[Cluster-devel] [PATCH 07/18] btrfs: use generic posix ACL infrastructure
Also don't bother to set up a .get_acl method for symlinks as we do not
support access control (ACLs or even mode bits) for symlinks in Linux.
Signed-off-by: Christoph Hellwig
---
fs/btrfs/acl.c | 142 +++---
fs/btrfs/ctree.h |7 +--
fs/btrfs/inode.c |7 ++-
fs/btrfs/xattr.c |5 +-
fs/btrfs/xattr.h |2 -
5 files changed, 28 insertions(+), 135 deletions(-)
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index b56519d..ff9b399 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -35,13 +35,6 @@ struct posix_acl *btrfs_get_acl(struct inode *inode, int
type)
char *value = NULL;
struct posix_acl *acl;
- if (!IS_POSIXACL(inode))
- return NULL;
-
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
switch (type) {
case ACL_TYPE_ACCESS:
name = POSIX_ACL_XATTR_ACCESS;
@@ -76,31 +69,10 @@ struct posix_acl *btrfs_get_acl(struct inode *inode, int
type)
return acl;
}
-static int btrfs_xattr_acl_get(struct dentry *dentry, const char *name,
- void *value, size_t size, int type)
-{
- struct posix_acl *acl;
- int ret = 0;
-
- if (!IS_POSIXACL(dentry->d_inode))
- return -EOPNOTSUPP;
-
- acl = btrfs_get_acl(dentry->d_inode, type);
-
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (acl == NULL)
- return -ENODATA;
- ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
- posix_acl_release(acl);
-
- return ret;
-}
-
/*
* Needs to be called with fs_mutex held
*/
-static int btrfs_set_acl(struct btrfs_trans_handle *trans,
+static int __btrfs_set_acl(struct btrfs_trans_handle *trans,
struct inode *inode, struct posix_acl *acl, int type)
{
int ret, size = 0;
@@ -158,35 +130,9 @@ out:
return ret;
}
-static int btrfs_xattr_acl_set(struct dentry *dentry, const char *name,
- const void *value, size_t size, int flags, int type)
+int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
- int ret;
- struct posix_acl *acl = NULL;
-
- if (!inode_owner_or_capable(dentry->d_inode))
- return -EPERM;
-
- if (!IS_POSIXACL(dentry->d_inode))
- return -EOPNOTSUPP;
-
- if (value) {
- acl = posix_acl_from_xattr(&init_user_ns, value, size);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
-
- if (acl) {
- ret = posix_acl_valid(acl);
- if (ret)
- goto out;
- }
- }
-
- ret = btrfs_set_acl(NULL, dentry->d_inode, acl, type);
-out:
- posix_acl_release(acl);
-
- return ret;
+ return __btrfs_set_acl(NULL, inode, acl, type);
}
/*
@@ -197,83 +143,31 @@ out:
int btrfs_init_acl(struct btrfs_trans_handle *trans,
struct inode *inode, struct inode *dir)
{
- struct posix_acl *acl = NULL;
+ struct posix_acl *default_acl, *acl;
int ret = 0;
/* this happens with subvols */
if (!dir)
return 0;
- if (!S_ISLNK(inode->i_mode)) {
- if (IS_POSIXACL(dir)) {
- acl = btrfs_get_acl(dir, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- }
+ ret = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
+ if (ret)
+ return ret;
- if (!acl)
- inode->i_mode &= ~current_umask();
+ if (default_acl) {
+ ret = __btrfs_set_acl(trans, inode, default_acl,
+ ACL_TYPE_DEFAULT);
+ posix_acl_release(default_acl);
}
- if (IS_POSIXACL(dir) && acl) {
- if (S_ISDIR(inode->i_mode)) {
- ret = btrfs_set_acl(trans, inode, acl,
- ACL_TYPE_DEFAULT);
- if (ret)
- goto failed;
- }
- ret = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
- if (ret < 0)
- return ret;
-
- if (ret > 0) {
- /* we need an acl */
- ret = btrfs_set_acl(trans, inode, acl, ACL_TYPE_ACCESS);
- } else if (ret < 0) {
- cache_no_acl(inode);
- }
- } else {
- cache_no_acl(inode);
+ if (acl) {
+ if (!ret)
+ ret = __btrfs_set_acl(trans, inode, acl,
+ ACL_TYPE_ACCESS);
+ posix_acl_release(acl);
}
-failed:
- posix_acl_release(acl);
-
-
[Cluster-devel] [PATCH 00/18] Consolidate Posix ACL implementation V2
This series consolidates the various cut'n'pasted Posix ACL implementations into a single common one based on the ->get_acl method Linus added a while ago and a new ->set_acl counterpart. This remove ~1800 lines of code and provides a single place to implement various nasty little gems of the semantics. Unfortunately the 9p code is still left out - it implements the ACLs in two very weird ways, one using the common code but on the client only, and one pasing things straight through to the server. We could easily convert it to the new code on the write side if ->set_acl took a dentry, but there's no cance to do that on the ->get_acl side. Ideas how to handle it welcome. After that we'd be ready to never go into the fs for the ACL attributes and branch straight to the ACL code below the syscall, repairing the old API braindamage of overloading ACLs onto the xattrs. Changes from V1: - check for symlinks in the ACL code and remove checks in the lower level functions. - remove get_acl instances for symlinks in a few filesystems - pass a umode_t mode argument to posix_acl_chmod to accomodate f2fs - various cosemtic bits from the reviews. Note that I still haven't heard from ocfs2 folks, so the patch is left unchanged.
[Cluster-devel] [PATCH 03/18] fs: add a set_acl inode operation
This will allow moving all the Posix ACL handling into the VFS and clean
up tons of cruft in the filesystems.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
include/linux/fs.h |1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 121f11f..09f553c 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1580,6 +1580,7 @@ struct inode_operations {
struct file *, unsigned open_flag,
umode_t create_mode, int *opened);
int (*tmpfile) (struct inode *, struct dentry *, umode_t);
+ int (*set_acl)(struct inode *, struct posix_acl *, int);
} cacheline_aligned;
ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
--
1.7.10.4
[Cluster-devel] [PATCH 04/18] fs: add generic xattr_acl handlers
With the ->set_acl inode operation we can implement the Posix ACL
xattr handlers in generic code instead of duplicating them all
over the tree.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/xattr_acl.c | 102 +++
include/linux/posix_acl_xattr.h |3 ++
2 files changed, 105 insertions(+)
diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c
index 9fbea87..536015e 100644
--- a/fs/xattr_acl.c
+++ b/fs/xattr_acl.c
@@ -10,6 +10,7 @@
#include
#include
#include
+#include
/*
* Fix up the uids and gids in posix acl extended attributes in place.
@@ -178,3 +179,104 @@ posix_acl_to_xattr(struct user_namespace *user_ns, const
struct posix_acl *acl,
return real_size;
}
EXPORT_SYMBOL (posix_acl_to_xattr);
+
+static int
+posix_acl_xattr_get(struct dentry *dentry, const char *name,
+ void *value, size_t size, int type)
+{
+ struct posix_acl *acl;
+ int error;
+
+ if (!IS_POSIXACL(dentry->d_inode))
+ return -EOPNOTSUPP;
+ if (S_ISLNK(dentry->d_inode->i_mode))
+ return -EOPNOTSUPP;
+
+ acl = get_acl(dentry->d_inode, type);
+ if (IS_ERR(acl))
+ return PTR_ERR(acl);
+ if (acl == NULL)
+ return -ENODATA;
+
+ error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
+ posix_acl_release(acl);
+
+ return error;
+}
+
+static int
+posix_acl_xattr_set(struct dentry *dentry, const char *name,
+ const void *value, size_t size, int flags, int type)
+{
+ struct inode *inode = dentry->d_inode;
+ struct posix_acl *acl = NULL;
+ int ret;
+
+ if (!IS_POSIXACL(inode))
+ return -EOPNOTSUPP;
+ if (S_ISLNK(inode->i_mode) || !inode->i_op->set_acl)
+ return -EOPNOTSUPP;
+
+ if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode))
+ return value ? -EACCES : 0;
+ if (!inode_owner_or_capable(inode))
+ return -EPERM;
+
+ if (value) {
+ acl = posix_acl_from_xattr(&init_user_ns, value, size);
+ if (IS_ERR(acl))
+ return PTR_ERR(acl);
+
+ if (acl) {
+ ret = posix_acl_valid(acl);
+ if (ret)
+ goto out;
+ }
+ }
+
+ ret = inode->i_op->set_acl(inode, acl, type);
+out:
+ posix_acl_release(acl);
+ return ret;
+}
+
+static size_t
+posix_acl_xattr_list(struct dentry *dentry, char *list, size_t list_size,
+ const char *name, size_t name_len, int type)
+{
+ const char *xname;
+ size_t size;
+
+ if (!IS_POSIXACL(dentry->d_inode))
+ return -EOPNOTSUPP;
+ if (S_ISLNK(dentry->d_inode->i_mode))
+ return -EOPNOTSUPP;
+
+ if (type == ACL_TYPE_ACCESS)
+ xname = POSIX_ACL_XATTR_ACCESS;
+ else
+ xname = POSIX_ACL_XATTR_DEFAULT;
+
+ size = strlen(xname) + 1;
+ if (list && size <= list_size)
+ memcpy(list, xname, size);
+ return size;
+}
+
+const struct xattr_handler posix_acl_access_xattr_handler = {
+ .prefix = POSIX_ACL_XATTR_ACCESS,
+ .flags = ACL_TYPE_ACCESS,
+ .list = posix_acl_xattr_list,
+ .get = posix_acl_xattr_get,
+ .set = posix_acl_xattr_set,
+};
+EXPORT_SYMBOL_GPL(posix_acl_access_xattr_handler);
+
+const struct xattr_handler posix_acl_default_xattr_handler = {
+ .prefix = POSIX_ACL_XATTR_DEFAULT,
+ .flags = ACL_TYPE_DEFAULT,
+ .list = posix_acl_xattr_list,
+ .get = posix_acl_xattr_get,
+ .set = posix_acl_xattr_set,
+};
+EXPORT_SYMBOL_GPL(posix_acl_default_xattr_handler);
diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h
index ad93ad0..6f14ee2 100644
--- a/include/linux/posix_acl_xattr.h
+++ b/include/linux/posix_acl_xattr.h
@@ -69,4 +69,7 @@ struct posix_acl *posix_acl_from_xattr(struct user_namespace
*user_ns,
int posix_acl_to_xattr(struct user_namespace *user_ns,
const struct posix_acl *acl, void *buffer, size_t size);
+extern const struct xattr_handler posix_acl_access_xattr_handler;
+extern const struct xattr_handler posix_acl_default_xattr_handler;
+
#endif /* _POSIX_ACL_XATTR_H */
--
1.7.10.4
[Cluster-devel] [PATCH 14/18] xfs: use generic posix ACL infrastructure
Also don't bother to set up a .get_acl method for symlinks as we do not
support access control (ACLs or even mode bits) for symlinks in Linux,
and create inodes with the proper mode instead of fixing it up later.
