[Ocfs2-devel] [PATCH 0/3] ocfs2: add security EA and ACL support v1

[Ocfs2-devel] [PATCH 0/3] ocfs2: add security EA and ACL support v1

[Tiger Yang]

Hi,
The previous patches about EA didn't implement POSIX ACL and security 
EA. I add those support here.

The first patch fix some problem in xattr code.
The second patch add security EA support.
The third patch add ACL support basically.

Best regards,
tiger

[Ocfs2-devel] [PATCH 1/3] ocfs2: small fix in xattr

[Tiger Yang]

This patch fix some define problems.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
---
 fs/ocfs2/xattr.h         |   12 ++++++------
 fs/ocfs2/xattr_trusted.c |    4 +---
 fs/ocfs2/xattr_user.c    |    4 +---
 3 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
index d33dbe5..af2ba32 100644
--- a/fs/ocfs2/xattr.h
+++ b/fs/ocfs2/xattr.h
@@ -47,14 +47,14 @@ extern struct xattr_handler ocfs2_xattr_acl_default_handler;
 #ifdef CONFIG_OCFS2_FS_SECURITY
 extern struct xattr_handler ocfs2_xattr_security_handler;
 #endif
-
-extern ssize_t ocfs2_listxattr(struct dentry *, char *, size_t);
-extern int ocfs2_xattr_get(struct inode *, int, const char *, void *, size_t);
-extern int ocfs2_xattr_set(struct inode *, int, const char *, const void *,
-			   size_t, int);
-extern int ocfs2_xattr_remove(struct inode *inode, struct buffer_head *di_bh);
 extern struct xattr_handler *ocfs2_xattr_handlers[];
 
+ssize_t ocfs2_listxattr(struct dentry *, char *, size_t);
+int ocfs2_xattr_get(struct inode *, int, const char *, void *, size_t);
+int ocfs2_xattr_set(struct inode *, int, const char *, const void *,
+		    size_t, int);
+int ocfs2_xattr_remove(struct inode *inode, struct buffer_head *di_bh);
+
 static inline u16 ocfs2_xattr_buckets_per_cluster(struct ocfs2_super *osb)
 {
 	return (1 << osb->s_clustersize_bits) / OCFS2_XATTR_BUCKET_SIZE;
diff --git a/fs/ocfs2/xattr_trusted.c b/fs/ocfs2/xattr_trusted.c
index 4c589c4..cc15d40 100644
--- a/fs/ocfs2/xattr_trusted.c
+++ b/fs/ocfs2/xattr_trusted.c
@@ -38,13 +38,11 @@
 #include "ocfs2_fs.h"
 #include "xattr.h"
 
-#define XATTR_TRUSTED_PREFIX "trusted."
-
 static size_t ocfs2_xattr_trusted_list(struct inode *inode, char *list,
 				       size_t list_size, const char *name,
 				       size_t name_len)
 {
-	const size_t prefix_len = sizeof(XATTR_TRUSTED_PREFIX) - 1;
+	const size_t prefix_len = XATTR_TRUSTED_PREFIX_LEN;
 	const size_t total_len = prefix_len + name_len + 1;
 
 	if (list && total_len <= list_size) {
diff --git a/fs/ocfs2/xattr_user.c b/fs/ocfs2/xattr_user.c
index 93ba716..cb0bc41 100644
--- a/fs/ocfs2/xattr_user.c
+++ b/fs/ocfs2/xattr_user.c
@@ -38,13 +38,11 @@
 #include "ocfs2_fs.h"
 #include "xattr.h"
 
-#define XATTR_USER_PREFIX "user."
-
 static size_t ocfs2_xattr_user_list(struct inode *inode, char *list,
 				    size_t list_size, const char *name,
 				    size_t name_len)
 {
-	const size_t prefix_len = sizeof(XATTR_USER_PREFIX) - 1;
+	const size_t prefix_len = XATTR_USER_PREFIX_LEN;
 	const size_t total_len = prefix_len + name_len + 1;
 	struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
 
-- 
1.5.4.1

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Tiger Yang]

This patch add security extended attribute support in ocfs2.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
---
 fs/ocfs2/Makefile         |    3 +-
 fs/ocfs2/xattr.c          |    4 --
 fs/ocfs2/xattr.h          |    2 -
 fs/ocfs2/xattr_security.c |   81 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 83 insertions(+), 7 deletions(-)
 create mode 100644 fs/ocfs2/xattr_security.c

diff --git a/fs/ocfs2/Makefile b/fs/ocfs2/Makefile
index 21323da..73c1c82 100644
--- a/fs/ocfs2/Makefile
+++ b/fs/ocfs2/Makefile
@@ -37,7 +37,8 @@ ocfs2-objs := \
 	ver.o			\
 	xattr.o			\
 	xattr_user.o		\
-	xattr_trusted.o
+	xattr_trusted.o		\
+	xattr_security.o
 
 ocfs2_stackglue-objs := stackglue.o
 ocfs2_stack_o2cb-objs := stack_o2cb.o
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index 505fb40..d57cfae 100644
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -81,9 +81,7 @@ struct xattr_handler *ocfs2_xattr_handlers[] = {
 	&ocfs2_xattr_acl_default_handler,
 #endif
 	&ocfs2_xattr_trusted_handler,
-#ifdef CONFIG_OCFS2_FS_SECURITY
 	&ocfs2_xattr_security_handler,
-#endif
 	NULL
 };
 
@@ -96,9 +94,7 @@ static struct xattr_handler *ocfs2_xattr_handler_map[] = {
 					= &ocfs2_xattr_acl_default_handler,
 #endif
 	[OCFS2_XATTR_INDEX_TRUSTED]	= &ocfs2_xattr_trusted_handler,
-#ifdef CONFIG_OCFS2_FS_SECURITY
 	[OCFS2_XATTR_INDEX_SECURITY]	= &ocfs2_xattr_security_handler,
-#endif
 };
 
 struct ocfs2_xattr_info {
diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
index af2ba32..f3ec79a 100644
--- a/fs/ocfs2/xattr.h
+++ b/fs/ocfs2/xattr.h
@@ -44,9 +44,7 @@ extern struct xattr_handler ocfs2_xattr_trusted_handler;
 extern struct xattr_handler ocfs2_xattr_acl_access_handler;
 extern struct xattr_handler ocfs2_xattr_acl_default_handler;
 #endif
-#ifdef CONFIG_OCFS2_FS_SECURITY
 extern struct xattr_handler ocfs2_xattr_security_handler;
-#endif
 extern struct xattr_handler *ocfs2_xattr_handlers[];
 
 ssize_t ocfs2_listxattr(struct dentry *, char *, size_t);
diff --git a/fs/ocfs2/xattr_security.c b/fs/ocfs2/xattr_security.c
new file mode 100644
index 0000000..428c102
--- /dev/null
+++ b/fs/ocfs2/xattr_security.c
@@ -0,0 +1,81 @@
+/* -*- mode: c; c-basic-offset: 8; -*-
+ * vim: noexpandtab sw=8 ts=8 sts=0:
+ *
+ * xattr_security.c
+ *
+ * Copyright (C) 2008 Oracle.  All rights reserved.
+ *
+ * CREDITS:
+ * Lots of code in this file is taken from ext3.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public
+ * License along with this program; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 021110-1307, USA.
+ */
+
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/string.h>
+#include <linux/security.h>
+
+#define MLOG_MASK_PREFIX ML_INODE
+#include <cluster/masklog.h>
+
+#include "ocfs2.h"
+#include "alloc.h"
+#include "dlmglue.h"
+#include "file.h"
+#include "ocfs2_fs.h"
+#include "xattr.h"
+
+static size_t ocfs2_xattr_security_list(struct inode *inode, char *list,
+					size_t list_size, const char *name,
+					size_t name_len)
+{
+	const size_t prefix_len = XATTR_SECURITY_PREFIX_LEN;
+	const size_t total_len = prefix_len + name_len + 1;
+
+	if (list && total_len <= list_size) {
+		memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
+		memcpy(list + prefix_len, name, name_len);
+		list[prefix_len + name_len] = '\0';
+	}
+	return total_len;
+}
+
+static int ocfs2_xattr_security_get(struct inode *inode, const char *name,
+				    void *buffer, size_t size)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return ocfs2_xattr_get(inode, OCFS2_XATTR_INDEX_SECURITY, name,
+			       buffer, size);
+}
+
+static int ocfs2_xattr_security_set(struct inode *inode, const char *name,
+				    const void *value, size_t size, int flags)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+
+	return ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, name, value,
+			       size, flags);
+}
+
+struct xattr_handler ocfs2_xattr_security_handler = {
+	.prefix	= XATTR_SECURITY_PREFIX,
+	.list	= ocfs2_xattr_security_list,
+	.get	= ocfs2_xattr_security_get,
+	.set	= ocfs2_xattr_security_set,
+};
-- 
1.5.4.1

[Ocfs2-devel] [PATCH 3/3] ocfs2: Add posix ACL support in ocfs2 v1

[Tiger Yang]

This patch add posix ACL support in ocfs2.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
---
 fs/ocfs2/Makefile |    1 +
 fs/ocfs2/acl.c    |  383 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 fs/ocfs2/acl.h    |   40 ++++++
 fs/ocfs2/file.c   |    3 +-
 fs/ocfs2/namei.c  |    3 +
 fs/ocfs2/xattr.c  |    4 -
 fs/ocfs2/xattr.h  |    2 -
 7 files changed, 429 insertions(+), 7 deletions(-)
 create mode 100644 fs/ocfs2/acl.c
 create mode 100644 fs/ocfs2/acl.h

diff --git a/fs/ocfs2/Makefile b/fs/ocfs2/Makefile
index 73c1c82..27f0954 100644
--- a/fs/ocfs2/Makefile
+++ b/fs/ocfs2/Makefile
@@ -10,6 +10,7 @@ obj-$(CONFIG_OCFS2_FS_O2CB) += ocfs2_stack_o2cb.o
 obj-$(CONFIG_OCFS2_FS_USERSPACE_CLUSTER) += ocfs2_stack_user.o
 
 ocfs2-objs := \
+	acl.o			\
 	alloc.o 		\
 	aops.o 			\
 	buffer_head_io.o	\
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
new file mode 100644
index 0000000..eff4155
--- /dev/null
+++ b/fs/ocfs2/acl.c
@@ -0,0 +1,383 @@
+/* -*- mode: c; c-basic-offset: 8; -*-
+ * vim: noexpandtab sw=8 ts=8 sts=0:
+ *
+ * acl.c
+ *
+ * Copyright (C) 2008 Oracle.  All rights reserved.
+ *
+ * CREDITS:
+ * Lots of code in this file is taken from ext3.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public
+ * License along with this program; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 021110-1307, USA.
+ */
+
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/string.h>
+
+#define MLOG_MASK_PREFIX ML_INODE
+#include <cluster/masklog.h>
+
+#include "ocfs2.h"
+#include "alloc.h"
+#include "dlmglue.h"
+#include "file.h"
+#include "ocfs2_fs.h"
+
+#include "xattr.h"
+#include "acl.h"
+
+/*
+ * Convert from xattr value to acl struct.
+ */
+static struct posix_acl *ocfs2_acl_from_xattr(const void *value, size_t size)
+{
+	int n, count;
+	struct posix_acl *acl;
+
+	if (!value)
+		return NULL;
+	if (size < sizeof(struct posix_acl_entry))
+		 return ERR_PTR(-EINVAL);
+
+	count = size / sizeof(struct posix_acl_entry);
+	if (count < 0)
+		return ERR_PTR(-EINVAL);
+	if (count == 0)
+		return NULL;
+
+	acl = posix_acl_alloc(count, GFP_NOFS);
+	if (!acl)
+		return ERR_PTR(-ENOMEM);
+	for (n = 0; n < count; n++) {
+		struct ocfs2_acl_entry *entry =
+			(struct ocfs2_acl_entry *)value;
+
+		acl->a_entries[n].e_tag  = le16_to_cpu(entry->e_tag);
+		acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm);
+		acl->a_entries[n].e_id   = le32_to_cpu(entry->e_id);
+		value += sizeof(struct posix_acl_entry);
+
+	}
+	return acl;
+}
+
+/*
+ * Convert acl struct to xattr value.
+ */
+static void *ocfs2_acl_to_xattr(const struct posix_acl *acl, size_t *size)
+{
+	struct ocfs2_acl_entry *entry = NULL;
+	char *ocfs2_acl;
+	size_t n;
+
+	*size = acl->a_count * sizeof(struct posix_acl_entry);
+
+	ocfs2_acl = kmalloc(*size, GFP_NOFS);
+	if (!ocfs2_acl)
+		return ERR_PTR(-ENOMEM);
+
+	entry = (struct ocfs2_acl_entry *)ocfs2_acl;
+	for (n = 0; n < acl->a_count; n++, entry++) {
+		entry->e_tag  = cpu_to_le16(acl->a_entries[n].e_tag);
+		entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm);
+		entry->e_id   = cpu_to_le32(acl->a_entries[n].e_id);
+	}
+	return ocfs2_acl;
+}
+
+/*
+ * Get posix acl.
+ */
+static struct posix_acl *ocfs2_get_acl(struct inode *inode, int type)
+{
+	int name_index;
+	char *value = NULL;
+	struct posix_acl *acl;
+	int retval;
+
+	switch (type) {
+	case ACL_TYPE_ACCESS:
+		name_index = OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS;
+		break;
+	case ACL_TYPE_DEFAULT:
+		name_index = OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT;
+		break;
+	default:
+		return ERR_PTR(-EINVAL);
+	}
+
+	retval = ocfs2_xattr_get(inode, name_index, "", NULL, 0);
+	if (retval > 0) {
+		value = kmalloc(retval, GFP_NOFS);
+		if (!value)
+			return ERR_PTR(-ENOMEM);
+		retval = ocfs2_xattr_get(inode, name_index, "", value, retval);
+	}
+
+	if (retval > 0)
+		acl = ocfs2_acl_from_xattr(value, retval);
+	else if (retval == -ENODATA || retval == -ENOSYS)
+		acl = NULL;
+	else
+		acl = ERR_PTR(retval);
+
+	kfree(value);
+
+	return acl;
+}
+
+/*
+ * Set the access or default ACL of an inode.
+ */
+static int ocfs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
+{
+	int name_index;
+	void *value = NULL;
+	size_t size = 0;
+	int ret;
+
+	if (S_ISLNK(inode->i_mode))
+		return -EOPNOTSUPP;
+
+	switch (type) {
+	case ACL_TYPE_ACCESS:
+		name_index = OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS;
+		if (acl) {
+			mode_t mode = inode->i_mode;
+			ret = posix_acl_equiv_mode(acl, &mode);
+			if (ret < 0)
+				return ret;
+			else {
+				inode->i_mode = mode;
+				if (ret == 0)
+					acl = NULL;
+			}
+		}
+		break;
+	case ACL_TYPE_DEFAULT:
+		name_index = OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT;
+		if (!S_ISDIR(inode->i_mode))
+			return acl ? -EACCES : 0;
+		break;
+	default:
+		return -EINVAL;
+	}
+
+	if (acl) {
+		value = ocfs2_acl_to_xattr(acl, &size);
+		if (IS_ERR(value))
+			return (int)PTR_ERR(value);
+	}
+
+	ret = ocfs2_xattr_set(inode, name_index, "", value, size, 0);
+
+	kfree(value);
+
+	return ret;
+}
+
+int ocfs2_check_acl(struct inode *inode, int mask)
+{
+	struct posix_acl *acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS);
+
+	if (IS_ERR(acl))
+		return PTR_ERR(acl);
+	if (acl) {
+		int ret = posix_acl_permission(inode, acl, mask);
+		posix_acl_release(acl);
+		return ret;
+	}
+
+	return -EAGAIN;
+}
+
+/*
+ * Initialize the ACLs of a new inode. If parent directory has default ACL,
+ * then clone to new inode. Called from ocfs2_mknod.
+ */
+int ocfs2_init_acl(struct inode *inode, struct inode *dir)
+{
+	struct posix_acl *acl = NULL;
+	int ret = 0;
+
+	if (!S_ISLNK(inode->i_mode)) {
+		acl = ocfs2_get_acl(dir, ACL_TYPE_DEFAULT);
+		if (IS_ERR(acl))
+			return PTR_ERR(acl);
+		if (!acl)
+			inode->i_mode &= ~current->fs->umask;
+	}
+	if (acl) {
+		struct posix_acl *clone;
+		mode_t mode;
+
+		if (S_ISDIR(inode->i_mode)) {
+			ret = ocfs2_set_acl(inode, ACL_TYPE_DEFAULT, acl);
+			if (ret)
+				goto cleanup;
+		}
+		clone = posix_acl_clone(acl, GFP_NOFS);
+		ret = -ENOMEM;
+		if (!clone)
+			goto cleanup;
+
+		mode = inode->i_mode;
+		ret = posix_acl_create_masq(clone, &mode);
+		if (ret >= 0) {
+			inode->i_mode = mode;
+			if (ret > 0) {
+				ret = ocfs2_set_acl(inode,
+						    ACL_TYPE_ACCESS, clone);
+			}
+		}
+		posix_acl_release(clone);
+	}
+cleanup:
+	posix_acl_release(acl);
+	return ret;
+}
+
+static size_t ocfs2_xattr_list_acl_access(struct inode *inode,
+					  char *list,
+					  size_t list_len,
+					  const char *name,
+					  size_t name_len)
+{
+	const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS);
+
+	if (list && size <= list_len)
+		memcpy(list, POSIX_ACL_XATTR_ACCESS, size);
+	return size;
+}
+
+static size_t ocfs2_xattr_list_acl_default(struct inode *inode,
+					   char *list,
+					   size_t list_len,
+					   const char *name,
+					   size_t name_len)
+{
+	const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT);
+
+	if (list && size <= list_len)
+		memcpy(list, POSIX_ACL_XATTR_DEFAULT, size);
+	return size;
+}
+
+static int ocfs2_xattr_get_acl(struct inode *inode,
+			       int type,
+			       void *buffer,
+			       size_t size)
+{
+	struct posix_acl *acl;
+	int ret;
+
+	acl = ocfs2_get_acl(inode, type);
+	if (IS_ERR(acl))
+		return PTR_ERR(acl);
+	if (acl == NULL)
+		return -ENODATA;
+	ret = posix_acl_to_xattr(acl, buffer, size);
+	posix_acl_release(acl);
+
+	return ret;
+}
+
+static int ocfs2_xattr_get_acl_access(struct inode *inode,
+				      const char *name,
+				      void *buffer,
+				      size_t size)
+{
+	if (strcmp(name, "") != 0)
+		return -EINVAL;
+	return ocfs2_xattr_get_acl(inode, ACL_TYPE_ACCESS, buffer, size);
+}
+
+static int ocfs2_xattr_get_acl_default(struct inode *inode,
+				       const char *name,
+				       void *buffer,
+				       size_t size)
+{
+	if (strcmp(name, "") != 0)
+		return -EINVAL;
+	return ocfs2_xattr_get_acl(inode, ACL_TYPE_DEFAULT, buffer, size);
+}
+
+static int ocfs2_xattr_set_acl(struct inode *inode,
+			       int type,
+			       const void *value,
+			       size_t size)
+{
+	struct posix_acl *acl;
+	int ret = 0;
+
+	if (!is_owner_or_cap(inode))
+		return -EPERM;
+
+	if (value) {
+		acl = posix_acl_from_xattr(value, size);
+		if (IS_ERR(acl))
+			return PTR_ERR(acl);
+		else if (acl) {
+			ret = posix_acl_valid(acl);
+			if (ret)
+				goto cleanup;
+		}
+	} else
+		acl = NULL;
+
+	ret = ocfs2_set_acl(inode, type, acl);
+
+cleanup:
+	posix_acl_release(acl);
+	return ret;
+}
+
+static int ocfs2_xattr_set_acl_access(struct inode *inode,
+				      const char *name,
+				      const void *value,
+				      size_t size,
+				      int flags)
+{
+	if (strcmp(name, "") != 0)
+		return -EINVAL;
+	return ocfs2_xattr_set_acl(inode, ACL_TYPE_ACCESS, value, size);
+}
+
+static int ocfs2_xattr_set_acl_default(struct inode *inode,
+				       const char *name,
+				       const void *value,
+				       size_t size,
+				       int flags)
+{
+	if (strcmp(name, "") != 0)
+		return -EINVAL;
+	return ocfs2_xattr_set_acl(inode, ACL_TYPE_DEFAULT, value, size);
+}
+
+struct xattr_handler ocfs2_xattr_acl_access_handler = {
+	.prefix	= POSIX_ACL_XATTR_ACCESS,
+	.list	= ocfs2_xattr_list_acl_access,
+	.get	= ocfs2_xattr_get_acl_access,
+	.set	= ocfs2_xattr_set_acl_access,
+};
+
+struct xattr_handler ocfs2_xattr_acl_default_handler = {
+	.prefix	= POSIX_ACL_XATTR_DEFAULT,
+	.list	= ocfs2_xattr_list_acl_default,
+	.get	= ocfs2_xattr_get_acl_default,
+	.set	= ocfs2_xattr_set_acl_default,
+};
diff --git a/fs/ocfs2/acl.h b/fs/ocfs2/acl.h
new file mode 100644
index 0000000..ba1cb92
--- /dev/null
+++ b/fs/ocfs2/acl.h
@@ -0,0 +1,40 @@
+/* -*- mode: c; c-basic-offset: 8; -*-
+ * vim: noexpandtab sw=8 ts=8 sts=0:
+ *
+ * acl.h
+ *
+ * Function prototypes
+ *
+ * Copyright (C) 2008 Oracle.  All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public
+ * License along with this program; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 021110-1307, USA.
+ */
+
+#ifndef OCFS2_ACL_H
+#define OCFS2_ACL_H
+
+#include <linux/posix_acl_xattr.h>
+
+struct ocfs2_acl_entry {
+	__le16 e_tag;
+	__le16 e_perm;
+	__le32 e_id;
+};
+
+int ocfs2_check_acl(struct inode *inode, int mask);
+int ocfs2_init_acl(struct inode *inode, struct inode *dir);
+
+#endif /* OCFS2_ACL_H */
diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c
index edcdd39..96a53eb 100644
--- a/fs/ocfs2/file.c
+++ b/fs/ocfs2/file.c
@@ -56,6 +56,7 @@
 #include "suballoc.h"
 #include "super.h"
 #include "xattr.h"
+#include "acl.h"
 
 #include "buffer_head_io.h"
 
@@ -1031,7 +1032,7 @@ int ocfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
 		goto out;
 	}
 
-	ret = generic_permission(inode, mask, NULL);
+	ret = generic_permission(inode, mask, ocfs2_check_acl);
 
 	ocfs2_inode_unlock(inode, 0);
 out:
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index 76d1d13..9f8f313 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -61,6 +61,7 @@
 #include "sysfile.h"
 #include "uptodate.h"
 #include "xattr.h"
+#include "acl.h"
 
 #include "buffer_head_io.h"
 
@@ -328,6 +329,8 @@ leave:
 	if (status == -ENOSPC)
 		mlog(0, "Disk is full\n");
 
+	status = ocfs2_init_acl(inode, dir);
+
 	if (new_fe_bh)
 		brelse(new_fe_bh);
 
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index d57cfae..1daff4f 100644
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -76,10 +76,8 @@ static struct ocfs2_xattr_def_value_root def_xv = {
 
 struct xattr_handler *ocfs2_xattr_handlers[] = {
 	&ocfs2_xattr_user_handler,
-#ifdef CONFIG_OCFS2_FS_POSIX_ACL
 	&ocfs2_xattr_acl_access_handler,
 	&ocfs2_xattr_acl_default_handler,
-#endif
 	&ocfs2_xattr_trusted_handler,
 	&ocfs2_xattr_security_handler,
 	NULL
@@ -87,12 +85,10 @@ struct xattr_handler *ocfs2_xattr_handlers[] = {
 
 static struct xattr_handler *ocfs2_xattr_handler_map[] = {
 	[OCFS2_XATTR_INDEX_USER]	= &ocfs2_xattr_user_handler,
-#ifdef CONFIG_OCFS2_FS_POSIX_ACL
 	[OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS]
 					= &ocfs2_xattr_acl_access_handler,
 	[OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT]
 					= &ocfs2_xattr_acl_default_handler,
-#endif
 	[OCFS2_XATTR_INDEX_TRUSTED]	= &ocfs2_xattr_trusted_handler,
 	[OCFS2_XATTR_INDEX_SECURITY]	= &ocfs2_xattr_security_handler,
 };
diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
index f3ec79a..b8d6522 100644
--- a/fs/ocfs2/xattr.h
+++ b/fs/ocfs2/xattr.h
@@ -40,10 +40,8 @@ enum ocfs2_xattr_type {
 
 extern struct xattr_handler ocfs2_xattr_user_handler;
 extern struct xattr_handler ocfs2_xattr_trusted_handler;
-#ifdef CONFIG_OCFS2_FS_POSIX_ACL
 extern struct xattr_handler ocfs2_xattr_acl_access_handler;
 extern struct xattr_handler ocfs2_xattr_acl_default_handler;
-#endif
 extern struct xattr_handler ocfs2_xattr_security_handler;
 extern struct xattr_handler *ocfs2_xattr_handlers[];
 
-- 
1.5.4.1

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Mark Fasheh]

On Fri, Sep 19, 2008 at 05:42:33PM +0800, Tiger Yang wrote:
> This patch add security extended attribute support in ocfs2.

Ok, thanks for this.


> +struct xattr_handler ocfs2_xattr_security_handler = {
> +	.prefix	= XATTR_SECURITY_PREFIX,
> +	.list	= ocfs2_xattr_security_list,
> +	.get	= ocfs2_xattr_security_get,
> +	.set	= ocfs2_xattr_security_set,
> +};

Don't we need to add a call to 'security_inode_init_security()' when creating a new
inode?

The patch otherwise looks good. How was it tested?
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Mark Fasheh]

On Fri, Sep 19, 2008 at 05:42:33PM +0800, Tiger Yang wrote:
> diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
> index 505fb40..d57cfae 100644
> --- a/fs/ocfs2/xattr.c
> +++ b/fs/ocfs2/xattr.c
> @@ -81,9 +81,7 @@ struct xattr_handler *ocfs2_xattr_handlers[] = {
>  	&ocfs2_xattr_acl_default_handler,
>  #endif
>  	&ocfs2_xattr_trusted_handler,
> -#ifdef CONFIG_OCFS2_FS_SECURITY
>  	&ocfs2_xattr_security_handler,
> -#endif
>  	NULL
>  };
>  
> @@ -96,9 +94,7 @@ static struct xattr_handler *ocfs2_xattr_handler_map[] = {
>  					= &ocfs2_xattr_acl_default_handler,
>  #endif
>  	[OCFS2_XATTR_INDEX_TRUSTED]	= &ocfs2_xattr_trusted_handler,
> -#ifdef CONFIG_OCFS2_FS_SECURITY
>  	[OCFS2_XATTR_INDEX_SECURITY]	= &ocfs2_xattr_security_handler,
> -#endif
>  };

Oh, almost missed this actually. Isn't it customary to allow the user to
select whether to compile in support for security attributes, or acls? You
can pretty much copy the code from any other file system really.


Also, would you mind rebasing these against the latest xattrs branch in
ocfs2.git? The only change was that I removed the code in '#ifdef
CONFIG_OCFS2_FS_SECURITY' and '#ifdef CONFIG_OCFS2_FS_ACL' because we
weren't ever defining those yet. Obviously, you get to add them back now  :)
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 3/3] ocfs2: Add posix ACL support in ocfs2 v1

[Mark Fasheh]

On Fri, Sep 19, 2008 at 05:43:01PM +0800, Tiger Yang wrote:
> diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c
> index edcdd39..96a53eb 100644
> --- a/fs/ocfs2/file.c
> +++ b/fs/ocfs2/file.c
> @@ -56,6 +56,7 @@
>  #include "suballoc.h"
>  #include "super.h"
>  #include "xattr.h"
> +#include "acl.h"
>  
>  #include "buffer_head_io.h"
>  
> @@ -1031,7 +1032,7 @@ int ocfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
>  		goto out;
>  	}
>  
> -	ret = generic_permission(inode, mask, NULL);
> +	ret = generic_permission(inode, mask, ocfs2_check_acl);
>  
>  	ocfs2_inode_unlock(inode, 0);
>  out:

I think we also need some acl-specific handling of chmod in ocfs2_setattr.
See ext3_acl_chmod, where it's called and what it does.


> diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
> index 76d1d13..9f8f313 100644
> --- a/fs/ocfs2/namei.c
> +++ b/fs/ocfs2/namei.c
> @@ -61,6 +61,7 @@
>  #include "sysfile.h"
>  #include "uptodate.h"
>  #include "xattr.h"
> +#include "acl.h"
>  
>  #include "buffer_head_io.h"
>  
> @@ -328,6 +329,8 @@ leave:
>  	if (status == -ENOSPC)
>  		mlog(0, "Disk is full\n");
>  
> +	status = ocfs2_init_acl(inode, dir);

Err, this is a pretty bad place for a call which must do work only if we're
succesfull in creating the inode. A better place would be a few lines up,
maybe even just before the call to 'ocfs2_add_entry()', so that an acl
failure won't result in a non-acl-copied inode which is accessible from a
directory.
	

> +
>  	if (new_fe_bh)
>  		brelse(new_fe_bh);
>  
> diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
> index d57cfae..1daff4f 100644
> --- a/fs/ocfs2/xattr.c
> +++ b/fs/ocfs2/xattr.c
> @@ -76,10 +76,8 @@ static struct ocfs2_xattr_def_value_root def_xv = {
>  
>  struct xattr_handler *ocfs2_xattr_handlers[] = {
>  	&ocfs2_xattr_user_handler,
> -#ifdef CONFIG_OCFS2_FS_POSIX_ACL
>  	&ocfs2_xattr_acl_access_handler,
>  	&ocfs2_xattr_acl_default_handler,
> -#endif
>  	&ocfs2_xattr_trusted_handler,
>  	&ocfs2_xattr_security_handler,
>  	NULL
> @@ -87,12 +85,10 @@ struct xattr_handler *ocfs2_xattr_handlers[] = {
>  
>  static struct xattr_handler *ocfs2_xattr_handler_map[] = {
>  	[OCFS2_XATTR_INDEX_USER]	= &ocfs2_xattr_user_handler,
> -#ifdef CONFIG_OCFS2_FS_POSIX_ACL
>  	[OCFS2_XATTR_INDEX_POSIX_ACL_ACCESS]
>  					= &ocfs2_xattr_acl_access_handler,
>  	[OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT]
>  					= &ocfs2_xattr_acl_default_handler,
> -#endif
>  	[OCFS2_XATTR_INDEX_TRUSTED]	= &ocfs2_xattr_trusted_handler,
>  	[OCFS2_XATTR_INDEX_SECURITY]	= &ocfs2_xattr_security_handler,
>  };

Same as before about the #ifdef's, and adding a proper Kconfig item for
this.
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Tiger Yang]

Hi,Mark,

Mark Fasheh wrote:
  > Don't we need to add a call to 'security_inode_init_security()' when 
creating a new
> inode?
In security_inode_init_security(), it will check IS_PRIVATE(inode), if 
it is not a private inode, it will return.
It seems we don't use S_PRIVATE in ocfs2, do we?

anyway, I can add this call in ocfs2 quickly.

Best regards,
tiger

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Tiger Yang]

Mark Fasheh wrote:
> Oh, almost missed this actually. Isn't it customary to allow the user to
> select whether to compile in support for security attributes, or acls? You
> can pretty much copy the code from any other file system really.
OK. I will refer to others.

One more question, They also allow user to select whether support EA,
in ocfs2, do we need this option in Kconfig? or we support EA by default?

> Also, would you mind rebasing these against the latest xattrs branch in
> ocfs2.git? The only change was that I removed the code in '#ifdef
> CONFIG_OCFS2_FS_SECURITY' and '#ifdef CONFIG_OCFS2_FS_ACL' because we
> weren't ever defining those yet. Obviously, you get to add them back now  :)
no problem. I will rebase the branch and generate all the patches.

best regards,
tiger

[Ocfs2-devel] [PATCH 3/3] ocfs2: Add posix ACL support in ocfs2 v1

[Tiger Yang]

Hi, Mark,

Mark Fasheh wrote:
> I think we also need some acl-specific handling of chmod in ocfs2_setattr.
> See ext3_acl_chmod, where it's called and what it does.
OK. I will add it later after learning ext3.

> Err, this is a pretty bad place for a call which must do work only if we're
> succesfull in creating the inode. A better place would be a few lines up,
> maybe even just before the call to 'ocfs2_add_entry()', so that an acl
> failure won't result in a non-acl-copied inode which is accessible from a
> directory.
I put this function here because ocfs2_xattr_set need start transaction.
So I put it after commit transaction.

To avoid the issue you mentioned, I modify it to the following
-       status = ocfs2_init_acl(inode, dir);
+       if (!status) {
+               if (ocfs2_init_acl(inode, dir))
+                       mlog(0, "Init acl error\n");
+       }
is this acceptable?

