typedef __u32 cfs_cap_t;
-#define CFS_CAP_CHOWN 0
-#define CFS_CAP_DAC_OVERRIDE 1
-#define CFS_CAP_DAC_READ_SEARCH 2
-#define CFS_CAP_FOWNER 3
-#define CFS_CAP_FSETID 4
-#define CFS_CAP_LINUX_IMMUTABLE 9
-#define CFS_CAP_SYS_ADMIN 21
-#define CFS_CAP_SYS_BOOT 23
-#define CFS_CAP_SYS_RESOURCE 24
-
-#define CFS_CAP_FS_MASK (BIT(CFS_CAP_CHOWN) | \
- BIT(CFS_CAP_DAC_OVERRIDE) | \
- BIT(CFS_CAP_DAC_READ_SEARCH) | \
- BIT(CFS_CAP_FOWNER) | \
- BIT(CFS_CAP_FSETID ) | \
- BIT(CFS_CAP_LINUX_IMMUTABLE) | \
- BIT(CFS_CAP_SYS_ADMIN) | \
- BIT(CFS_CAP_SYS_BOOT) | \
- BIT(CFS_CAP_SYS_RESOURCE))
+#define CFS_CAP_FS_MASK (BIT(CAP_CHOWN) | \
+ BIT(CAP_DAC_OVERRIDE) | \
+ BIT(CAP_DAC_READ_SEARCH) | \
+ BIT(CAP_FOWNER) | \
+ BIT(CAP_FSETID) | \
+ BIT(CAP_LINUX_IMMUTABLE) | \
+ BIT(CAP_SYS_ADMIN) | \
+ BIT(CAP_SYS_BOOT) | \
+ BIT(CAP_SYS_RESOURCE))
cfs_cap_t cfs_curproc_cap_pack(void);
void cfs_curproc_cap_unpack(cfs_cap_t cap);
case LUSTRE_Q_SETDEFAULT_POOL:
case LUSTRE_Q_DELETEQID:
case LUSTRE_Q_RESETQID:
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
RETURN(-EPERM);
if (sb->s_flags & SB_RDONLY)
case LUSTRE_Q_GETQUOTAPOOL:
case LUSTRE_Q_GETDEFAULT_POOL:
if (check_owner(type, id) &&
- (!cfs_capable(CFS_CAP_SYS_ADMIN)))
+ (!cfs_capable(CAP_SYS_ADMIN)))
RETURN(-EPERM);
break;
case Q_GETINFO:
int i, rc, *rcs = NULL;
ENTRY;
- if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+ if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(file_inode(file))->ll_flags & LL_SBI_USER_FID2PATH))
RETURN(-EPERM);
/* Only need to get the buflen */
RETURN(rc);
}
case LL_IOC_HSM_CT_START:
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
RETURN(-EPERM);
rc = copy_and_ct_start(cmd, sbi->ll_md_exp,
int rc;
ENTRY;
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
RETURN(-EPERM);
OBD_ALLOC_LARGE(lump, lum_size);
ENTRY;
- if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+ if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
RETURN(-EPERM);
/* Non-root users are forbidden to set or clear flags which are
* NOT defined in HSM_USER_MASK. */
if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
- !cfs_capable(CFS_CAP_SYS_ADMIN))
+ !cfs_capable(CAP_SYS_ADMIN))
RETURN(-EPERM);
if (!exp_connect_archive_id_array(exp)) {
/* POSIX: check before ATTR_*TIME_SET set (from inode_change_ok) */
if (attr->ia_valid & TIMES_SET_FLAGS) {
if ((!uid_eq(current_fsuid(), inode->i_uid)) &&
- !cfs_capable(CFS_CAP_FOWNER))
+ !cfs_capable(CAP_FOWNER))
GOTO(clear, rc = -EPERM);
}
ENTRY;
- if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+ if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
RETURN(-EPERM);
return -EOPNOTSUPP;
if (handler->flags == XATTR_TRUSTED_T &&
- !capable(CFS_CAP_SYS_ADMIN))
+ !capable(CAP_SYS_ADMIN))
return -EPERM;
return 0;
if (cattr->la_uid == uc->uc_fsuid)
return 0;
- return !md_capable(uc, CFS_CAP_FOWNER);
+ return !md_capable(uc, CAP_FOWNER);
}
static int mdd_may_delete_entry(const struct lu_env *env,
!lustre_in_group_p(uc,
(cattr->la_valid & LA_GID) ?