Signed-off-by: Christoph Hellwig
Reviewed-by: Dave Chinner
---
fs/xfs/xfs_acl.c | 151 +++-
fs/xfs/xfs_acl.h |9 +---
fs/xfs/xfs_iops.c | 39 +++---
fs/xfs/xfs_iops.h |2 +-
fs/xfs/xfs_xattr.c |4 +-
5 files changed, 34 insertions(+), 171 deletions(-)
diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c
index 057ae2d..0ecec18 100644
--- a/fs/xfs/xfs_acl.c
+++ b/fs/xfs/xfs_acl.c
@@ -124,16 +124,12 @@ struct posix_acl *
xfs_get_acl(struct inode *inode, int type)
{
struct xfs_inode *ip = XFS_I(inode);
- struct posix_acl *acl;
+ struct posix_acl *acl = NULL;
struct xfs_acl *xfs_acl;
unsigned char *ea_name;
int error;
int len;
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
trace_xfs_get_acl(ip);
switch (type) {
@@ -164,10 +160,8 @@ xfs_get_acl(struct inode *inode, int type)
* cache entry, for any other error assume it is transient and
* leave the cache entry as ACL_NOT_CACHED.
*/
- if (error == -ENOATTR) {
- acl = NULL;
+ if (error == -ENOATTR)
goto out_update_cache;
- }
goto out;
}
@@ -183,15 +177,12 @@ out:
}
STATIC int
-xfs_set_acl(struct inode *inode, int type, struct posix_acl *acl)
+__xfs_set_acl(struct inode *inode, int type, struct posix_acl *acl)
{
struct xfs_inode *ip = XFS_I(inode);
unsigned char *ea_name;
int error;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
switch (type) {
case ACL_TYPE_ACCESS:
ea_name = SGI_ACL_FILE;
@@ -282,131 +273,23 @@ posix_acl_default_exists(struct inode *inode)
return xfs_acl_exists(inode, SGI_ACL_DEFAULT);
}
-/*
- * No need for i_mutex because the inode is not yet exposed to the VFS.
- */
int
-xfs_inherit_acl(struct inode *inode, struct posix_acl *acl)
+xfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
- umode_t mode = inode->i_mode;
- int error = 0, inherit = 0;
-
- if (S_ISDIR(inode->i_mode)) {
- error = xfs_set_acl(inode, ACL_TYPE_DEFAULT, acl);
- if (error)
- goto out;
- }
-
- error = __posix_acl_create(&acl, GFP_KERNEL, &mode);
- if (error < 0)
- return error;
-
- /*
-* If __posix_acl_create returns a positive value we need to
-* inherit a permission that can't be represented using the Unix
-* mode bits and we actually need to set an ACL.
-*/
- if (error > 0)
- inherit = 1;
-
- error = xfs_set_mode(inode, mode);
- if (error)
- goto out;
-
- if (inherit)
- error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl);
-
-out:
- posix_acl_release(acl);
- return error;
-}
-
-int
-xfs_acl_chmod(struct inode *inode)
-{
- struct posix_acl *acl;
- int error;
-
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
- acl = xfs_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
-
- error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
- if (error)
- return error;
-
- error = xfs_set_acl(inode, ACL_TYPE_ACCESS, acl);
- posix_acl_release(acl);
- return error;
-}
-
-static int
-xfs_xattr_acl_get(struct dentry *dentry, const char *name,
- void *value, size_t size, int type)
-{
- struct posix_acl *acl;
- int error;
-
- acl = xfs_get_acl(dentry->d_inode, type);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (acl == NULL)
- return -ENODATA;
-
- error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
- posix_acl_release(acl);
-
- return error;
-}
-
-static int
-xfs_xattr_acl_set(struct dentry *dentry, const char *name,
- const void *value, size_t size, int flags, int type)
-{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl = NULL;
int error = 0;
- if (flags & XATTR_CREATE)
- return -EINVAL;
- if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode))
- return value ? -EACCES : 0;
- if (!inode_owner_or_capable(inode))
- return -EPERM;
-
- if (!value)
+ if (!acl)
goto set_acl;
- acl = posix_acl_from_xattr(&init_user_ns, value, size);
- if (!acl) {
- /*
-* acl_set_file(3) may r
[Cluster-devel] [PATCH 02/18] fs: add get_acl helper
Factor out the code to get an ACL either from the inode or disk from
check_acl, so that it can be used elsewhere later on.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/namei.c| 24 +++-
fs/posix_acl.c| 26 ++
include/linux/posix_acl.h |2 ++
3 files changed, 31 insertions(+), 21 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index c53d3a9..8acd1e8 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -235,27 +235,9 @@ static int check_acl(struct inode *inode, int mask)
return posix_acl_permission(inode, acl, mask & ~MAY_NOT_BLOCK);
}
- acl = get_cached_acl(inode, ACL_TYPE_ACCESS);
-
- /*
-* A filesystem can force a ACL callback by just never filling the
-* ACL cache. But normally you'd fill the cache either at inode
-* instantiation time, or on the first ->get_acl call.
-*
-* If the filesystem doesn't have a get_acl() function at all, we'll
-* just create the negative cache entry.
-*/
- if (acl == ACL_NOT_CACHED) {
- if (inode->i_op->get_acl) {
- acl = inode->i_op->get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- } else {
- set_cached_acl(inode, ACL_TYPE_ACCESS, NULL);
- return -EAGAIN;
- }
- }
-
+ acl = get_acl(inode, ACL_TYPE_ACCESS);
+ if (IS_ERR(acl))
+ return PTR_ERR(acl);
if (acl) {
int error = posix_acl_permission(inode, acl, mask);
posix_acl_release(acl);
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 8bd2135..f2c48f8 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -418,3 +418,29 @@ posix_acl_chmod(struct posix_acl **acl, gfp_t gfp, umode_t
mode)
return err;
}
EXPORT_SYMBOL(posix_acl_chmod);
+
+struct posix_acl *get_acl(struct inode *inode, int type)
+{
+ struct posix_acl *acl;
+
+ acl = get_cached_acl(inode, type);
+ if (acl != ACL_NOT_CACHED)
+ return acl;
+
+ if (!IS_POSIXACL(inode))
+ return NULL;
+
+ /*
+* A filesystem can force a ACL callback by just never filling the
+* ACL cache. But normally you'd fill the cache either at inode
+* instantiation time, or on the first ->get_acl call.
+*
+* If the filesystem doesn't have a get_acl() function at all, we'll
+* just create the negative cache entry.
+*/
+ if (!inode->i_op->get_acl) {
+ set_cached_acl(inode, type, NULL);
+ return ERR_PTR(-EAGAIN);
+ }
+ return inode->i_op->get_acl(inode, type);
+}
diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h
index 7931efe..a8d9918 100644
--- a/include/linux/posix_acl.h
+++ b/include/linux/posix_acl.h
@@ -175,4 +175,6 @@ static inline void cache_no_acl(struct inode *inode)
#endif
}
+struct posix_acl *get_acl(struct inode *inode, int type);
+
#endif /* __LINUX_POSIX_ACL_H */
--
1.7.10.4
[Cluster-devel] [PATCH 16/18] gfs2: use generic posix ACL infrastructure
This contains some major refactoring for the create path so that
inodes are created with the right mode to start with instead of
fixing it up later.
Signed-off-by: Christoph Hellwig
---
fs/gfs2/acl.c | 234 +++
fs/gfs2/acl.h |4 +-
fs/gfs2/inode.c | 33 ++--
fs/gfs2/xattr.c |4 +-
4 files changed, 62 insertions(+), 213 deletions(-)
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index e82e4ac..ba94566 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -49,10 +49,6 @@ struct posix_acl *gfs2_get_acl(struct inode *inode, int type)
if (!ip->i_eattr)
return NULL;
- acl = get_cached_acl(&ip->i_inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
name = gfs2_acl_name(type);
if (name == NULL)
return ERR_PTR(-EINVAL);
@@ -80,7 +76,7 @@ static int gfs2_set_mode(struct inode *inode, umode_t mode)
return error;
}
-static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
+int gfs2_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
int error;
int len;
@@ -88,219 +84,49 @@ static int gfs2_acl_set(struct inode *inode, int type,
struct posix_acl *acl)
const char *name = gfs2_acl_name(type);
BUG_ON(name == NULL);
- len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
- if (len == 0)
- return 0;
- data = kmalloc(len, GFP_NOFS);
- if (data == NULL)
- return -ENOMEM;
- error = posix_acl_to_xattr(&init_user_ns, acl, data, len);
- if (error < 0)
- goto out;
- error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS);
- if (!error)
- set_cached_acl(inode, type, acl);
-out:
- kfree(data);
- return error;
-}
-
-int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode)
-{
- struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
- struct posix_acl *acl;
- umode_t mode = inode->i_mode;
- int error = 0;
-
- if (!sdp->sd_args.ar_posix_acl)
- return 0;
- if (S_ISLNK(inode->i_mode))
- return 0;
-
- acl = gfs2_get_acl(&dip->i_inode, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (!acl) {
- mode &= ~current_umask();
- return gfs2_set_mode(inode, mode);
- }
-
- if (S_ISDIR(inode->i_mode)) {
- error = gfs2_acl_set(inode, ACL_TYPE_DEFAULT, acl);
- if (error)
- goto out;
- }
-
- error = __posix_acl_create(&acl, GFP_NOFS, &mode);
- if (error < 0)
- return error;
- if (error == 0)
- goto munge;
-
- error = gfs2_acl_set(inode, ACL_TYPE_ACCESS, acl);
- if (error)
- goto out;
-munge:
- error = gfs2_set_mode(inode, mode);
-out:
- posix_acl_release(acl);
- return error;
-}
-
-int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
-{
- struct inode *inode = &ip->i_inode;
- struct posix_acl *acl;
- char *data;
- unsigned int len;
- int error;
-
- acl = gfs2_get_acl(&ip->i_inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (!acl)
- return gfs2_setattr_simple(inode, attr);
-
- error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode);
