From: amir73il@users.sourceforge.net
To: linux-ext4@vger.kernel.org
Cc: tytso@mit.edu, lczerner@redhat.com,
Amir Goldstein <amir73il@users.sf.net>,
Yongqiang Yang <xiaoqiangnk@gmail.com>
Subject: [PATCH v1 11/36] ext4: snapshot file - permissions
Date: Tue, 7 Jun 2011 18:07:38 +0300 [thread overview]
Message-ID: <1307459283-22130-12-git-send-email-amir73il@users.sourceforge.net> (raw)
In-Reply-To: <1307459283-22130-1-git-send-email-amir73il@users.sourceforge.net>
From: Amir Goldstein <amir73il@users.sf.net>
Enforce snapshot file permissions.
Write, truncate and unlink of snapshot inodes is not allowed.
Signed-off-by: Amir Goldstein <amir73il@users.sf.net>
Signed-off-by: Yongqiang Yang <xiaoqiangnk@gmail.com>
---
fs/ext4/file.c | 7 +++++++
fs/ext4/inode.c | 7 +++++++
fs/ext4/namei.c | 8 ++++++++
3 files changed, 22 insertions(+), 0 deletions(-)
diff --git a/fs/ext4/file.c b/fs/ext4/file.c
index 60b3b19..f31e58e 100644
--- a/fs/ext4/file.c
+++ b/fs/ext4/file.c
@@ -168,6 +168,13 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
struct path path;
char buf[64], *cp;
+ if (ext4_snapshot_file(inode) &&
+ (filp->f_flags & O_ACCMODE) != O_RDONLY)
+ /*
+ * allow only read-only access to snapshot files
+ */
+ return -EPERM;
+
if (unlikely(!(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED) &&
!(sb->s_flags & MS_RDONLY))) {
sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED;
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index f44f7d3..b210b33 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -4727,6 +4727,13 @@ void ext4_truncate(struct inode *inode)
trace_ext4_truncate_enter(inode);
+ /* prevent truncate of files on snapshot list */
+ if (ext4_snapshot_list(inode)) {
+ snapshot_debug(1, "snapshot (%u) cannot be truncated!\n",
+ inode->i_generation);
+ return;
+ }
+
if (!ext4_can_truncate(inode))
return;
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 93196b6..41df36f 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2225,6 +2225,14 @@ static int ext4_unlink(struct inode *dir, struct dentry *dentry)
inode->i_ino, inode->i_nlink);
inode->i_nlink = 1;
}
+ /* prevent unlink of files on snapshot list */
+ if (inode->i_nlink == 1 &&
+ ext4_snapshot_list(inode)) {
+ snapshot_debug(1, "snapshot (%u) cannot be unlinked!\n",
+ inode->i_generation);
+ retval = -EPERM;
+ goto end_unlink;
+ }
retval = ext4_delete_entry(handle, dir, de, bh);
if (retval)
goto end_unlink;
--
1.7.4.1
next prev parent reply other threads:[~2011-06-07 15:09 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-07 15:07 [PATCH v1 00/30] Ext4 snapshots amir73il
2011-06-07 15:07 ` [PATCH v1 01/36] ext4: EXT4 snapshots (Experimental) amir73il
2011-06-07 15:07 ` [PATCH v1 02/36] ext4: snapshot debugging support amir73il
2011-06-07 15:07 ` [PATCH v1 03/36] ext4: snapshot hooks - inside JBD hooks amir73il
2011-06-07 15:07 ` [PATCH v1 04/36] ext4: snapshot hooks - block bitmap access amir73il
2011-06-07 15:07 ` [PATCH v1 05/36] ext4: snapshot hooks - delete blocks amir73il
2011-06-07 15:07 ` [PATCH v1 06/36] ext4: snapshot hooks - move data blocks amir73il
2011-06-07 15:07 ` [PATCH v1 07/36] ext4: snapshot hooks - direct I/O amir73il
2011-06-07 15:07 ` [PATCH v1 08/36] ext4: snapshot hooks - move extent file data blocks amir73il
2011-06-07 15:07 ` [PATCH v1 09/36] ext4: snapshot file amir73il
2011-06-07 15:07 ` [PATCH v1 10/36] ext4: snapshot file - read through to block device amir73il
2011-06-07 15:07 ` amir73il [this message]
2011-06-07 15:07 ` [PATCH v1 12/36] ext4: snapshot file - store on disk amir73il