cattr->la_gid : pattr->la_gid) &&
- !md_capable(uc, CFS_CAP_FSETID)) {
+ !md_capable(uc, CAP_FSETID)) {
cattr->la_mode &= ~S_ISGID;
cattr->la_valid |= LA_MODE;
}
* permission or capability checks
*/
if (!uc->uc_rbac_file_perms ||
- (!md_capable(uc, CFS_CAP_SYS_RESOURCE) &&
+ (!md_capable(uc, CAP_SYS_RESOURCE) &&
!lustre_in_group_p(uc, ma->ma_enable_chprojid_gid) &&
!(ma->ma_enable_chprojid_gid == -1 &&
mdd_permission_internal(env, obj, oattr, MAY_WRITE))))
(LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL);
if ((uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CFS_CAP_FOWNER))
+ !md_capable(uc, CAP_FOWNER))
RETURN(-EPERM);
/* The IMMUTABLE and APPEND_ONLY flags can
* only be changed by the relevant capability. */
if ((oldflags ^ newflags) &&
- !md_capable(uc, CFS_CAP_LINUX_IMMUTABLE))
+ !md_capable(uc, CAP_LINUX_IMMUTABLE))
RETURN(-EPERM);
if (!S_ISDIR(oattr->la_mode)) {
if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) &&
!(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) {
if ((uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CFS_CAP_FOWNER)) {
+ !md_capable(uc, CAP_FOWNER)) {
rc = mdd_permission_internal(env, obj, oattr,
MAY_WRITE);
if (rc)
if (!uc->uc_rbac_file_perms ||
(!(flags & MDS_PERM_BYPASS) &&
(uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CFS_CAP_FOWNER)))
+ !md_capable(uc, CAP_FOWNER)))
RETURN(-EPERM);
if (la->la_mode == (umode_t) -1)
/* Also check the setgid bit! */
if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ?
la->la_gid : oattr->la_gid) &&
- !md_capable(uc, CFS_CAP_FSETID))
+ !md_capable(uc, CAP_FSETID))
la->la_mode &= ~S_ISGID;
} else {
la->la_mode = oattr->la_mode;
if (!uc->uc_rbac_file_perms ||
((uc->uc_fsuid != oattr->la_uid ||
la->la_uid != oattr->la_uid) &&
- !md_capable(uc, CFS_CAP_CHOWN)))
+ !md_capable(uc, CAP_CHOWN)))
RETURN(-EPERM);
/* If the user or group of a non-directory has been
((uc->uc_fsuid != oattr->la_uid ||
(la->la_gid != oattr->la_gid &&
!lustre_in_group_p(uc, la->la_gid))) &&
- !md_capable(uc, CFS_CAP_CHOWN)))
+ !md_capable(uc, CAP_CHOWN)))
RETURN(-EPERM);
/* Likewise, if the user or group of a non-directory
* can write attributes. */
if (S_ISDIR(attr->la_mode) && (attr->la_mode & S_ISVTX) &&
(uc->uc_fsuid != attr->la_uid) &&
- !md_capable(uc, CFS_CAP_FOWNER))
+ !md_capable(uc, CAP_FOWNER))
RETURN(-EPERM);
} else if (strcmp(name, XATTR_NAME_SOM) != 0 &&
(uc->uc_fsuid != attr->la_uid) &&
- !md_capable(uc, CFS_CAP_FOWNER)) {
+ !md_capable(uc, CAP_FOWNER)) {
RETURN(-EPERM);
}
check_capabilities:
if (!(mask & MAY_EXEC) ||
(la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode))
- if (md_capable(uc, CFS_CAP_DAC_OVERRIDE))
+ if (md_capable(uc, CAP_DAC_OVERRIDE))
RETURN(0);
if ((mask == MAY_READ) ||
(S_ISDIR(la->la_mode) && !(mask & MAY_WRITE)))
- if (md_capable(uc, CFS_CAP_DAC_READ_SEARCH))
