From mboxrd@z Thu Jan  1 00:00:00 1970
From: Christoph Hellwig <hch@lst.de>
Subject: [PATCH 8/8] remove xfs xattr permission checks
Date: Tue, 1 Nov 2005 03:31:50 +0100
Message-ID: <20051101023150.GH23378@lst.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: linux-fsdevel@vger.kernel.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from verein.lst.de ([213.95.11.210]:23210 "EHLO mail.lst.de")
	by vger.kernel.org with ESMTP id S932555AbVKACbz (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Mon, 31 Oct 2005 21:31:55 -0500
To: akpm@osdl.org
Content-Disposition: inline
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

remove checks now in the VFS

XFS has an additional xattr interface through obscure ioctl.  it
requires raised capabilities but we need to add some read-only/immutable
checks anyway


Signed-off-by: Christoph Hellwig <hch@lst.de>

Index: linux-2.6/fs/xfs/xfs_attr.c
===================================================================
--- linux-2.6.orig/fs/xfs/xfs_attr.c	2005-10-31 05:02:17.000000000 +0100
+++ linux-2.6/fs/xfs/xfs_attr.c	2005-10-31 05:04:04.000000000 +0100
@@ -133,11 +133,6 @@
 	     ip->i_d.di_anextents == 0))
 		return(ENOATTR);
 
-	if (!(flags & (ATTR_KERNACCESS|ATTR_SECURE))) {
-		if ((error = xfs_iaccess(ip, S_IRUSR, cred)))
-			return(XFS_ERROR(error));
-	}
-
 	/*
 	 * Fill in the arg structure for this request.
 	 */
@@ -227,14 +222,6 @@
 	if (XFS_FORCED_SHUTDOWN(mp))
 		return (EIO);
 
-	xfs_ilock(dp, XFS_ILOCK_SHARED);
-	if (!(flags & ATTR_SECURE) &&
-	     (error = xfs_iaccess(dp, S_IWUSR, cred))) {
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
-		return(XFS_ERROR(error));
-	}
-	xfs_iunlock(dp, XFS_ILOCK_SHARED);
-
 	/*
 	 * Attach the dquots to the inode.
 	 */
@@ -485,11 +472,7 @@
 		return (EIO);
 
 	xfs_ilock(dp, XFS_ILOCK_SHARED);
-	if (!(flags & ATTR_SECURE) &&
-	     (error = xfs_iaccess(dp, S_IWUSR, cred))) {
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
-		return(XFS_ERROR(error));
-	} else if (XFS_IFORK_Q(dp) == 0 ||
+	if (XFS_IFORK_Q(dp) == 0 ||
 		   (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS &&
 		    dp->i_d.di_anextents == 0)) {
 		xfs_iunlock(dp, XFS_ILOCK_SHARED);
@@ -673,12 +656,6 @@
 		return (EIO);
 
 	xfs_ilock(dp, XFS_ILOCK_SHARED);
-	if (!(flags & ATTR_SECURE) &&
-	     (error = xfs_iaccess(dp, S_IRUSR, cred))) {
-		xfs_iunlock(dp, XFS_ILOCK_SHARED);
-		return(XFS_ERROR(error));
-	}
-
 	/*
 	 * Decide on what work routines to call based on the inode size.
 	 */
Index: linux-2.6/fs/xfs/linux-2.6/xfs_ioctl.c
===================================================================
--- linux-2.6.orig/fs/xfs/linux-2.6/xfs_ioctl.c	2005-09-08 13:15:28.000000000 +0200
+++ linux-2.6/fs/xfs/linux-2.6/xfs_ioctl.c	2005-10-31 05:07:05.000000000 +0100
@@ -545,6 +545,8 @@
 	char			*kbuf;
 	int			error = EFAULT;
 
+	if (IS_RDONLY(&vp->v_inode))
+		return -EROFS;
 	if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
 		return EPERM;
 	if (len > XATTR_SIZE_MAX)
@@ -572,6 +574,9 @@
 {
 	int			error;
 
+
+	if (IS_RDONLY(&vp->v_inode))
+		return -EROFS;
 	if (IS_IMMUTABLE(&vp->v_inode) || IS_APPEND(&vp->v_inode))
 		return EPERM;