> Same as before about the #ifdef's, and adding a proper Kconfig item for
> this.
No problem.

Best regards,
tiger

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Mark Fasheh]

On Wed, Sep 24, 2008 at 03:37:13PM +0800, Tiger Yang wrote:
> Hi,Mark,
> 
> Mark Fasheh wrote:
>  > Don't we need to add a call to 'security_inode_init_security()' when 
> creating a new
> >inode?
> In security_inode_init_security(), it will check IS_PRIVATE(inode), if 
> it is not a private inode, it will return.
> It seems we don't use S_PRIVATE in ocfs2, do we?

Are you sure? This is the code I have in my git tree:

int security_inode_init_security(struct inode *inode, struct inode *dir,
				  char **name, void **value, size_t *len)
{
	if (unlikely(IS_PRIVATE(inode)))
		return -EOPNOTSUPP;
	return security_ops->inode_init_security(inode, dir, name, value,
len);
}
EXPORT_SYMBOL(security_inode_init_security);


So the check is looking for S_PRIVATE and skipping only if it's set, which
would mean that this gets run for most inodes...


> anyway, I can add this call in ocfs2 quickly.

Yeah, I think we need it.

Thanks,
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Mark Fasheh]

On Wed, Sep 24, 2008 at 03:44:18PM +0800, Tiger Yang wrote:
> Mark Fasheh wrote:
> >Oh, almost missed this actually. Isn't it customary to allow the user to
> >select whether to compile in support for security attributes, or acls? You
> >can pretty much copy the code from any other file system really.
> OK. I will refer to others.
> 
> One more question, They also allow user to select whether support EA,
> in ocfs2, do we need this option in Kconfig? or we support EA by default?

Hmm... Do you know why they allow EA's to be compiled optionally? Maybe we
should do the same. I don't have any strong opinions one way or the other
though.


> >Also, would you mind rebasing these against the latest xattrs branch in
> >ocfs2.git? The only change was that I removed the code in '#ifdef
> >CONFIG_OCFS2_FS_SECURITY' and '#ifdef CONFIG_OCFS2_FS_ACL' because we
> >weren't ever defining those yet. Obviously, you get to add them back now  
> >:)
> no problem. I will rebase the branch and generate all the patches.

Thanks, I appreciate this.
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 3/3] ocfs2: Add posix ACL support in ocfs2 v1

[Mark Fasheh]

On Wed, Sep 24, 2008 at 04:01:46PM +0800, Tiger Yang wrote:
> Mark Fasheh wrote:
> >I think we also need some acl-specific handling of chmod in ocfs2_setattr.
> >See ext3_acl_chmod, where it's called and what it does.
> OK. I will add it later after learning ext3.

Great, thanks.


> >Err, this is a pretty bad place for a call which must do work only if we're
> >succesfull in creating the inode. A better place would be a few lines up,
> >maybe even just before the call to 'ocfs2_add_entry()', so that an acl
> >failure won't result in a non-acl-copied inode which is accessible from a
> >directory.
> I put this function here because ocfs2_xattr_set need start transaction.
> So I put it after commit transaction.
> 
> To avoid the issue you mentioned, I modify it to the following
> -       status = ocfs2_init_acl(inode, dir);
> +       if (!status) {
> +               if (ocfs2_init_acl(inode, dir))
> +                       mlog(0, "Init acl error\n");
> +       }
> is this acceptable?

It might be better if we can add the acls before the directory entry. This
means though that you'll have to add them as part of the current
transaction. I think this requires a few changes:
	- Add code to reserve the meta data alloc file
		- Symlinks will need this if the link name is so large it
		  won't allow inline EA's.
		- 512 byte blocks will need to always reserve a block for
		  the external EA block
	- If the acl value won't fit inline, reserve more clusters from the
	  cluster allocator.
	- Add the proper number of credits to those already passed to
	  ocfs2_start_trans(). I think the common case will be zero, but
	  when we attach an external ea block or have a value in an extent,
	  we'll need more.
	- Pass the handle, and allocators through to ocfs2_init_acl()
	  so that it can all be done in the current transaction.

Thanks,
	--Mark

--
Mark Fasheh

[Ocfs2-devel] [PATCH 2/3] ocfs2: Add security xattr support in ocfs2

[Christoph Hellwig]

On Mon, Sep 22, 2008 at 11:33:29PM -0700, Mark Fasheh wrote:
> Also, would you mind rebasing these against the latest xattrs branch in
> ocfs2.git? The only change was that I removed the code in '#ifdef
> CONFIG_OCFS2_FS_SECURITY' and '#ifdef CONFIG_OCFS2_FS_ACL' because we
> weren't ever defining those yet. Obviously, you get to add them back now  :)

An option for ACLs makes some sense, but the security attrs are so
little code that's it's pointless.