+ if (md_capable(uc, CAP_DAC_READ_SEARCH))
RETURN(0);
CDEBUG(D_SEC, "permission denied, mode %x, fsuid %u, uid %u\n",
uc = lu_ucred_assert(env);
if (cattr->la_uid != uc->uc_fsuid &&
- !md_capable(uc, CFS_CAP_FOWNER))
+ !md_capable(uc, CAP_FOWNER))
rc = -EPERM;
}
th = mdd_child_ops(mdd)->dt_trans_create(env, mdd->mdd_child);
if (!IS_ERR(th) && uc)
- th->th_ignore_quota = !!md_capable(uc, CFS_CAP_SYS_RESOURCE);
+ th->th_ignore_quota = !!md_capable(uc, CAP_SYS_RESOURCE);
return th;
}
*/
if (!uc->uc_rbac_byfid_ops)
RETURN(-EPERM);
- if (md_capable(uc, CFS_CAP_DAC_OVERRIDE))
+ if (md_capable(uc, CAP_DAC_OVERRIDE))
RETURN(0);
if (uc->uc_fsuid == la->la_uid) {
if ((la->la_mode & S_IWUSR) == 0)
if (rc < 0)
return false;
- is_admin = md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN);
+ is_admin = md_capable(mdt_ucred(info), CAP_SYS_ADMIN);
mdt_exit_ucred(info);
/* Non-root users are forbidden to set or clear flags which are
* NOT defined in HSM_USER_MASK. */
if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
- !md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN)) {
+ !md_capable(mdt_ucred(info), CAP_SYS_ADMIN)) {
CDEBUG(D_HSM, "Incompatible masks provided (set %#llx"
", clear %#llx) vs unprivileged set (%#x).\n",
hss->hss_setmask, hss->hss_clearmask, HSM_USER_MASK);
if (hsma != HSMA_RESTORE && mdt_rdonly(mti->mti_exp))
RETURN(-EROFS);
- if (md_capable(uc, CFS_CAP_SYS_ADMIN))
+ if (md_capable(uc, CAP_SYS_ADMIN))
RETURN(0);
ma->ma_need = MA_INODE;
/* In case of REMOVE and CANCEL a Lustre file
* is not mandatory, but restrict this
* exception to admins. */
- if (md_capable(mdt_ucred(mti), CFS_CAP_SYS_ADMIN) &&
+ if (md_capable(mdt_ucred(mti), CAP_SYS_ADMIN) &&
(hai->hai_action == HSMA_REMOVE ||
hai->hai_action == HSMA_CANCEL))
goto record;
uc = mdt_ucred(info);
is_admin = (uc->uc_uid == 0 && uc->uc_gid == 0 &&
- md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+ md_capable(uc, CAP_SYS_ADMIN) &&
uc->uc_rbac_chlg_ops);
mdt_exit_ucred(info);
uc = lu_ucred(env);
uc_cap_save = uc->uc_cap;
- uc->uc_cap |= BIT(CFS_CAP_DAC_OVERRIDE);
+ uc->uc_cap |= BIT(CAP_DAC_OVERRIDE);
rc = mdo_create(env, mdt_object_child(local_root), &lname,
mdt_object_child(obj), spec, attr);
uc->uc_cap = uc_cap_save;
/* The orphan has root ownership so we need to raise
* CAP_FOWNER to set the HSM attributes. */
cap = uc->uc_cap;
- uc->uc_cap |= MD_CAP_TO_MASK(CFS_CAP_FOWNER);
+ uc->uc_cap |= MD_CAP_TO_MASK(CAP_FOWNER);
rc = mo_xattr_set(info->mti_env, mdt_object_child(orphan), buf,
XATTR_NAME_HSM, 0);
uc->uc_cap = cap;
* permission or capability checks
*/
if (!uc->uc_rbac_dne_ops ||
- (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+ (!md_capable(uc, CAP_SYS_ADMIN) &&
uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
mdt->mdt_enable_remote_dir_gid != -1))
RETURN(-EPERM);
* set the HSM state to dirty.
