATYPE_UNUSED;
 		if (truncated_name)
@@ -51,7 +58,7 @@ unsigned int gfs2_ea_name2type(const char *name, char **truncated_name)
 
 static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 {
-	struct inode *inode = ip->i_vnode;
+	struct inode *inode = &ip->i_inode;
 	int error = permission(inode, MAY_READ, NULL);
 	if (error)
 		return error;
@@ -61,7 +68,7 @@ static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 
 static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 {
-	struct inode *inode = ip->i_vnode;
+	struct inode *inode = &ip->i_inode;
 
 	if (S_ISREG(inode->i_mode) ||
 	    (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
@@ -76,7 +83,7 @@ static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 
 static int user_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 {
-	struct inode *inode = ip->i_vnode;
+	struct inode *inode = &ip->i_inode;
 
 	if (S_ISREG(inode->i_mode) ||
 	    (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
@@ -96,7 +103,7 @@ static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 	    !capable(CAP_SYS_ADMIN))
 		return -EPERM;
 
-	if (ip->i_sbd->sd_args.ar_posix_acl == 0 &&
+	if (GFS2_SB(&ip->i_inode)->sd_args.ar_posix_acl == 0 &&
 	    (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len) ||
 	     GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)))
 		return -EOPNOTSUPP;
@@ -113,7 +120,7 @@ static int system_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 
 	if (GFS2_ACL_IS_ACCESS(er->er_name, er->er_name_len)) {
 		if (!(er->er_flags & GFS2_ERF_MODE)) {
-			er->er_mode = ip->i_di.di_mode;
+			er->er_mode = ip->i_inode.i_mode;
 			er->er_flags |= GFS2_ERF_MODE;
 		}
 		error = gfs2_acl_validate_set(ip, 1, er,
@@ -139,7 +146,7 @@ static int system_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 			if (error == -ENODATA)
 				error = 0;
 		}
-		return error;	
+		return error;
 	}
 
 	return -EPERM;
@@ -163,7 +170,37 @@ static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
 	return gfs2_ea_remove_i(ip, er);
 }
 
-struct gfs2_eattr_operations gfs2_user_eaops = {
+static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
+{
+	struct inode *inode = &ip->i_inode;
+	int error = permission(inode, MAY_READ, NULL);
+	if (error)
+		return error;
+
+	return gfs2_ea_get_i(ip, er);
+}
+
+static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
+{
+	struct inode *inode = &ip->i_inode;
+	int error = permission(inode, MAY_WRITE, NULL);
+	if (error)
+		return error;
+
+	return gfs2_ea_set_i(ip, er);
+}
+
+static int security_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
+{
+	struct inode *inode = &ip->i_inode;
+	int error = permission(inode, MAY_WRITE, NULL);
+	if (error)
+		return error;
+
+	return gfs2_ea_remove_i(ip, er);
+}
+
+static struct gfs2_eattr_operations gfs2_user_eaops = {
 	.eo_get = user_eo_get,
 	.eo_set = user_eo_set,
 	.eo_remove = user_eo_remove,
@@ -177,9 +214,17 @@ struct gfs2_eattr_operations gfs2_system_eaops = {
 	.eo_name = "system",
 };
 
+static struct gfs2_eattr_operations gfs2_security_eaops = {
+	.eo_get = security_eo_get,
+	.eo_set = security_eo_set,
+	.eo_remove = security_eo_remove,
+	.eo_name = "security",
+};
+
 struct gfs2_eattr_operations *gfs2_ea_ops[] = {
 	NULL,
 	&gfs2_user_eaops,
 	&gfs2_system_eaops,
+	&gfs2_security_eaops,
 };