- if (error)
- return error;
-
- len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
- data = kmalloc(len, GFP_NOFS);
- error = -ENOMEM;
- if (data == NULL)
- goto out;
- posix_acl_to_xattr(&init_user_ns, acl, data, len);
- error = gfs2_xattr_acl_chmod(ip, attr, data);
- kfree(data);
- set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl);
-
-out:
- posix_acl_release(acl);
- return error;
-}
-
-static int gfs2_acl_type(const char *name)
-{
- if (strcmp(name, GFS2_POSIX_ACL_ACCESS) == 0)
- return ACL_TYPE_ACCESS;
- if (strcmp(name, GFS2_POSIX_ACL_DEFAULT) == 0)
- return ACL_TYPE_DEFAULT;
- return -EINVAL;
-}
-
-static int gfs2_xattr_system_get(struct dentry *dentry, const char *name,
-void *buffer, size_t size, int xtype)
-{
- struct inode *inode = dentry->d_inode;
- struct gfs2_sbd *sdp = GFS2_SB(inode);
- struct posix_acl *acl;
- int type;
- int error;
-
- if (!sdp->sd_args.ar_posix_acl)
- return -EOPNOTSUPP;
-
- type = gfs2_acl_type(name);
- if (type < 0)
- return type;
-
- acl = gfs2_get_acl(inode, type);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (acl == NULL)
- return -ENODATA;
-
- error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
- posix_
[Cluster-devel] [PATCH 17/18] nfs: use generic posix ACL infrastructure for v3 Posix ACLs
Signed-off-by: Christoph Hellwig
---
fs/nfs/inode.c |4 -
fs/nfs/nfs3acl.c | 287 +---
fs/nfs/nfs3proc.c | 26 +++--
fs/nfs/nfs3super.c |3 +
include/linux/nfs_fs.h | 10 +-
5 files changed, 76 insertions(+), 254 deletions(-)
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
index 00ad1c2..ecd11ba 100644
--- a/fs/nfs/inode.c
+++ b/fs/nfs/inode.c
@@ -1641,10 +1641,6 @@ struct inode *nfs_alloc_inode(struct super_block *sb)
return NULL;
nfsi->flags = 0UL;
nfsi->cache_validity = 0UL;
-#ifdef CONFIG_NFS_V3_ACL
- nfsi->acl_access = ERR_PTR(-EAGAIN);
- nfsi->acl_default = ERR_PTR(-EAGAIN);
-#endif
#if IS_ENABLED(CONFIG_NFS_V4)
nfsi->nfs4_acl = NULL;
#endif /* CONFIG_NFS_V4 */
diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c
index e859675..80bfb5b 100644
--- a/fs/nfs/nfs3acl.c
+++ b/fs/nfs/nfs3acl.c
@@ -10,179 +10,7 @@
#define NFSDBG_FACILITYNFSDBG_PROC
-ssize_t nfs3_listxattr(struct dentry *dentry, char *buffer, size_t size)
-{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl;
- int pos=0, len=0;
-
-# define output(s) do { \
- if (pos + sizeof(s) <= size) { \
- memcpy(buffer + pos, s, sizeof(s)); \
- pos += sizeof(s); \
- } \
- len += sizeof(s); \
- } while(0)
-
- acl = nfs3_proc_getacl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (acl) {
- output("system.posix_acl_access");
- posix_acl_release(acl);
- }
-
- if (S_ISDIR(inode->i_mode)) {
- acl = nfs3_proc_getacl(inode, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (acl) {
- output("system.posix_acl_default");
- posix_acl_release(acl);
- }
- }
-
-# undef output
-
- if (!buffer || len <= size)
- return len;
- return -ERANGE;
-}
-
-ssize_t nfs3_getxattr(struct dentry *dentry, const char *name,
- void *buffer, size_t size)
-{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl;
- int type, error = 0;
-
- if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0)
- type = ACL_TYPE_ACCESS;
- else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0)
- type = ACL_TYPE_DEFAULT;
- else
- return -EOPNOTSUPP;
-
- acl = nfs3_proc_getacl(inode, type);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- else if (acl) {
- if (type == ACL_TYPE_ACCESS && acl->a_count == 0)
- error = -ENODATA;
- else
- error = posix_acl_to_xattr(&init_user_ns, acl, buffer,
size);
- posix_acl_release(acl);
- } else
- error = -ENODATA;
-
- return error;
-}
-
-int nfs3_setxattr(struct dentry *dentry, const char *name,
-const void *value, size_t size, int flags)
-{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl;
- int type, error;
-
- if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0)
- type = ACL_TYPE_ACCESS;
- else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0)
- type = ACL_TYPE_DEFAULT;
- else
- return -EOPNOTSUPP;
-
- acl = posix_acl_from_xattr(&init_user_ns, value, size);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- error = nfs3_proc_setacl(inode, type, acl);
- posix_acl_release(acl);
-
- return error;
-}
-
-int nfs3_removexattr(struct dentry *dentry, const char *name)
-{
- struct inode *inode = dentry->d_inode;
- int type;
-
- if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0)
- type = ACL_TYPE_ACCESS;
- else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0)
- type = ACL_TYPE_DEFAULT;
- else
- return -EOPNOTSUPP;
-
- return nfs3_proc_setacl(inode, type, NULL);
-}
-
-static void __nfs3_forget_cached_acls(struct nfs_inode *nfsi)
-{
- if (!IS_ERR(nfsi->acl_access)) {
- posix_acl_release(nfsi->acl_access);
- nfsi->acl_access = ERR_PTR(-EAGAIN);
- }
- if (!IS_ERR(nfsi->acl_default)) {
- posix_acl_release(nfsi->acl_default);
- nfsi->acl_default = ERR_PTR(-EAGAIN);
- }
-}
-
-void nfs3_forget_cached_acls(struct inode *inode)
-{
- dprintk("NFS: nfs3_forget_cached_acls(%s/%ld)\n", inode->i_sb->s_id,
- inode->i_ino);
-
[Cluster-devel] [PATCH 12/18] ocfs2: use generic posix ACL infrastructure
This contains some major refactoring for the create path so that
inodes are created with the right mode to start with instead of
fixing it up later.
Signed-off-by: Christoph Hellwig
---
fs/ocfs2/acl.c | 234 ++-
fs/ocfs2/acl.h | 13 ++-
fs/ocfs2/file.c |4 +-
fs/ocfs2/namei.c| 25 -
fs/ocfs2/refcounttree.c | 19 +++-
fs/ocfs2/xattr.c| 21 +++--
fs/ocfs2/xattr.h|6 +-
7 files changed, 72 insertions(+), 250 deletions(-)
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
index c0f9d2f..555f4cd 100644
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -160,36 +160,6 @@ static struct posix_acl *ocfs2_get_acl_nolock(struct inode
*inode,
return acl;
}
-
-/*
- * Get posix acl.
- */
-static struct posix_acl *ocfs2_get_acl(struct inode *inode, int type)
-{
- struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
- struct buffer_head *di_bh = NULL;
- struct posix_acl *acl;
- int ret;
-
- if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL))
- return NULL;
-
- ret = ocfs2_inode_lock(inode, &di_bh, 0);
- if (ret < 0) {
- mlog_errno(ret);
- acl = ERR_PTR(ret);
- return acl;
- }
-
- acl = ocfs2_get_acl_nolock(inode, type, di_bh);
-
- ocfs2_inode_unlock(inode, 0);
-
- brelse(di_bh);
-
- return acl;
-}
-
/*
* Helper function to set i_mode in memory and disk. Some call paths
* will not have di_bh or a journal handle to pass, in which case it
@@ -250,7 +220,7 @@ out:
/*
* Set the access or default ACL of an inode.
*/
-static int ocfs2_set_acl(handle_t *handle,
+int ocfs2_set_acl(handle_t *handle,
struct inode *inode,
struct buffer_head *di_bh,
int type,
@@ -313,6 +283,11 @@ static int ocfs2_set_acl(handle_t *handle,
return ret;
}
+int ocfs2_iop_set_acl(struct inode *inode, struct posix_acl *acl, int type)
+{
+ return ocfs2_set_acl(NULL, inode, NULL, type, acl, NULL, NULL);
+}
+
struct posix_acl *ocfs2_iop_get_acl(struct inode *inode, int type)
{
struct ocfs2_super *osb;
@@ -334,200 +309,3 @@ struct posix_acl *ocfs2_iop_get_acl(struct inode *inode,
int type)
return acl;
}
-
-int ocfs2_acl_chmod(struct inode *inode)
-{
- struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
- struct posix_acl *acl;
- int ret;
-
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
- if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL))
- return 0;
-
- acl = ocfs2_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
- ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
- if (ret)
- return ret;
- ret = ocfs2_set_acl(NULL, inode, NULL, ACL_TYPE_ACCESS,
- acl, NULL, NULL);
- posix_acl_release(acl);
- return ret;
-}
-
-/*
- * Initialize the ACLs of a new inode. If parent directory has default ACL,
- * then clone to new inode. Called from ocfs2_mknod.
- */
-int ocfs2_init_acl(handle_t *handle,
- struct inode *inode,
- struct inode *dir,
- struct buffer_head *di_bh,
- struct buffer_head *dir_bh,
- struct ocfs2_alloc_context *meta_ac,
- struct ocfs2_alloc_context *data_ac)
-{
- struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
- struct posix_acl *acl = NULL;
- int ret = 0, ret2;
- umode_t mode;
-
- if (!S_ISLNK(inode->i_mode)) {
- if (osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) {
- acl = ocfs2_get_acl_nolock(dir, ACL_TYPE_DEFAULT,
- dir_bh);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- }
- if (!acl) {
- mode = inode->i_mode & ~current_umask();
- ret = ocfs2_acl_set_mode(inode, di_bh, handle, mode);
- if (ret) {
- mlog_errno(ret);
- goto cleanup;
- }
- }
- }
- if ((osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) && acl) {
- if (S_ISDIR(inode->i_mode)) {
- ret = ocfs2_set_acl(handle, inode, di_bh,
- ACL_TYPE_DEFAULT, acl,
- meta_ac, data_ac);
- if (ret)
- goto cleanup;
- }
- mode = inode->i_mode;
- ret = __posix_acl_create(&acl, GFP_NOFS, &mode);
- if (ret < 0)
- return ret;
-
- ret2 = ocfs2_acl_set_mode(inode, d
[Cluster-devel] [PATCH 06/18] fs: make posix_acl_create more useful
Rename the current posix_acl_created to __posix_acl_create and add
a fully featured helper to set up the ACLs on file creation that
uses get_acl().