*/
cap_saved = uc->uc_cap;
- uc->uc_cap |= MD_CAP_TO_MASK(CFS_CAP_FOWNER);
+ uc->uc_cap |= MD_CAP_TO_MASK(CAP_FOWNER);
rc = mdt_hsm_attr_set(info, mo, &ma->ma_hsm);
uc->uc_cap = cap_saved;
if (rc)
* permission or capability checks
*/
if (!uc->uc_rbac_dne_ops ||
- (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+ (!md_capable(uc, CAP_SYS_ADMIN) &&
uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
mdt->mdt_enable_remote_dir_gid != -1))
GOTO(out_put, rc = -EPERM);
/* Return -ENOTSUPP for old client */
GOTO(unlock_parent, rc = -ENOTSUPP);
- if (!md_capable(uc, CFS_CAP_SYS_ADMIN))
+ if (!md_capable(uc, CAP_SYS_ADMIN))
GOTO(unlock_parent, rc = -EPERM);
ma->ma_need = MA_INODE;
* permission or capability checks
*/
if (uc && (!uc->uc_rbac_dne_ops ||
- (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+ (!md_capable(uc, CAP_SYS_ADMIN) &&
uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
mdt->mdt_enable_remote_dir_gid != -1)))
RETURN(-EPERM);
* permission or capability checks
*/
if (!uc->uc_rbac_dne_ops ||
- (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+ (!md_capable(uc, CAP_SYS_ADMIN) &&
uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
mdt->mdt_enable_remote_dir_gid != -1))
RETURN(-EPERM);
}
}
- if (!md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN))
+ if (!md_capable(mdt_ucred(info), CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
if (strcmp(xattr_name, XATTR_NAME_LOV) == 0 ||
ENTRY;
/* Allow non-root access for some limited ioctls */
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
RETURN(err = -EACCES);
if ((cmd & 0xffffff00) == ((int)'T') << 8) /* ignore all tty ioctls */
switch (cmd) {
case OBD_IOC_CREATE: /* may create echo object */
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
rc = echo_create_object(env, ed, oa);
int dirlen;
__u64 id;
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
count = data->ioc_count;
__u64 seq;
int max_count;
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
rc = seq_client_get_seq(env, ed->ed_cl_seq, &seq);
}
#endif /* HAVE_SERVER_SUPPORT */
case OBD_IOC_DESTROY:
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
rc = echo_get_object(&eco, ed, oa);
GOTO(out, rc);
case OBD_IOC_SETATTR:
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
rc = echo_get_object(&eco, ed, oa);
GOTO(out, rc);
case OBD_IOC_BRW_WRITE:
- if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+ if (!cfs_capable(CAP_SYS_ADMIN))
GOTO(out, rc = -EPERM);
rw = OBD_BRW_WRITE;
}
spin_unlock(&imp->imp_lock);
- if (cfs_capable(CFS_CAP_SYS_RESOURCE))
+ if (cfs_capable(CAP_SYS_RESOURCE))
oio->oi_cap_sys_resource = 1;
RETURN(rc);
git://git.whamcloud.com / fs / lustre-release.git / commitdiff