From: swhiteho@redhat.com <swhiteho@redhat.com>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [PATCH 27/58] [GFS2] remove unnecessary permission checks
Date: Mon, 21 Jan 2008 09:21:45 +0000 [thread overview]
Message-ID: <12009073883125-git-send-email-swhiteho@redhat.com> (raw)
In-Reply-To: <12009073862261-git-send-email-swhiteho@redhat.com>
From: Ryan O'Hara <rohara@redhat.com>
Remove read/write permission() checks from xattr operations.
VFS layer is already handling permission for xattrs via the
xattr_permission() call, so there is no need for gfs2 to
check permissions. Futhermore, using permission() for SELinux
xattrs ops is incorrect.
Signed-off-by: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
diff --git a/fs/gfs2/eaops.c b/fs/gfs2/eaops.c
index aa8dbf3..ef91b6e 100644
--- a/fs/gfs2/eaops.c
+++ b/fs/gfs2/eaops.c
@@ -59,9 +59,6 @@ unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name)
static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_READ, NULL);
- if (error)
- return error;
return gfs2_ea_get_i(ip, er);
}
@@ -70,14 +67,6 @@ static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- if (S_ISREG(inode->i_mode) ||
- (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
- } else
- return -EPERM;
-
return gfs2_ea_set_i(ip, er);
}
@@ -85,14 +74,6 @@ static int user_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- if (S_ISREG(inode->i_mode) ||
- (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
- } else
- return -EPERM;
-
return gfs2_ea_remove_i(ip, er);
}
@@ -108,8 +89,6 @@ static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)))
return -EOPNOTSUPP;
-
-
return gfs2_ea_get_i(ip, er);
}
@@ -173,9 +152,6 @@ static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_READ, NULL);
- if (error)
- return error;
return gfs2_ea_get_i(ip, er);
}
@@ -183,9 +159,6 @@ static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
return gfs2_ea_set_i(ip, er);
}
@@ -193,9 +166,6 @@ static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
return gfs2_ea_remove_i(ip, er);
}
--
1.5.1.2
WARNING: multiple messages have this Message-ID (diff)
From: swhiteho@redhat.com
To: linux-kernel@vger.kernel.org, cluster-devel@redhat.com
Cc: "Ryan O'Hara" <rohara@redhat.com>,
Steven Whitehouse <swhiteho@redhat.com>
Subject: [PATCH 27/58] [GFS2] remove unnecessary permission checks
Date: Mon, 21 Jan 2008 09:21:45 +0000 [thread overview]
Message-ID: <12009073883125-git-send-email-swhiteho@redhat.com> (raw)
Message-ID: <406c292988bbf9cab8eb8b83e290c1f44151f76f.1200905287.git.swhiteho@redhat.com> (raw)
In-Reply-To: <12009073862261-git-send-email-swhiteho@redhat.com>
In-Reply-To: <ba7d43779caabf7d3e6c62c3007564cdff351e40.1200905287.git.swhiteho@redhat.com>
From: Ryan O'Hara <rohara@redhat.com>
Remove read/write permission() checks from xattr operations.
VFS layer is already handling permission for xattrs via the
xattr_permission() call, so there is no need for gfs2 to
check permissions. Futhermore, using permission() for SELinux
xattrs ops is incorrect.
Signed-off-by: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
diff --git a/fs/gfs2/eaops.c b/fs/gfs2/eaops.c
index aa8dbf3..ef91b6e 100644
--- a/fs/gfs2/eaops.c
+++ b/fs/gfs2/eaops.c
@@ -59,9 +59,6 @@ unsigned int gfs2_ea_name2type(const char *name, const char **truncated_name)
static int user_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_READ, NULL);
- if (error)
- return error;
return gfs2_ea_get_i(ip, er);
}
@@ -70,14 +67,6 @@ static int user_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- if (S_ISREG(inode->i_mode) ||
- (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
- } else
- return -EPERM;
-
return gfs2_ea_set_i(ip, er);
}
@@ -85,14 +74,6 @@ static int user_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- if (S_ISREG(inode->i_mode) ||
- (S_ISDIR(inode->i_mode) && !(inode->i_mode & S_ISVTX))) {
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
- } else
- return -EPERM;
-
return gfs2_ea_remove_i(ip, er);
}
@@ -108,8 +89,6 @@ static int system_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
GFS2_ACL_IS_DEFAULT(er->er_name, er->er_name_len)))
return -EOPNOTSUPP;
-
-
return gfs2_ea_get_i(ip, er);
}
@@ -173,9 +152,6 @@ static int system_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_READ, NULL);
- if (error)
- return error;
return gfs2_ea_get_i(ip, er);
}
@@ -183,9 +159,6 @@ static int security_eo_get(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
return gfs2_ea_set_i(ip, er);
}
@@ -193,9 +166,6 @@ static int security_eo_set(struct gfs2_inode *ip, struct gfs2_ea_request *er)
static int security_eo_remove(struct gfs2_inode *ip, struct gfs2_ea_request *er)
{
struct inode *inode = &ip->i_inode;
- int error = permission(inode, MAY_WRITE, NULL);
- if (error)
- return error;
return gfs2_ea_remove_i(ip, er);
}
--
1.5.1.2
next prev parent reply other threads:[~2008-01-21 9:21 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-21 9:21 [Cluster-devel] [GFS2] Pre-pull patch posting swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 01/58] [GFS2] Handle multiple glock demote requests swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 02/58] [GFS2] Clean up internal read function swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 03/58] [GFS2] Use ->page_mkwrite() for mmap() swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 04/58] [GFS2] Remove useless i_cache from inodes swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 05/58] [GFS2] Remove unused field in struct gfs2_inode swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 06/58] [GFS2] Add gfs2_is_writeback() swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 07/58] [GFS2] Introduce gfs2_set_aops() swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 08/58] [GFS2] Split gfs2_writepage into three cases swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 09/58] [GFS2] Add writepages for GFS2 jdata swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 10/58] [GFS2] Don't hold page lock when starting transaction swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 11/58] [GFS2] Use correct include file in ops_address.c swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 12/58] [GFS2] Remove unused variables swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 13/58] [GFS2] Remove "reclaim limit" swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 14/58] [GFS2] Add sync_page to metadata address space operations swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 15/58] [GFS2] Reorder writeback for glock sync swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 16/58] [GFS2] Remove flags no longer required swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 17/58] [GFS2] Given device ID rather than s_id in "id" sysfs file swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 18/58] [GFS2] check kthread_should_stop when waiting swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 19/58] [GFS2] Don't add glocks to the journal swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 20/58] [GFS2] Use atomic_t for journal free blocks counter swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 21/58] [GFS2] Move gfs2_logd into log.c swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 22/58] [GFS2] Don't periodically update the jindex swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 23/58] [GFS2] Check for installation of mount helpers for DLM mounts swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 24/58] [GFS2] tidy up error message swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 25/58] [GFS2] Fix runtime issue with UP kernels swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 26/58] [GFS2] Revise gfs2_logd and flush thresholds swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` swhiteho [this message]
2008-01-21 9:21 ` [PATCH 27/58] [GFS2] remove unnecessary permission checks swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 28/58] [GFS2] Fix build warnings swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 29/58] [GFS2] Remove unrequired code swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 30/58] [GFS2] Remove lock methods for lock_nolock protocol swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 31/58] [GFS2] patch to check for recursive lock requests in gfs2_rename code path swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 32/58] [GFS2] Remove unused variable swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 33/58] [GFS2] use pid for plock owner for nfs clients swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 34/58] [GFS2] Remove function gfs2_get_block swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 35/58] [GFS2] Fix typo in log.c swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 36/58] [GFS2] Journal extent mapping swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 37/58] [GFS2] Get rid of useless "found" variable in quota.c swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 38/58] [GFS2] Run through full bitmaps quicker in gfs2_bitfit swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 39/58] [GFS2] Reorganize function gfs2_glmutex_lock swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 40/58] [GFS2] Only fetch the dinode once in block_map swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:21 ` [Cluster-devel] [PATCH 41/58] [GFS2] Function meta_read optimization swhiteho
2008-01-21 9:21 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 42/58] [GFS2] Incremental patch to fix compiler warning swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 43/58] [GFS2] Eliminate the no longer needed sd_statfs_mutex swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 44/58] [GFS2] Minor correction swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 45/58] [GFS2] Fix log block mapper swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 46/58] [GFS2] Remove unused variable swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 47/58] [GFS2] Allow page migration for writeback and ordered pages swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 48/58] [GFS2] Initialize extent_list earlier swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 49/58] [GFS2] Fix problems relating to execution of files on GFS2 swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 50/58] [GFS2] Fix assert in log code swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 51/58] [GFS2] Reduce inode size by moving i_alloc out of line swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 52/58] [GFS2] Remove unneeded i_spin swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 53/58] [GFS2] gfs2_alloc_required performance swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 54/58] [GFS2] Fix write alloc required shortcut calculation swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 55/58] [GFS2] Fix typo swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 56/58] [GFS2] Fix page_mkwrite truncation race path swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 57/58] [GFS2] Lockup on error swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:22 ` [Cluster-devel] [PATCH 58/58] [GFS2] Allow journal recovery on read-only mount swhiteho
2008-01-21 9:22 ` swhiteho
2008-01-21 9:21 ` [PATCH 26/58] [GFS2] Revise gfs2_logd and flush thresholds swhiteho
2008-01-21 14:56 ` [Cluster-devel] " Kevin Anderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=12009073883125-git-send-email-swhiteho@redhat.com \
--to=swhiteho@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.