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/9p/acl.c |2 +-
fs/btrfs/acl.c|2 +-
fs/ext2/acl.c |2 +-
fs/ext3/acl.c |2 +-
fs/ext4/acl.c |2 +-
fs/f2fs/acl.c |2 +-
fs/generic_acl.c |2 +-
fs/gfs2/acl.c |2 +-
fs/hfsplus/posix_acl.c|2 +-
fs/jffs2/acl.c|2 +-
fs/jfs/acl.c |2 +-
fs/nfs/nfs3acl.c |2 +-
fs/ocfs2/acl.c|2 +-
fs/posix_acl.c| 57 +
fs/reiserfs/xattr_acl.c |2 +-
fs/xfs/xfs_acl.c |4 ++--
include/linux/posix_acl.h |8 ---
17 files changed, 74 insertions(+), 23 deletions(-)
diff --git a/fs/9p/acl.c b/fs/9p/acl.c
index f5ce5c5..8482f2d 100644
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -200,7 +200,7 @@ int v9fs_acl_mode(struct inode *dir, umode_t *modep,
if (acl) {
if (S_ISDIR(mode))
*dpacl = posix_acl_dup(acl);
- retval = posix_acl_create(&acl, GFP_NOFS, &mode);
+ retval = __posix_acl_create(&acl, GFP_NOFS, &mode);
if (retval < 0)
return retval;
if (retval > 0)
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index 1af04ff..b56519d 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -222,7 +222,7 @@ int btrfs_init_acl(struct btrfs_trans_handle *trans,
if (ret)
goto failed;
}
- ret = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
+ ret = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
if (ret < 0)
return ret;
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 7006ced..6e842a7 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -268,7 +268,7 @@ ext2_init_acl(struct inode *inode, struct inode *dir)
if (error)
goto cleanup;
}
- error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
+ error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
if (error < 0)
return error;
if (error > 0) {
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index 6691a6c..4f3d8fa 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -271,7 +271,7 @@ ext3_init_acl(handle_t *handle, struct inode *inode, struct
inode *dir)
if (error)
goto cleanup;
}
- error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
+ error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
if (error < 0)
return error;
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index 2eebe02..f827f3b 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -276,7 +276,7 @@ ext4_init_acl(handle_t *handle, struct inode *inode, struct
inode *dir)
if (error)
goto cleanup;
}
- error = posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
+ error = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
if (error < 0)
return error;
diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c
index 14c4df0..45e8430 100644
--- a/fs/f2fs/acl.c
+++ b/fs/f2fs/acl.c
@@ -285,7 +285,7 @@ int f2fs_init_acl(struct inode *inode, struct inode *dir,
struct page *ipage)
if (error)
goto cleanup;
}
- error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
+ error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
if (error < 0)
return error;
if (error > 0)
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index 46a5076..4357f39 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -128,7 +128,7 @@ generic_acl_init(struct inode *inode, struct inode *dir)
if (acl) {
if (S_ISDIR(inode->i_mode))
set_cached_acl(inode, ACL_TYPE_DEFAULT, acl);
- error = posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
+ error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
if (error < 0)
return error;
if (error > 0)
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index 3e200c7..e82e4ac 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -131,7 +131,7 @@ int gfs2_acl_create(struct gfs2_inode *dip, struct inode
*inode)
goto out;
}
- error = posix_acl_create(&acl, GFP_NOFS, &mode);
+ error = __posix_acl_create(&acl, GFP_NOFS
[Cluster-devel] [PATCH 09/18] f2fs: use generic posix ACL infrastructure
f2fs has some weird mode bit handling, so still using the old
chmod code for now.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jaegeuk Kim
---
fs/f2fs/acl.c | 174 ++-
fs/f2fs/acl.h |7 +--
fs/f2fs/f2fs.h |4 ++
fs/f2fs/file.c |3 +-
fs/f2fs/namei.c |2 +
fs/f2fs/xattr.c |9 +--
fs/f2fs/xattr.h |2 -
7 files changed, 31 insertions(+), 170 deletions(-)
diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c
index 45e8430..fa8da4c 100644
--- a/fs/f2fs/acl.c
+++ b/fs/f2fs/acl.c
@@ -17,9 +17,6 @@
#include "xattr.h"
#include "acl.h"
-#define get_inode_mode(i) ((is_inode_flag_set(F2FS_I(i), FI_ACL_MODE)) ? \
- (F2FS_I(i)->i_acl_mode) : ((i)->i_mode))
-
static inline size_t f2fs_acl_size(int count)
{
if (count <= 4) {
@@ -167,19 +164,11 @@ fail:
struct posix_acl *f2fs_get_acl(struct inode *inode, int type)
{
- struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb);
int name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
void *value = NULL;
struct posix_acl *acl;
int retval;
- if (!test_opt(sbi, POSIX_ACL))
- return NULL;
-
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
if (type == ACL_TYPE_ACCESS)
name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
@@ -205,21 +194,15 @@ struct posix_acl *f2fs_get_acl(struct inode *inode, int
type)
return acl;
}
-static int f2fs_set_acl(struct inode *inode, int type,
+static int __f2fs_set_acl(struct inode *inode, int type,
struct posix_acl *acl, struct page *ipage)
{
- struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb);
struct f2fs_inode_info *fi = F2FS_I(inode);
int name_index;
void *value = NULL;
size_t size = 0;
int error;
- if (!test_opt(sbi, POSIX_ACL))
- return 0;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
switch (type) {
case ACL_TYPE_ACCESS:
name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
@@ -261,154 +244,31 @@ static int f2fs_set_acl(struct inode *inode, int type,
return error;
}
-int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage)
+int f2fs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
- struct f2fs_sb_info *sbi = F2FS_SB(dir->i_sb);
- struct posix_acl *acl = NULL;
- int error = 0;
-
- if (!S_ISLNK(inode->i_mode)) {
- if (test_opt(sbi, POSIX_ACL)) {
- acl = f2fs_get_acl(dir, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- }
- if (!acl)
- inode->i_mode &= ~current_umask();
- }
-
- if (!test_opt(sbi, POSIX_ACL) || !acl)
- goto cleanup;
-
- if (S_ISDIR(inode->i_mode)) {
- error = f2fs_set_acl(inode, ACL_TYPE_DEFAULT, acl, ipage);
- if (error)
- goto cleanup;
- }
- error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
- if (error < 0)
- return error;
- if (error > 0)
- error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, ipage);
-cleanup:
- posix_acl_release(acl);
- return error;
+ return __f2fs_set_acl(inode, type, acl, NULL);
}
-int f2fs_acl_chmod(struct inode *inode)
+int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage)
{
- struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb);
- struct posix_acl *acl;
- int error;
- umode_t mode = get_inode_mode(inode);
-
- if (!test_opt(sbi, POSIX_ACL))
- return 0;
- if (S_ISLNK(mode))
- return -EOPNOTSUPP;
-
- acl = f2fs_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
+ struct posix_acl *default_acl, *acl;
+ int error = 0;
- error = __posix_acl_chmod(&acl, GFP_KERNEL, mode);
+ error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
if (error)
return error;
- error = f2fs_set_acl(inode, ACL_TYPE_ACCESS, acl, NULL);
- posix_acl_release(acl);
- return error;
-}
-
-static size_t f2fs_xattr_list_acl(struct dentry *dentry, char *list,
- size_t list_size, const char *name, size_t name_len, int type)
-{
- struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb);
- const char *xname = POSIX_ACL_XATTR_DEFAULT;
- size_t size;
-
- if (!test_opt(sbi, POSIX_ACL))
- return 0;
-
- if (type == ACL_TYPE_ACCESS)
- xname = POSIX_ACL_XATTR_ACCESS;
-
- size = strlen(xname) + 1;
- if (list && size <= list_size)
- memcpy(list, xname, si
[Cluster-devel] [PATCH 01/18] reiserfs: prefix ACL symbols with reiserfs_
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/reiserfs/xattr_acl.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c
index 06c04f7..6f721ea 100644
--- a/fs/reiserfs/xattr_acl.c
+++ b/fs/reiserfs/xattr_acl.c
@@ -16,7 +16,7 @@ static int reiserfs_set_acl(struct
reiserfs_transaction_handle *th,
struct posix_acl *acl);
static int
-posix_acl_set(struct dentry *dentry, const char *name, const void *value,
+reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void
*value,
size_t size, int flags, int type)
{
struct inode *inode = dentry->d_inode;
@@ -65,7 +65,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const
void *value,
}
static int
-posix_acl_get(struct dentry *dentry, const char *name, void *buffer,
+reiserfs_posix_acl_get(struct dentry *dentry, const char *name, void *buffer,
size_t size, int type)
{
struct posix_acl *acl;
@@ -88,7 +88,7 @@ posix_acl_get(struct dentry *dentry, const char *name, void
*buffer,
/*
* Convert from filesystem to in-memory representation.
*/
-static struct posix_acl *posix_acl_from_disk(const void *value, size_t size)
+static struct posix_acl *reiserfs_posix_acl_from_disk(const void *value,
size_t size)
{
const char *end = (char *)value + size;
int n, count;
@@ -158,7 +158,7 @@ static struct posix_acl *posix_acl_from_disk(const void
*value, size_t size)
/*
* Convert from in-memory to filesystem representation.
*/
-static void *posix_acl_to_disk(const struct posix_acl *acl, size_t * size)
+static void *reiserfs_posix_acl_to_disk(const struct posix_acl *acl, size_t *
size)
{
reiserfs_acl_header *ext_acl;
char *e;
@@ -257,7 +257,7 @@ struct posix_acl *reiserfs_get_acl(struct inode *inode, int
type)
} else if (retval < 0) {
acl = ERR_PTR(retval);
} else {
- acl = posix_acl_from_disk(value, retval);
+ acl = reiserfs_posix_acl_from_disk(value, retval);
}
if (!IS_ERR(acl))
set_cached_acl(inode, type, acl);
@@ -307,7 +307,7 @@ reiserfs_set_acl(struct reiserfs_transaction_handle *th,
struct inode *inode,
}
if (acl) {
- value = posix_acl_to_disk(acl, &size);
+ value = reiserfs_posix_acl_to_disk(acl, &size);
if (IS_ERR(value))
return (int)PTR_ERR(value);
}
@@ -499,8 +499,8 @@ static size_t posix_acl_access_list(struct dentry *dentry,
char *list,
const struct xattr_handler reiserfs_posix_acl_access_handler = {
.prefix = POSIX_ACL_XATTR_ACCESS,
.flags = ACL_TYPE_ACCESS,
- .get = posix_acl_get,
- .set = posix_acl_set,
+ .get = reiserfs_posix_acl_get,
+ .set = reiserfs_posix_acl_set,
.list = posix_acl_access_list,
};
@@ -519,7 +519,7 @@ static size_t posix_acl_default_list(struct dentry *dentry,
char *list,
const struct xattr_handler reiserfs_posix_acl_default_handler = {
.prefix = POSIX_ACL_XATTR_DEFAULT,
.flags = ACL_TYPE_DEFAULT,
- .get = posix_acl_get,
- .set = posix_acl_set,
+ .get = reiserfs_posix_acl_get,
+ .set = reiserfs_posix_acl_set,
.list = posix_acl_default_list,
};
--
1.7.10.4
[Cluster-devel] [PATCH 15/18] jfs: use generic posix ACL infrastructure
Copy the scheme I introduced to btrfs many years ago to only use the
xattr handler for ACLs, but pass plain attrs straight through.
Signed-off-by: Christoph Hellwig
Reviewed-by: Dave Kleikamp
---
fs/jfs/acl.c | 105 --
fs/jfs/file.c |4 +-
fs/jfs/jfs_acl.h |7 +---
fs/jfs/jfs_xattr.h |2 +
fs/jfs/namei.c |1 +
fs/jfs/super.c |2 +
fs/jfs/xattr.c | 108 ++--
7 files changed, 89 insertions(+), 140 deletions(-)
diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c
index 28d529a..e973b85 100644
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -72,7 +72,7 @@ struct posix_acl *jfs_get_acl(struct inode *inode, int type)
return acl;
}
-static int jfs_set_acl(tid_t tid, struct inode *inode, int type,
+static int __jfs_set_acl(tid_t tid, struct inode *inode, int type,
struct posix_acl *acl)
{
char *ea_name;
@@ -80,21 +80,22 @@ static int jfs_set_acl(tid_t tid, struct inode *inode, int
type,
int size = 0;
char *value = NULL;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
- switch(type) {
- case ACL_TYPE_ACCESS:
- ea_name = POSIX_ACL_XATTR_ACCESS;
- break;
- case ACL_TYPE_DEFAULT:
- ea_name = POSIX_ACL_XATTR_DEFAULT;
- if (!S_ISDIR(inode->i_mode))
- return acl ? -EACCES : 0;
- break;
- default:
- return -EINVAL;
+ switch (type) {
+ case ACL_TYPE_ACCESS:
+ ea_name = POSIX_ACL_XATTR_ACCESS;
+ rc = posix_acl_equiv_mode(acl, &inode->i_mode);
+ if (rc < 0)
+ return rc;
+ if (rc == 0)
+ acl = NULL;
+ break;
+ case ACL_TYPE_DEFAULT:
+ ea_name = POSIX_ACL_XATTR_DEFAULT;
+ break;
+ default:
+ return -EINVAL;
}
+
if (acl) {
size = posix_acl_xattr_size(acl->a_count);
value = kmalloc(size, GFP_KERNEL);
@@ -114,65 +115,43 @@ out:
return rc;
}
+int jfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
+{
+ int rc;
+ tid_t tid;
+
+ tid = txBegin(inode->i_sb, 0);
+ mutex_lock(&JFS_IP(inode)->commit_mutex);
+ rc = __jfs_set_acl(tid, inode, type, acl);
+ if (!rc)
+ rc = txCommit(tid, 1, &inode, 0);
+ txEnd(tid);
+ mutex_unlock(&JFS_IP(inode)->commit_mutex);
+ return rc;
+}
+
int jfs_init_acl(tid_t tid, struct inode *inode, struct inode *dir)
{
- struct posix_acl *acl = NULL;
+ struct posix_acl *default_acl, *acl;
int rc = 0;
- if (S_ISLNK(inode->i_mode))
- return 0;
+ rc = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
+ if (rc)
+ return rc;
- acl = jfs_get_acl(dir, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
+ if (default_acl) {
+ rc = __jfs_set_acl(tid, inode, ACL_TYPE_DEFAULT, default_acl);
+ posix_acl_release(default_acl);
+ }
if (acl) {
- if (S_ISDIR(inode->i_mode)) {
- rc = jfs_set_acl(tid, inode, ACL_TYPE_DEFAULT, acl);
- if (rc)
- goto cleanup;
- }
- rc = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
- if (rc < 0)
- goto cleanup; /* posix_acl_release(NULL) is no-op */
- if (rc > 0)
- rc = jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl);
-cleanup:
+ if (!rc)
+ rc = __jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl);
posix_acl_release(acl);
- } else
- inode->i_mode &= ~current_umask();
+ }
JFS_IP(inode)->mode2 = (JFS_IP(inode)->mode2 & 0x) |
inode->i_mode;
return rc;
}
-
-int jfs_acl_chmod(struct inode *inode)
-{
- struct posix_acl *acl;
- int rc;
- tid_t tid;
-
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
- acl = jfs_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
-
- rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
- if (rc)
- return rc;
-
- tid = txBegin(inode->i_sb, 0);
- mutex_lock(&JFS_IP(inode)->commit_mutex);
- rc = jfs_set_acl(tid, inode, ACL_TYPE_ACCESS, acl);
- if (!rc)
- rc = txCommit(tid, 1, &inode, 0);
- txEnd(tid);
- mutex_unlock(&JFS_IP(inode)->commit_mutex);
-
- posix_acl_release(acl);
-
[Cluster-devel] [PATCH 11/18] jffs2: use generic posix ACL infrastructure
Also don't bother to set up a .get_acl method for symlinks as we do not
support access control (ACLs or even mode bits) for symlinks in Linux.
Signed-off-by: Christoph Hellwig
---
fs/jffs2/acl.c | 141
fs/jffs2/acl.h |7 +--
fs/jffs2/dir.c |1 +
fs/jffs2/file.c|1 +
fs/jffs2/fs.c |7 +--
fs/jffs2/symlink.c |1 -
fs/jffs2/xattr.c |9 ++--
7 files changed, 24 insertions(+), 143 deletions(-)
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c
index 4d6e31b..009ec0b 100644
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -178,10 +178,6 @@ struct posix_acl *jffs2_get_acl(struct inode *inode, int
type)
char *value = NULL;
int rc, xprefix;
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
switch (type) {
case ACL_TYPE_ACCESS:
xprefix = JFFS2_XPREFIX_ACL_ACCESS;
@@ -232,13 +228,10 @@ static int __jffs2_set_acl(struct inode *inode, int
xprefix, struct posix_acl *a
return rc;
}
-static int jffs2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
+int jffs2_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
int rc, xprefix;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
-
switch (type) {
case ACL_TYPE_ACCESS:
xprefix = JFFS2_XPREFIX_ACL_ACCESS;
@@ -277,30 +270,21 @@ static int jffs2_set_acl(struct inode *inode, int type,
struct posix_acl *acl)
int jffs2_init_acl_pre(struct inode *dir_i, struct inode *inode, umode_t
*i_mode)
{
- struct posix_acl *acl;
+ struct posix_acl *default_acl, *acl;
int rc;
cache_no_acl(inode);
- if (S_ISLNK(*i_mode))
- return 0; /* Symlink always has no-ACL */
-
- acl = jffs2_get_acl(dir_i, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
-
- if (!acl) {
- *i_mode &= ~current_umask();
- } else {
- if (S_ISDIR(*i_mode))
- set_cached_acl(inode, ACL_TYPE_DEFAULT, acl);
-
- rc = __posix_acl_create(&acl, GFP_KERNEL, i_mode);
- if (rc < 0)
- return rc;
- if (rc > 0)
- set_cached_acl(inode, ACL_TYPE_ACCESS, acl);
+ rc = posix_acl_create(dir_i, i_mode, &default_acl, &acl);
+ if (rc)
+ return rc;
+ if (default_acl) {
+ set_cached_acl(inode, ACL_TYPE_DEFAULT, default_acl);
+ posix_acl_release(default_acl);
+ }
+ if (acl) {
+ set_cached_acl(inode, ACL_TYPE_ACCESS, acl);
posix_acl_release(acl);
}
return 0;
@@ -324,106 +308,3 @@ int jffs2_init_acl_post(struct inode *inode)
return 0;
}
-
-int jffs2_acl_chmod(struct inode *inode)
-{
- struct posix_acl *acl;
- int rc;
-
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
- acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
- rc = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
- if (rc)
- return rc;
- rc = jffs2_set_acl(inode, ACL_TYPE_ACCESS, acl);
- posix_acl_release(acl);
- return rc;
-}
-
-static size_t jffs2_acl_access_listxattr(struct dentry *dentry, char *list,
- size_t list_size, const char *name, size_t name_len, int type)
-{
- const int retlen = sizeof(POSIX_ACL_XATTR_ACCESS);
-
- if (list && retlen <= list_size)
- strcpy(list, POSIX_ACL_XATTR_ACCESS);
- return retlen;
-}
-
-static size_t jffs2_acl_default_listxattr(struct dentry *dentry, char *list,
- size_t list_size, const char *name, size_t name_len, int type)
-{
- const int retlen = sizeof(POSIX_ACL_XATTR_DEFAULT);
-
- if (list && retlen <= list_size)
- strcpy(list, POSIX_ACL_XATTR_DEFAULT);
- return retlen;
-}
-
-static int jffs2_acl_getxattr(struct dentry *dentry, const char *name,
- void *buffer, size_t size, int type)
-{
- struct posix_acl *acl;
- int rc;
-
- if (name[0] != '\0')
- return -EINVAL;
-
- acl = jffs2_get_acl(dentry->d_inode, type);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- if (!acl)
- return -ENODATA;
- rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
- posix_acl_release(acl);
-
- return rc;
-}
-
-static int jffs2_acl_setxattr(struct dentry *dentry, const char *name,
- const void *value, size_t size, int flags, int type)
-{
- struct posix_acl *acl;
- int rc;
-
- if (name[0] != '\0')
- return -EINVAL;
- if (!inode_owner_or_capable(dentry->d_inode))
- return -EPERM;
-
- if (val
[Cluster-devel] [PATCH 18/18] fs: remove generic_acl
And instead convert tmpfs to use the new generic ACL code, with two stub
methods provided for in-memory filesystems.
Signed-off-by: Christoph Hellwig
---
fs/Kconfig |6 +-
fs/Makefile |1 -
fs/generic_acl.c| 184 ---
fs/posix_acl.c | 36 +
include/linux/generic_acl.h | 14
include/linux/posix_acl.h |9 +++
mm/shmem.c | 57 ++
7 files changed, 69 insertions(+), 238 deletions(-)
delete mode 100644 fs/generic_acl.c
delete mode 100644 include/linux/generic_acl.h
diff --git a/fs/Kconfig b/fs/Kconfig
index c229f82..7385e54 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -68,10 +68,6 @@ source "fs/quota/Kconfig"
source "fs/autofs4/Kconfig"
source "fs/fuse/Kconfig"
-config GENERIC_ACL
- bool
- select FS_POSIX_ACL
-
menu "Caches"
source "fs/fscache/Kconfig"
@@ -119,7 +115,7 @@ config TMPFS_POSIX_ACL
bool "Tmpfs POSIX Access Control Lists"
depends on TMPFS
select TMPFS_XATTR
- select GENERIC_ACL
+ select FS_POSIX_ACL
help
POSIX Access Control Lists (ACLs) support additional access rights
for users and groups beyond the standard owner/group/world scheme,
diff --git a/fs/Makefile b/fs/Makefile
index 4fe6df3..30dc16d 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -44,7 +44,6 @@ obj-$(CONFIG_BINFMT_FLAT) += binfmt_flat.o
obj-$(CONFIG_FS_MBCACHE) += mbcache.o
obj-$(CONFIG_FS_POSIX_ACL) += posix_acl.o xattr_acl.o
obj-$(CONFIG_NFS_COMMON) += nfs_common/
-obj-$(CONFIG_GENERIC_ACL) += generic_acl.o
obj-$(CONFIG_COREDUMP) += coredump.o
obj-$(CONFIG_SYSCTL) += drop_caches.o
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
deleted file mode 100644
index 4357f39..000
--- a/fs/generic_acl.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * (C) 2005 Andreas Gruenbacher
- *
- * This file is released under the GPL.
- *
- * Generic ACL support for in-memory filesystems.
- */
-
-#include
-#include
-#include
-#include
-#include
-#include
-
-
-static size_t
-generic_acl_list(struct dentry *dentry, char *list, size_t list_size,
- const char *name, size_t name_len, int type)
-{
- struct posix_acl *acl;
- const char *xname;
- size_t size;
-
- acl = get_cached_acl(dentry->d_inode, type);
- if (!acl)
- return 0;
- posix_acl_release(acl);
-
- switch (type) {
- case ACL_TYPE_ACCESS:
- xname = POSIX_ACL_XATTR_ACCESS;
- break;
- case ACL_TYPE_DEFAULT:
- xname = POSIX_ACL_XATTR_DEFAULT;
- break;
- default:
- return 0;
- }
- size = strlen(xname) + 1;
- if (list && size <= list_size)
- memcpy(list, xname, size);
- return size;
-}
-
-static int
-generic_acl_get(struct dentry *dentry, const char *name, void *buffer,
-size_t size, int type)
-{
- struct posix_acl *acl;
- int error;
-
- if (strcmp(name, "") != 0)
- return -EINVAL;
-
- acl = get_cached_acl(dentry->d_inode, type);
- if (!acl)
- return -ENODATA;
- error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
- posix_acl_release(acl);
-
- return error;
-}
-
-static int
-generic_acl_set(struct dentry *dentry, const char *name, const void *value,
-size_t size, int flags, int type)
-{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl = NULL;
- int error;
-
- if (strcmp(name, "") != 0)
- return -EINVAL;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
- if (!inode_owner_or_capable(inode))
- return -EPERM;
- if (value) {
- acl = posix_acl_from_xattr(&init_user_ns, value, size);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- }
- if (acl) {
- error = posix_acl_valid(acl);
- if (error)
- goto failed;
- switch (type) {
- case ACL_TYPE_ACCESS:
- error = posix_acl_equiv_mode(acl, &inode->i_mode);
- if (error < 0)
- goto failed;
- inode->i_ctime = CURRENT_TIME;
- if (error == 0) {
- posix_acl_release(acl);
- acl = NULL;
- }
- break;
- case ACL_TYPE_DEFAULT:
- if (!S_ISDIR(inode->i_mode)) {
- error = -EINVAL;
- goto failed;
- }
- break;
- }
- }
- set_cached_acl(inode, type, acl);
- err
[Cluster-devel] [PATCH 05/18] fs: make posix_acl_chmod more useful
Rename the current posix_acl_chmod to __posix_acl_chmod and add
a fully featured ACL chmod helper that uses the ->set_acl inode
operation.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/9p/acl.c |2 +-
fs/btrfs/acl.c|2 +-
fs/ext2/acl.c |2 +-
fs/ext3/acl.c |2 +-
fs/ext4/acl.c |2 +-
fs/f2fs/acl.c |2 +-
fs/generic_acl.c |2 +-
fs/gfs2/acl.c |2 +-
fs/hfsplus/posix_acl.c|2 +-
fs/jffs2/acl.c|2 +-
fs/jfs/acl.c |2 +-
fs/ocfs2/acl.c|2 +-
fs/posix_acl.c| 30 +++---
fs/reiserfs/xattr_acl.c |2 +-
fs/xfs/xfs_acl.c |2 +-
include/linux/posix_acl.h | 17 +
16 files changed, 54 insertions(+), 21 deletions(-)
diff --git a/fs/9p/acl.c b/fs/9p/acl.c
index 7af425f..f5ce5c5 100644
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -156,7 +156,7 @@ int v9fs_acl_chmod(struct inode *inode, struct p9_fid *fid)
return -EOPNOTSUPP;
acl = v9fs_get_cached_acl(inode, ACL_TYPE_ACCESS);
if (acl) {
- retval = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ retval = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (retval)
return retval;
set_cached_acl(inode, ACL_TYPE_ACCESS, acl);
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index 0890c83..1af04ff 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -256,7 +256,7 @@ int btrfs_acl_chmod(struct inode *inode)
if (IS_ERR_OR_NULL(acl))
return PTR_ERR(acl);
- ret = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (ret)
return ret;
ret = btrfs_set_acl(NULL, inode, acl, ACL_TYPE_ACCESS);
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 110b6b3..7006ced 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -308,7 +308,7 @@ ext2_acl_chmod(struct inode *inode)
acl = ext2_get_acl(inode, ACL_TYPE_ACCESS);
if (IS_ERR(acl) || !acl)
return PTR_ERR(acl);
- error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (error)
return error;
error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl);
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index dbb5ad5..6691a6c 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -314,7 +314,7 @@ ext3_acl_chmod(struct inode *inode)
acl = ext3_get_acl(inode, ACL_TYPE_ACCESS);
if (IS_ERR(acl) || !acl)
return PTR_ERR(acl);
- error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (error)
return error;
retry:
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index 39a54a0..2eebe02 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -320,7 +320,7 @@ ext4_acl_chmod(struct inode *inode)
acl = ext4_get_acl(inode, ACL_TYPE_ACCESS);
if (IS_ERR(acl) || !acl)
return PTR_ERR(acl);
- error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (error)
return error;
retry:
diff --git a/fs/f2fs/acl.c b/fs/f2fs/acl.c
index d0fc287..14c4df0 100644
--- a/fs/f2fs/acl.c
+++ b/fs/f2fs/acl.c
@@ -311,7 +311,7 @@ int f2fs_acl_chmod(struct inode *inode)
if (IS_ERR(acl) || !acl)
return PTR_ERR(acl);
- error = posix_acl_chmod(&acl, GFP_KERNEL, mode);
+ error = __posix_acl_chmod(&acl, GFP_KERNEL, mode);
if (error)
return error;
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index b3f3676..46a5076 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -158,7 +158,7 @@ generic_acl_chmod(struct inode *inode)
return -EOPNOTSUPP;
acl = get_cached_acl(inode, ACL_TYPE_ACCESS);
if (acl) {
- error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (error)
return error;
set_cached_acl(inode, ACL_TYPE_ACCESS, acl);
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index f69ac0a..3e200c7 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -162,7 +162,7 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr
*attr)
if (!acl)
return gfs2_setattr_simple(inode, attr);
- error = posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode);
+ error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode);
if (error)
return error;
diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c
index b609cc1..cab5fd6 100644
--- a/fs/hfsplus/p
[Cluster-devel] [PATCH 10/18] hfsplus: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig
Reviewed-by: Vyacheslav Dubeyko
---
fs/hfsplus/acl.h |9 +--
fs/hfsplus/dir.c |1 +
fs/hfsplus/inode.c |3 +-
fs/hfsplus/posix_acl.c | 168 +---
fs/hfsplus/xattr.c |5 +-
fs/hfsplus/xattr.h |2 -
6 files changed, 26 insertions(+), 162 deletions(-)
diff --git a/fs/hfsplus/acl.h b/fs/hfsplus/acl.h
index 07c0d49..95c8ed9 100644
--- a/fs/hfsplus/acl.h
+++ b/fs/hfsplus/acl.h
@@ -12,16 +12,13 @@
/* posix_acl.c */
struct posix_acl *hfsplus_get_posix_acl(struct inode *inode, int type);
-extern int hfsplus_posix_acl_chmod(struct inode *);
+int hfsplus_set_posix_acl(struct inode *inode, struct posix_acl *acl,
+ int type);
extern int hfsplus_init_posix_acl(struct inode *, struct inode *);
#else /* CONFIG_HFSPLUS_FS_POSIX_ACL */
#define hfsplus_get_posix_acl NULL
-
-static inline int hfsplus_posix_acl_chmod(struct inode *inode)
-{
- return 0;
-}
+#define hfsplus_set_posix_acl NULL
static inline int hfsplus_init_posix_acl(struct inode *inode, struct inode
*dir)
{
diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c
index 4a4fea0..9ee6298 100644
--- a/fs/hfsplus/dir.c
+++ b/fs/hfsplus/dir.c
@@ -532,6 +532,7 @@ const struct inode_operations hfsplus_dir_inode_operations
= {
.removexattr= hfsplus_removexattr,
#ifdef CONFIG_HFSPLUS_FS_POSIX_ACL
.get_acl= hfsplus_get_posix_acl,
+ .set_acl= hfsplus_set_posix_acl,
#endif
};
diff --git a/fs/hfsplus/inode.c b/fs/hfsplus/inode.c
index 37213d0..2e10993 100644
--- a/fs/hfsplus/inode.c
+++ b/fs/hfsplus/inode.c
@@ -319,7 +319,7 @@ static int hfsplus_setattr(struct dentry *dentry, struct
iattr *attr)
mark_inode_dirty(inode);
if (attr->ia_valid & ATTR_MODE) {
- error = hfsplus_posix_acl_chmod(inode);
+ error = posix_acl_chmod(inode, inode->i_mode);
if (unlikely(error))
return error;
}
@@ -393,6 +393,7 @@ static const struct inode_operations
hfsplus_file_inode_operations = {
.removexattr= hfsplus_removexattr,
#ifdef CONFIG_HFSPLUS_FS_POSIX_ACL
.get_acl= hfsplus_get_posix_acl,
+ .set_acl= hfsplus_set_posix_acl,
#endif
};
diff --git a/fs/hfsplus/posix_acl.c b/fs/hfsplus/posix_acl.c
index 277942f..df0c9af 100644
--- a/fs/hfsplus/posix_acl.c
+++ b/fs/hfsplus/posix_acl.c
@@ -17,9 +17,7 @@ struct posix_acl *hfsplus_get_posix_acl(struct inode *inode,
int type)
char *value = NULL;
ssize_t size;
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
+ hfs_dbg(ACL_MOD, "[%s]: ino %lu\n", __func__, inode->i_ino);
switch (type) {
case ACL_TYPE_ACCESS:
@@ -56,17 +54,15 @@ struct posix_acl *hfsplus_get_posix_acl(struct inode
*inode, int type)
return acl;
}
-static int hfsplus_set_posix_acl(struct inode *inode,
- int type,
- struct posix_acl *acl)
+int hfsplus_set_posix_acl(struct inode *inode, struct posix_acl *acl,
+ int type)
{
int err;
char *xattr_name;
size_t size = 0;
char *value = NULL;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
+ hfs_dbg(ACL_MOD, "[%s]: ino %lu\n", __func__, inode->i_ino);
switch (type) {
case ACL_TYPE_ACCESS:
@@ -115,7 +111,7 @@ end_set_acl:
int hfsplus_init_posix_acl(struct inode *inode, struct inode *dir)
{
int err = 0;
- struct posix_acl *acl = NULL;
+ struct posix_acl *default_acl, *acl;
hfs_dbg(ACL_MOD,
"[%s]: ino %lu, dir->ino %lu\n",
@@ -124,151 +120,21 @@ int hfsplus_init_posix_acl(struct inode *inode, struct
inode *dir)
if (S_ISLNK(inode->i_mode))
return 0;
- acl = hfsplus_get_posix_acl(dir, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
-
- if (acl) {
- if (S_ISDIR(inode->i_mode)) {
- err = hfsplus_set_posix_acl(inode,
- ACL_TYPE_DEFAULT,
- acl);
- if (unlikely(err))
- goto init_acl_cleanup;
- }
-
- err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode);
- if (unlikely(err < 0))
- return err;
-
- if (err > 0)
- err = hfsplus_set_posix_acl(inode,
- ACL_TYPE_ACCESS,
- acl);
- } else
- inode->i_mode &= ~current_umask();
-
-init_acl_cleanup:
- posix_acl_release(acl);
- return er
[Cluster-devel] [PATCH 13/18] reiserfs: use generic posix ACL infrastructure
Also don't bother to set up a .get_acl method for symlinks as we do not
support access control (ACLs or even mode bits) for symlinks in Linux.
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/reiserfs/acl.h |4 +-
fs/reiserfs/file.c |1 +
fs/reiserfs/namei.c |4 +-
fs/reiserfs/xattr.c |5 +-
fs/reiserfs/xattr_acl.c | 182 +++
5 files changed, 35 insertions(+), 161 deletions(-)
diff --git a/fs/reiserfs/acl.h b/fs/reiserfs/acl.h
index f096b80..4a211f5 100644
--- a/fs/reiserfs/acl.h
+++ b/fs/reiserfs/acl.h
@@ -48,18 +48,18 @@ static inline int reiserfs_acl_count(size_t size)
#ifdef CONFIG_REISERFS_FS_POSIX_ACL
struct posix_acl *reiserfs_get_acl(struct inode *inode, int type);
+int reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type);
int reiserfs_acl_chmod(struct inode *inode);
int reiserfs_inherit_default_acl(struct reiserfs_transaction_handle *th,
struct inode *dir, struct dentry *dentry,
struct inode *inode);
int reiserfs_cache_default_acl(struct inode *dir);
-extern const struct xattr_handler reiserfs_posix_acl_default_handler;
-extern const struct xattr_handler reiserfs_posix_acl_access_handler;
#else
#define reiserfs_cache_default_acl(inode) 0
#define reiserfs_get_acl NULL
+#define reiserfs_set_acl NULL
static inline int reiserfs_acl_chmod(struct inode *inode)
{
diff --git a/fs/reiserfs/file.c b/fs/reiserfs/file.c
index dcaafcf..ed58d84 100644
--- a/fs/reiserfs/file.c
+++ b/fs/reiserfs/file.c
@@ -260,4 +260,5 @@ const struct inode_operations
reiserfs_file_inode_operations = {
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
.get_acl = reiserfs_get_acl,
+ .set_acl = reiserfs_set_acl,
};
diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c
index dc5236f..e825f8b 100644
--- a/fs/reiserfs/namei.c
+++ b/fs/reiserfs/namei.c
@@ -1522,6 +1522,7 @@ const struct inode_operations
reiserfs_dir_inode_operations = {
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
.get_acl = reiserfs_get_acl,
+ .set_acl = reiserfs_set_acl,
};
/*
@@ -1538,8 +1539,6 @@ const struct inode_operations
reiserfs_symlink_inode_operations = {
.listxattr = reiserfs_listxattr,
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
- .get_acl = reiserfs_get_acl,
-
};
/*
@@ -1553,4 +1552,5 @@ const struct inode_operations
reiserfs_special_inode_operations = {
.removexattr = reiserfs_removexattr,
.permission = reiserfs_permission,
.get_acl = reiserfs_get_acl,
+ .set_acl = reiserfs_set_acl,
};
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c
index 8a9e2dc..5cdfbd6 100644
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -50,6 +50,7 @@
#include
#include
#include
+#include
#define PRIVROOT_NAME ".reiserfs_priv"
#define XAROOT_NAME "xattrs"
@@ -904,8 +905,8 @@ static const struct xattr_handler
*reiserfs_xattr_handlers[] = {
&reiserfs_xattr_security_handler,
#endif
#ifdef CONFIG_REISERFS_FS_POSIX_ACL
- &reiserfs_posix_acl_access_handler,
- &reiserfs_posix_acl_default_handler,
+ &posix_acl_access_xattr_handler,
+ &posix_acl_default_xattr_handler,
#endif
NULL
};
diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c
index d95c959..a6ce532 100644
--- a/fs/reiserfs/xattr_acl.c
+++ b/fs/reiserfs/xattr_acl.c
@@ -11,35 +11,19 @@
#include "acl.h"
#include
-static int reiserfs_set_acl(struct reiserfs_transaction_handle *th,
+static int __reiserfs_set_acl(struct reiserfs_transaction_handle *th,
struct inode *inode, int type,
struct posix_acl *acl);
-static int
-reiserfs_posix_acl_set(struct dentry *dentry, const char *name, const void
*value,
- size_t size, int flags, int type)
+
+int
+reiserfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
- struct inode *inode = dentry->d_inode;
- struct posix_acl *acl;
int error, error2;
struct reiserfs_transaction_handle th;
size_t jcreate_blocks;
- if (!reiserfs_posixacl(inode->i_sb))
- return -EOPNOTSUPP;
- if (!inode_owner_or_capable(inode))
- return -EPERM;
-
- if (value) {
- acl = posix_acl_from_xattr(&init_user_ns, value, size);
- if (IS_ERR(acl)) {
- return PTR_ERR(acl);
- } else if (acl) {
- error = posix_acl_valid(acl);
- if (error)
- goto release_and_out;
- }
- } else
- acl = NULL;
+ int size = acl ? posix_acl_xattr_size(acl->a_count) : 0;
+
/* Pessimism: We can't assume that anything from
[Cluster-devel] [PATCH 08/18] ext2/3/4: use generic posix ACL infrastructure
Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
---
fs/ext2/acl.c | 188 --
fs/ext2/acl.h |8 +-
fs/ext2/file.c |1 +
fs/ext2/inode.c |2 +-
fs/ext2/namei.c |2 +
fs/ext2/xattr.c |8 +-
fs/ext2/xattr.h |2 -
fs/ext3/acl.c | 223 ---
fs/ext3/acl.h |9 +--
fs/ext3/file.c |1 +
fs/ext3/inode.c |2 +-
fs/ext3/namei.c |2 +
fs/ext3/xattr.c |8 +-
fs/ext3/xattr.h |2 -
fs/ext4/acl.c | 223 +++
fs/ext4/acl.h |9 +--
fs/ext4/file.c |1 +
fs/ext4/inode.c |2 +-
fs/ext4/namei.c |2 +
fs/ext4/xattr.c |8 +-
fs/ext4/xattr.h |2 -
21 files changed, 100 insertions(+), 605 deletions(-)
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 6e842a7..1b8001b 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -148,13 +148,6 @@ ext2_get_acl(struct inode *inode, int type)
struct posix_acl *acl;
int retval;
- if (!test_opt(inode->i_sb, POSIX_ACL))
- return NULL;
-
- acl = get_cached_acl(inode, type);
- if (acl != ACL_NOT_CACHED)
- return acl;
-
switch (type) {
case ACL_TYPE_ACCESS:
name_index = EXT2_XATTR_INDEX_POSIX_ACL_ACCESS;
@@ -189,19 +182,14 @@ ext2_get_acl(struct inode *inode, int type)
/*
* inode->i_mutex: down
*/
-static int
-ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
+int
+ext2_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
int name_index;
void *value = NULL;
size_t size = 0;
int error;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
- if (!test_opt(inode->i_sb, POSIX_ACL))
- return 0;
-
switch(type) {
case ACL_TYPE_ACCESS:
name_index = EXT2_XATTR_INDEX_POSIX_ACL_ACCESS;
@@ -250,169 +238,21 @@ ext2_set_acl(struct inode *inode, int type, struct
posix_acl *acl)
int
ext2_init_acl(struct inode *inode, struct inode *dir)
{
- struct posix_acl *acl = NULL;
- int error = 0;
-
- if (!S_ISLNK(inode->i_mode)) {
- if (test_opt(dir->i_sb, POSIX_ACL)) {
- acl = ext2_get_acl(dir, ACL_TYPE_DEFAULT);
- if (IS_ERR(acl))
- return PTR_ERR(acl);
- }
- if (!acl)
- inode->i_mode &= ~current_umask();
- }
- if (test_opt(inode->i_sb, POSIX_ACL) && acl) {
- if (S_ISDIR(inode->i_mode)) {
- error = ext2_set_acl(inode, ACL_TYPE_DEFAULT, acl);
- if (error)
- goto cleanup;
- }
- error = __posix_acl_create(&acl, GFP_KERNEL, &inode->i_mode);
- if (error < 0)
- return error;
- if (error > 0) {
- /* This is an extended ACL */
- error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl);
- }
- }
-cleanup:
- posix_acl_release(acl);
- return error;
-}
-
-/*
- * Does chmod for an inode that may have an Access Control List. The
- * inode->i_mode field must be updated to the desired value by the caller
- * before calling this function.
- * Returns 0 on success, or a negative error number.
- *
- * We change the ACL rather than storing some ACL entries in the file
- * mode permission bits (which would be more efficient), because that
- * would break once additional permissions (like ACL_APPEND, ACL_DELETE
- * for directories) are added. There are no more bits available in the
- * file mode.
- *
- * inode->i_mutex: down
- */
-int
-ext2_acl_chmod(struct inode *inode)
-{
- struct posix_acl *acl;
-int error;
+ struct posix_acl *default_acl, *acl;
+ int error;
- if (!test_opt(inode->i_sb, POSIX_ACL))
- return 0;
- if (S_ISLNK(inode->i_mode))
- return -EOPNOTSUPP;
- acl = ext2_get_acl(inode, ACL_TYPE_ACCESS);
- if (IS_ERR(acl) || !acl)
- return PTR_ERR(acl);
- error = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
+ error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
if (error)
return error;
- error = ext2_set_acl(inode, ACL_TYPE_ACCESS, acl);
- posix_acl_release(acl);
- return error;
-}
-/*
- * Extended attribut handlers
- */
-static size_t
-ext2_xattr_list_acl_access(struct dentry *dentry, char *list, size_t list_size,
- const char *name, size_t name_len, int type)
-{
- const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS);
-
- if (!test_opt(dentry->d_sb, POSIX_ACL))
- return 0;
- if (list && size <= list_size)
- memcpy(list, POSIX
Re: [Cluster-devel] [PATCH 16/18] gfs2: use generic posix ACL infrastructure
Hi,
On Wed, 2013-12-11 at 02:42 -0800, Christoph Hellwig wrote:
> plain text document attachment
> (0016-gfs2-use-generic-posix-ACL-infrastructure.patch)
> This contains some major refactoring for the create path so that
> inodes are created with the right mode to start with instead of
> fixing it up later.
