From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steven Whitehouse Date: Mon, 26 Nov 2007 15:17:12 +0000 Subject: [Cluster-devel] [PATCH] gfs2: remove unnecessary permission checks In-Reply-To: <1195667694798-git-send-email-rohara@redhat.com> References: <1195667694798-git-send-email-rohara@redhat.com> Message-ID: <1196090232.1068.858.camel@quoit> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi, Now in the -nmw git tree. Thanks, Steve. On Wed, 2007-11-21 at 11:54 -0600, Ryan O'Hara wrote: > Remove read/write permission() checks from xattr operations. > VFS layer is already handling permission for xattrs via the > xattr_permission() call, so there is no need for gfs2 to > check permissions. Futhermore, using permission() for SELinux > xattrs ops is incorrect. > --- > fs/gfs2/eaops.c | 30 ------------------------------ > 1 files changed, 0 insertions(+), 30 deletions(-) > > diff --git a/fs/gfs2/eaops.c b/fs/gfs2/eaops.c > index aa8dbf3..ef91b6e 100644 > --- a/fs/gfs2/eaops.c > +++ b/fs/gfs2/eaops.c > @@ -59,9 +59,6 @@ unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name) > static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > - int error = permission(inode, MAY_READ, NULL); > - if (error) > - return error; > > return gfs2_ea_get_i(ip, er); > } > @@ -70,14 +67,6 @@ static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > > - if (S_ISREG(inode->i_mode) || > - (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) { > - int error = permission(inode, MAY_WRITE, NULL); > - if (error) > - return error; > - } else > - return -EPERM; > - > return gfs2_ea_set_i(ip, er); > } > > @@ -85,14 +74,6 @@ static int user_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > > - if (S_ISREG(inode->i_mode) || > - (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) { > - int error = permission(inode, MAY_WRITE, NULL); > - if (error) > - return error; > - } else > - return -EPERM; > - > return gfs2_ea_remove_i(ip, er); > } > > @@ -108,8 +89,6 @@ static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) > GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len))) > return -EOPNOTSUPP; > > - > - > return gfs2_ea_get_i(ip, er); > } > > @@ -173,9 +152,6 @@ static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) > static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > - int error = permission(inode, MAY_READ, NULL); > - if (error) > - return error; > > return gfs2_ea_get_i(ip, er); > } > @@ -183,9 +159,6 @@ static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er) > static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > - int error = permission(inode, MAY_WRITE, NULL); > - if (error) > - return error; > > return gfs2_ea_set_i(ip, er); > } > @@ -193,9 +166,6 @@ static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er) > static int security_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er) > { > struct inode *inode = &ip->i_inode; > - int error = permission(inode, MAY_WRITE, NULL); > - if (error) > - return error; > > return gfs2_ea_remove_i(ip, er); > }