xfs: invalidate cached acl if set via ioctl
Setting or removing the "SGI_ACL_[FILE|DEFAULT]" attributes via the XFS_IOC_ATTRMULTI_BY_HANDLE ioctl completely bypasses the POSIX ACL infrastructure, like setting the "trusted.SGI_ACL_[FILE|DEFAULT]" xattrs did until commit 6caa1056. Similar to that commit, invalidate cached acls when setting/removing them via the ioctl as well. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Reviewed-by: Dave Chinner <dchinner@redhat.com> Signed-off-by: Dave Chinner <david@fromorbit.com>
This commit is contained in:
Родитель
09cb22d2a5
Коммит
47e1bf6405
|
@ -36,4 +36,7 @@ static inline struct posix_acl *xfs_get_acl(struct inode *inode, int type)
|
|||
# define posix_acl_access_exists(inode) 0
|
||||
# define posix_acl_default_exists(inode) 0
|
||||
#endif /* CONFIG_XFS_POSIX_ACL */
|
||||
|
||||
extern void xfs_forget_acl(struct inode *inode, const char *name, int xflags);
|
||||
|
||||
#endif /* __XFS_ACL_H__ */
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
#include "xfs_symlink.h"
|
||||
#include "xfs_trans.h"
|
||||
#include "xfs_pnfs.h"
|
||||
#include "xfs_acl.h"
|
||||
|
||||
#include <linux/capability.h>
|
||||
#include <linux/dcache.h>
|
||||
|
@ -494,6 +495,8 @@ xfs_attrmulti_attr_set(
|
|||
return PTR_ERR(kbuf);
|
||||
|
||||
error = xfs_attr_set(XFS_I(inode), name, kbuf, len, flags);
|
||||
if (!error)
|
||||
xfs_forget_acl(inode, name, flags);
|
||||
kfree(kbuf);
|
||||
return error;
|
||||
}
|
||||
|
@ -504,9 +507,14 @@ xfs_attrmulti_attr_remove(
|
|||
unsigned char *name,
|
||||
__uint32_t flags)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
|
||||
return -EPERM;
|
||||
return xfs_attr_remove(XFS_I(inode), name, flags);
|
||||
error = xfs_attr_remove(XFS_I(inode), name, flags);
|
||||
if (!error)
|
||||
xfs_forget_acl(inode, name, flags);
|
||||
return error;
|
||||
}
|
||||
|
||||
STATIC int
|
||||
|
|
|
@ -53,6 +53,28 @@ xfs_xattr_get(struct dentry *dentry, const char *name,
|
|||
return asize;
|
||||
}
|
||||
|
||||
void
|
||||
xfs_forget_acl(
|
||||
struct inode *inode,
|
||||
const char *name,
|
||||
int xflags)
|
||||
{
|
||||
/*
|
||||
* Invalidate any cached ACLs if the user has bypassed the ACL
|
||||
* interface. We don't validate the content whatsoever so it is caller
|
||||
* responsibility to provide data in valid format and ensure i_mode is
|
||||
* consistent.
|
||||
*/
|
||||
if (xflags & ATTR_ROOT) {
|
||||
#ifdef CONFIG_XFS_POSIX_ACL
|
||||
if (!strcmp(name, SGI_ACL_FILE))
|
||||
forget_cached_acl(inode, ACL_TYPE_ACCESS);
|
||||
else if (!strcmp(name, SGI_ACL_DEFAULT))
|
||||
forget_cached_acl(inode, ACL_TYPE_DEFAULT);
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
static int
|
||||
xfs_xattr_set(struct dentry *dentry, const char *name, const void *value,
|
||||
size_t size, int flags, int xflags)
|
||||
|
@ -73,20 +95,8 @@ xfs_xattr_set(struct dentry *dentry, const char *name, const void *value,
|
|||
return xfs_attr_remove(ip, (unsigned char *)name, xflags);
|
||||
error = xfs_attr_set(ip, (unsigned char *)name,
|
||||
(void *)value, size, xflags);
|
||||
/*
|
||||
* Invalidate any cached ACLs if the user has bypassed the ACL
|
||||
* interface. We don't validate the content whatsoever so it is caller
|
||||
* responsibility to provide data in valid format and ensure i_mode is
|
||||
* consistent.
|
||||
*/
|
||||
#ifdef CONFIG_XFS_POSIX_ACL
|
||||
if (!error && (xflags & ATTR_ROOT)) {
|
||||
if (!strcmp(name, SGI_ACL_FILE))
|
||||
forget_cached_acl(VFS_I(ip), ACL_TYPE_ACCESS);
|
||||
else if (!strcmp(name, SGI_ACL_DEFAULT))
|
||||
forget_cached_acl(VFS_I(ip), ACL_TYPE_DEFAULT);
|
||||
}
|
||||
#endif
|
||||
if (!error)
|
||||
xfs_forget_acl(d_inode(dentry), name, xflags);
|
||||
|
||||
return error;
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче