X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;f=lustre%2Fmdd%2Fmdd_permission.c;h=f52d617f672a9659f4c12f9a60634c8f870cce66;hb=0c5a10ca5373c5bbbdbf4a583d4e1a08abb06da4;hp=3486f7e6e4e0a18270e853ce0577ea75c8f8a231;hpb=60a9fd37185edf57fc42bf6a5ad9b9c61fc10e14;p=fs%2Flustre-release.git diff --git a/lustre/mdd/mdd_permission.c b/lustre/mdd/mdd_permission.c index 3486f7e..f52d617 100644 --- a/lustre/mdd/mdd_permission.c +++ b/lustre/mdd/mdd_permission.c @@ -26,6 +26,8 @@ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. + * + * Copyright (c) 2012, 2013, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ @@ -45,7 +47,7 @@ #include #include #include - +#include #include "mdd_internal.h" #ifdef CONFIG_FS_POSIX_ACL @@ -162,7 +164,8 @@ int mdd_acl_set(const struct lu_env *env, struct mdd_object *obj, mdd_object_capa(env, obj)); /* security-replated changes may require sync */ - handle->th_sync |= !!mdd->mdd_sync_permission; + if (S_ISDIR(mdd_object_type(obj))) + handle->th_sync |= !!mdd->mdd_sync_permission; unlock: mdd_write_unlock(env, obj); stop: @@ -171,57 +174,34 @@ stop: RETURN(rc); } -/* - * Hold write_lock for obj. - */ -int __mdd_acl_init(const struct lu_env *env, struct mdd_object *obj, - struct lu_buf *buf, __u32 *mode, struct thandle *handle) +/** + * Fix mode and ACL according to the default ACL(buf) + * \retval = 0 ACL does not need to be reset. + * \retval = 1 ACL needs to be reset. + * \retval < 0 error. + **/ +int __mdd_fix_mode_acl(const struct lu_env *env, struct lu_buf *buf, + __u32 *mode) { - posix_acl_xattr_header *head; - posix_acl_xattr_entry *entry; - int entry_count; - __u32 old = *mode; - int rc, rc2; - - ENTRY; + posix_acl_xattr_header *head; + posix_acl_xattr_entry *entry; + int entry_count; + int rc; - head = (posix_acl_xattr_header *)(buf->lb_buf); - entry = head->a_entries; - entry_count = (buf->lb_len - sizeof(head->a_version)) / - sizeof(posix_acl_xattr_entry); - if (entry_count <= 0) - RETURN(0); + ENTRY; - if (S_ISDIR(*mode)) { - rc = mdo_xattr_set(env, obj, buf, XATTR_NAME_ACL_DEFAULT, 0, - handle, BYPASS_CAPA); - if (rc) - RETURN(rc); - } + head = (posix_acl_xattr_header *)(buf->lb_buf); + entry = head->a_entries; + entry_count = (buf->lb_len - sizeof(head->a_version)) / + sizeof(posix_acl_xattr_entry); + if (entry_count <= 0) + RETURN(0); - rc = lustre_posix_acl_create_masq(entry, mode, entry_count); - if (rc < 0) - RETURN(rc); - - /* part of ACL went into i_mode */ - if (*mode != old) { - struct mdd_thread_info *info = mdd_env_info(env); - struct lu_attr *pattr = &info->mti_pattr; - - /* mode was initialized within object creation, - * so we need explict ->attr_set() to update it */ - pattr->la_valid = LA_MODE; - pattr->la_mode = *mode; - rc2 = mdo_attr_set(env, obj, pattr, handle, BYPASS_CAPA); - if (rc2 < 0) - rc = rc2; - } + rc = lustre_posix_acl_create_masq(entry, mode, entry_count); - if (rc > 0) - rc = mdo_xattr_set(env, obj, buf, XATTR_NAME_ACL_ACCESS, 0, - handle, BYPASS_CAPA); RETURN(rc); } + #endif /* @@ -316,17 +296,17 @@ int __mdd_permission_internal(const struct lu_env *env, struct mdd_object *obj, RETURN(0); check_capabilities: - if (!(mask & MAY_EXEC) || - (la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode)) - if (mdd_capable(uc, CFS_CAP_DAC_OVERRIDE)) - RETURN(0); + if (!(mask & MAY_EXEC) || + (la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode)) + if (md_capable(uc, CFS_CAP_DAC_OVERRIDE)) + RETURN(0); - if ((mask == MAY_READ) || - (S_ISDIR(la->la_mode) && !(mask & MAY_WRITE))) - if (mdd_capable(uc, CFS_CAP_DAC_READ_SEARCH)) - RETURN(0); + if ((mask == MAY_READ) || + (S_ISDIR(la->la_mode) && !(mask & MAY_WRITE))) + if (md_capable(uc, CFS_CAP_DAC_READ_SEARCH)) + RETURN(0); - RETURN(-EACCES); + RETURN(-EACCES); } int mdd_permission(const struct lu_env *env, @@ -413,7 +393,7 @@ int mdd_permission(const struct lu_env *env, uc = lu_ucred_assert(env); if (la->la_uid != uc->uc_fsuid && - !mdd_capable(uc, CFS_CAP_FOWNER)) + !md_capable(uc, CFS_CAP_FOWNER)) rc = -EPERM; }