2011-06-07 15:07 ` [PATCH v1 13/36] ext4: snapshot file - increase maximum file size limit to 16TB amir73il
2011-06-07 15:07 ` [PATCH v1 14/36] ext4: snapshot block operations amir73il
2011-06-07 15:07 ` [PATCH v1 15/36] ext4: snapshot block operation - copy blocks to snapshot amir73il
2011-06-07 15:07 ` [PATCH v1 16/36] ext4: snapshot block operation - move " amir73il
2011-06-07 15:07 ` [PATCH v1 17/36] ext4: snapshot block operation - copy block bitmap " amir73il
2011-06-07 15:07 ` [PATCH v1 18/36] ext4: snapshot control amir73il
2011-06-07 15:07 ` [PATCH v1 19/36] ext4: snapshot control - init new snapshot amir73il
2011-06-07 15:07 ` [PATCH v1 20/36] ext4: snapshot control - fix " amir73il
2011-06-07 15:07 ` [PATCH v1 21/36] ext4: snapshot control - reserve disk space for snapshot amir73il
2011-06-07 15:07 ` [PATCH v1 22/36] ext4: snapshot journaled - increase transaction credits amir73il
2011-06-07 15:07 ` [PATCH v1 23/36] ext4: snapshot journaled - implement journal_release_buffer() amir73il
2011-06-07 15:07 ` [PATCH v1 24/36] ext4: snapshot journaled - bypass to save credits amir73il
2011-06-07 15:07 ` [PATCH v1 25/36] ext4: snapshot journaled - cache last COW tid in journal_head amir73il
2011-06-07 15:07 ` [PATCH v1 26/36] ext4: snapshot journaled - trace COW/buffer credits amir73il
2011-06-07 15:07 ` [PATCH v1 27/36] ext4: snapshot list support amir73il
2011-06-07 15:07 ` [PATCH v1 28/36] ext4: snapshot list - read through to previous snapshot amir73il
2011-06-07 15:07 ` [PATCH v1 29/36] ext4: snapshot race conditions - concurrent COW bitmap operations amir73il
2011-06-07 15:07 ` [PATCH v1 30/36] ext4: snapshot race conditions - concurrent COW operations amir73il
2011-06-07 15:07 ` [PATCH v1 31/36] ext4: snapshot race conditions - tracked reads amir73il
2011-06-07 15:07 ` [PATCH v1 32/36] ext4: snapshot exclude - the exclude bitmap amir73il
2011-06-07 15:08 ` [PATCH v1 33/36] ext4: snapshot cleanup amir73il
2011-06-07 15:08 ` [PATCH v1 34/36] ext4: snapshot cleanup - shrink deleted snapshots amir73il
2011-06-07 15:08 ` [PATCH v1 35/36] ext4: snapshot cleanup - merge shrunk snapshots amir73il
2011-06-07 15:08 ` [PATCH v1 36/36] ext4: snapshot rocompat - enable rw mount amir73il
2011-06-07 15:56 ` [PATCH v1 00/30] Ext4 snapshots Lukas Czerner
2011-06-07 16:31 ` Amir G.
2011-06-08 10:09 ` Lukas Czerner
2011-06-08 14:04 ` Amir G.
2011-06-08 14:41 ` Eric Sandeen
2011-06-08 15:01 ` Amir G.
2011-06-08 15:22 ` Eric Sandeen
2011-06-08 15:33 ` Amir G.
2011-06-08 15:38 ` Lukas Czerner
2011-06-08 15:59 ` Amir G.
2011-06-08 16:19 ` Mike Snitzer
2011-06-09 1:59 ` Yongqiang Yang
2011-06-09 3:18 ` Amir G.
2011-06-09 3:51 ` Yongqiang Yang
2011-06-09 6:50 ` Lukas Czerner
2011-06-09 7:57 ` Amir G.
2011-06-09 8:13 ` david
2011-06-09 10:06 ` Amir G.
2011-06-09 10:17 ` Lukas Czerner
2011-06-09 8:46 ` Lukas Czerner
2011-06-09 10:54 ` Amir G.
2011-06-09 12:59 ` Lukas Czerner
2011-06-10 7:06 ` Amir G.
2011-06-10 9:00 ` Lukas Czerner
2011-06-10 12:02 ` Amir G.
2011-06-13 9:56 ` Amir G.
2011-06-13 10:54 ` Lukas Czerner
2011-06-13 12:56 ` Amir G.
2011-06-13 13:11 ` Lukas Czerner
2011-06-13 13:26 ` Amir G.
2011-06-13 13:50 ` Joe Thornber
2011-06-10 22:51 ` Valdis.Kletnieks
2011-06-11 1:09 ` Amir G.
2011-06-21 11:06 ` Amir G.
2011-06-21 15:45 ` Andreas Dilger
2011-06-22 6:38 ` Amir G.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1307459283-22130-12-git-send-email-amir73il@users.sourceforge.net \
--to=amir73il@users.sourceforge.net \
--cc=amir73il@users.sf.net \
--cc=lczerner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=xiaoqiangnk@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).