>
> Signed-off-by: Christoph Hellwig
Acked-by: Steven Whitehouse
A really nice clean up - this is a very useful step forward in
simplifying the create path. Thanks for sorting this out,
Steve.
> ---
> fs/gfs2/acl.c | 234
> +++
> fs/gfs2/acl.h |4 +-
> fs/gfs2/inode.c | 33 ++--
> fs/gfs2/xattr.c |4 +-
> 4 files changed, 62 insertions(+), 213 deletions(-)
>
> diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
> index e82e4ac..ba94566 100644
> --- a/fs/gfs2/acl.c
> +++ b/fs/gfs2/acl.c
> @@ -49,10 +49,6 @@ struct posix_acl *gfs2_get_acl(struct inode *inode, int
> type)
> if (!ip->i_eattr)
> return NULL;
>
> - acl = get_cached_acl(&ip->i_inode, type);
> - if (acl != ACL_NOT_CACHED)
> - return acl;
> -
> name = gfs2_acl_name(type);
> if (name == NULL)
> return ERR_PTR(-EINVAL);
> @@ -80,7 +76,7 @@ static int gfs2_set_mode(struct inode *inode, umode_t mode)
> return error;
> }
>
> -static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
> +int gfs2_set_acl(struct inode *inode, struct posix_acl *acl, int type)
> {
> int error;
> int len;
> @@ -88,219 +84,49 @@ static int gfs2_acl_set(struct inode *inode, int type,
> struct posix_acl *acl)
> const char *name = gfs2_acl_name(type);
>
> BUG_ON(name == NULL);
> - len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
> - if (len == 0)
> - return 0;
> - data = kmalloc(len, GFP_NOFS);
> - if (data == NULL)
> - return -ENOMEM;
> - error = posix_acl_to_xattr(&init_user_ns, acl, data, len);
> - if (error < 0)
> - goto out;
> - error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS);
> - if (!error)
> - set_cached_acl(inode, type, acl);
> -out:
> - kfree(data);
> - return error;
> -}
> -
> -int gfs2_acl_create(struct gfs2_inode *dip, struct inode *inode)
> -{
> - struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
> - struct posix_acl *acl;
> - umode_t mode = inode->i_mode;
> - int error = 0;
> -
> - if (!sdp->sd_args.ar_posix_acl)
> - return 0;
> - if (S_ISLNK(inode->i_mode))
> - return 0;
> -
> - acl = gfs2_get_acl(&dip->i_inode, ACL_TYPE_DEFAULT);
> - if (IS_ERR(acl))
> - return PTR_ERR(acl);
> - if (!acl) {
> - mode &= ~current_umask();
> - return gfs2_set_mode(inode, mode);
> - }
> -
> - if (S_ISDIR(inode->i_mode)) {
> - error = gfs2_acl_set(inode, ACL_TYPE_DEFAULT, acl);
> - if (error)
> - goto out;
> - }
> -
> - error = __posix_acl_create(&acl, GFP_NOFS, &mode);
> - if (error < 0)
> - return error;
>
> - if (error == 0)
> - goto munge;
> -
> - error = gfs2_acl_set(inode, ACL_TYPE_ACCESS, acl);
> - if (error)
> - goto out;
> -munge:
> - error = gfs2_set_mode(inode, mode);
> -out:
> - posix_acl_release(acl);
> - return error;
> -}
> -
> -int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
> -{
> - struct inode *inode = &ip->i_inode;
> - struct posix_acl *acl;
> - char *data;
> - unsigned int len;
> - int error;
> -
> - acl = gfs2_get_acl(&ip->i_inode, ACL_TYPE_ACCESS);
> - if (IS_ERR(acl))
> - return PTR_ERR(acl);
> - if (!acl)
> - return gfs2_setattr_simple(inode, attr);
> -
> - error = __posix_acl_chmod(&acl, GFP_NOFS, attr->ia_mode);
> - if (error)
> - return error;
> -
> - len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
> - data = kmalloc(len, GFP_NOFS);
> - error = -ENOMEM;
> - if (data == NULL)
> - goto out;
> - posix_acl_to_xattr(&init_user_ns, acl, data, len);
> - error = gfs2_xattr_acl_chmod(ip, attr, data);
> - kfree(data);
> - set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl);
> -
> -out:
> - posix_acl_release(acl);
> - return error;
> -}
> -
> -static int gfs2_acl_type(const char *name)
> -{
> - if (strcmp(name, GFS2_POSIX_ACL_ACCESS) == 0)
> - return ACL_TYPE_ACCESS;
> - if (strcmp(name, GFS2_POSIX_ACL_DEFAULT) == 0)
> - return ACL_TYPE_DEFAULT;
> - return -EINVAL;
> -}
> -
> -static int gfs2_xattr_system_get(struct dentry *dentry, const char *name,
> - void *buffer, size_t size, int xtype)
> -{
> - struct inode *inode = dentry->d_inode;
> - struct gfs2_sbd *sdp = GFS2_SB(inode);
> - struct posix_acl *acl;
> - int type
[Cluster-devel] Fwd: some fence_virsh, fene_apc patches for RHEL6 backports
Hello.
Description for suggested patches:
fence_virsh: I believe the uuid support is a good idea, cuz every
spawned VM would have an UUID in its dmidecode, equal to its `virsh
domuuid`. Thus, to fence it, we should not either know the domain name,
nor query libvirt to find it out.
fence_apc: As I can see from my research activities, fence_apc is quite
a vendor specific agent, thus it would require custom options for
command-prompt as well as ssh-options.
--
Best regards,
Bogdan Dobrelya,
Researcher TechLead, Mirantis, Inc.
+38 (066) 051 07 53
Skype bogdando_at_yahoo.com
38, Lenina ave.
Kharkov, Ukraine
www.mirantis.com
www.mirantis.ru
bdobre...@mirantis.com
From d95896825c89085b7d516547406454b7b21ffc17 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya
Date: Tue, 10 Dec 2013 14:32:26 +0200
Subject: [PATCH 1/2] Add uuid support for fence_virsh
Signed-off-by: Bogdan Dobrelya
---
fence/agents/virsh/fence_virsh.py | 89 +
1 file changed, 80 insertions(+), 9 deletions(-)
diff --git a/fence/agents/virsh/fence_virsh.py
b/fence/agents/virsh/fence_virsh.py
index 13099da..80242ab 100644
--- a/fence/agents/virsh/fence_virsh.py
+++ b/fence/agents/virsh/fence_virsh.py
@@ -3,6 +3,7 @@
# The Following Agent Has Been Tested On:
#
# Virsh 0.3.3 on RHEL 5.2 with xen-3.0.3-51
+# Virsh 0.9.13,0.10.2 on Ubuntu 12.10 with qemu-kvm-1.2.0
#
import sys, re, pexpect, exceptions
@@ -13,11 +14,15 @@ from fencing import *
RELEASE_VERSION="Virsh fence agent"
REDHAT_COPYRIGHT=""
BUILD_DATE=""
+UUID_PATTERN=r"^\w{8}-\w{4}-\w{4}-\w{4}-\w{12}$"
+STATE_PATTERN=r"^(\b\w+)\s?(\b\w+)?$"
#END_VERSION_GENERATION
def get_outlets_status(conn, options):
- try:
- conn.sendline("virsh list --all")
+if options.has_key("-n"):
+try:
+#Restrict virsh list by header and by matched domain name only
(if any), assumes it would be unique
+ conn.sendline("virsh list --all|awk
'/Name|%s/'"%(options["-n"]))
conn.log_expect(options, options["-c"], int(options["-Y"]))
except pexpect.EOF:
fail(EC_CONNECTION_LOST)
@@ -38,32 +43,98 @@ def get_outlets_status(conn, options):
elif (fa_status==1):
result[domain.group(2)]=("",(domain.group(3).lower() in
["running","blocked","idle","no state","paused"] and "on" or "off"))
return result
+elif options.has_key("-U"):
+return get_outlets_status_by_uuid(conn, options)
+else: # other cases , f.e. action list
+try:
+conn.sendline("virsh list --all")
+conn.log_expect(options, options["-c"], int(options["-Y"]))
+except pexpect.EOF:
+fail(EC_CONNECTION_LOST)
+except pexpect.TIMEOUT:
+fail(EC_TIMED_OUT)
+
+result={}
+
+#This is status of mini finite automata. 0 = we didn't found Id and
Name, 1 = we did
+fa_status=0
+
+for line in conn.before.splitlines():
+domain=re.search("^\s*(\S+)\s+(\S+)\s+(\S+).*$",line)
+if (domain!=None):
+if ((fa_status==0) and (domain.group(1).lower()=="id")
and (domain.group(2).lower()=="name")):
+fa_status=1
+elif (fa_status==1):
+
result[domain.group(2)]=("",(domain.group(3).lower() in
["running","blocked","idle","no state","paused"] and "on" or "off"))
+return result
+
+#Do the same as get_outlets_status, but using -U option
+def get_outlets_status_by_uuid(conn, options):
+try:
+#Restrict virsh list by matched domain uuid only (if any),
assumes it would be unique
+conn.sendline("virsh list --all --uuid|awk
'/%s/'"%(options["-U"].lower()))
+conn.log_expect(options, options["-c"], int(options["-Y"]))
+except pexpect.EOF:
+fail(EC_CONNECTION_LOST)
+except pexpect.TIMEOUT:
+fail(EC_TIMED_OUT)
+
+result={}
+
+for line in conn.before.splitlines():
+uuid=re.search(UUID_PATTERN,line)
+if (uuid!=None):
+
result[uuid.group().lower()]=("",get_domstate(conn,options,uuid.group().lower()).lower()
in ["running","blocked","idle","no state","paused"] and "on" or "off")
+return result
+
+#Get virsh domstate by uuid
+def get_domstate(conn, options, uuid):
+try:
+conn.sendline("virsh domstate %s"%(uuid))
+conn.log_expect(options, options["-c"], int(options["-Y"]))
+except pexpect.EOF:
+fail(EC_CONNECTION_LOST)
+except pexpect.TIMEOUT:
+fail(EC_TIMED_OUT)
+
+for line in conn.before.splitlines():
+#Search for domain state
+state=re.search(STATE_PATTERN,line)
+if (state!=None):
