Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (34 commits) nfsd race fixes: jfs nfsd race fixes: reiserfs nfsd race fixes: ext4 nfsd race fixes: ext3 nfsd race fixes: ext2 nfsd/create race fixes, infrastructure filesystem notification: create fs/notify to contain all fs notification fs/block_dev.c: __read_mostly improvement and sb_is_blkdev_sb utilization kill ->dir_notify() filp_cachep can be static in fs/file_table.c fix f_count description in Documentation/filesystems/files.txt make INIT_FS use the __RW_LOCK_UNLOCKED initialization take init_fs to saner place kill vfs_permission pass a struct path * to may_open kill walk_init_root remove incorrect comment in inode_permission expand some comments (d_path / seq_path) correct wrong function name of d_put in kernel document and source comment fix switch_names() breakage in short-to-short case ...
This commit is contained in:
Linus Torvalds
@@ -75,14 +75,22 @@ full_name_hash(const unsigned char *name, unsigned int len)
|
||||
return end_name_hash(hash);
|
||||
}
|
||||
|
||||
struct dcookie_struct;
|
||||
|
||||
#define DNAME_INLINE_LEN_MIN 36
|
||||
/*
|
||||
* Try to keep struct dentry aligned on 64 byte cachelines (this will
|
||||
* give reasonable cacheline footprint with larger lines without the
|
||||
* large memory footprint increase).
|
||||
*/
|
||||
#ifdef CONFIG_64BIT
|
||||
#define DNAME_INLINE_LEN_MIN 32 /* 192 bytes */
|
||||
#else
|
||||
#define DNAME_INLINE_LEN_MIN 40 /* 128 bytes */
|
||||
#endif
|
||||
|
||||
struct dentry {
|
||||
atomic_t d_count;
|
||||
unsigned int d_flags; /* protected by d_lock */
|
||||
spinlock_t d_lock; /* per dentry lock */
|
||||
int d_mounted;
|
||||
struct inode *d_inode; /* Where the name belongs to - NULL is
|
||||
* negative */
|
||||
/*
|
||||
@@ -107,10 +115,7 @@ struct dentry {
|
||||
struct dentry_operations *d_op;
|
||||
struct super_block *d_sb; /* The root of the dentry tree */
|
||||
void *d_fsdata; /* fs-specific data */
|
||||
#ifdef CONFIG_PROFILING
|
||||
struct dcookie_struct *d_cookie; /* cookie, if any */
|
||||
#endif
|
||||
int d_mounted;
|
||||
|
||||
unsigned char d_iname[DNAME_INLINE_LEN_MIN]; /* small names */
|
||||
};
|
||||
|
||||
@@ -177,6 +182,8 @@ d_iput: no no no yes
|
||||
|
||||
#define DCACHE_INOTIFY_PARENT_WATCHED 0x0020 /* Parent inode is watched */
|
||||
|
||||
#define DCACHE_COOKIE 0x0040 /* For use by dcookie subsystem */
|
||||
|
||||
extern spinlock_t dcache_lock;
|
||||
extern seqlock_t rename_lock;
|
||||
|
||||
|
||||
@@ -57,8 +57,6 @@ struct files_struct {
|
||||
|
||||
#define files_fdtable(files) (rcu_dereference((files)->fdt))
|
||||
|
||||
extern struct kmem_cache *filp_cachep;
|
||||
|
||||
struct file_operations;
|
||||
struct vfsmount;
|
||||
struct dentry;
|
||||
|
||||
@@ -21,7 +21,6 @@
|
||||
|
||||
/* Fixed constants first: */
|
||||
#undef NR_OPEN
|
||||
extern int sysctl_nr_open;
|
||||
#define INR_OPEN 1024 /* Initial setting for nfile rlimits */
|
||||
|
||||
#define BLOCK_SIZE_BITS 10
|
||||
@@ -38,21 +37,13 @@ struct files_stat_struct {
|
||||
int nr_free_files; /* read only */
|
||||
int max_files; /* tunable */
|
||||
};
|
||||
extern struct files_stat_struct files_stat;
|
||||
extern int get_max_files(void);
|
||||
|
||||
struct inodes_stat_t {
|
||||
int nr_inodes;
|
||||
int nr_unused;
|
||||
int dummy[5]; /* padding for sysctl ABI compatibility */
|
||||
};
|
||||
extern struct inodes_stat_t inodes_stat;
|
||||
|
||||
extern int leases_enable, lease_break_time;
|
||||
|
||||
#ifdef CONFIG_DNOTIFY
|
||||
extern int dir_notify_enable;
|
||||
#endif
|
||||
|
||||
#define NR_FILE 8192 /* this can well be larger on a larger system */
|
||||
|
||||
@@ -330,6 +321,15 @@ extern void __init inode_init(void);
|
||||
extern void __init inode_init_early(void);
|
||||
extern void __init files_init(unsigned long);
|
||||
|
||||
extern struct files_stat_struct files_stat;
|
||||
extern int get_max_files(void);
|
||||
extern int sysctl_nr_open;
|
||||
extern struct inodes_stat_t inodes_stat;
|
||||
extern int leases_enable, lease_break_time;
|
||||
#ifdef CONFIG_DNOTIFY
|
||||
extern int dir_notify_enable;
|
||||
#endif
|
||||
|
||||
struct buffer_head;
|
||||
typedef int (get_block_t)(struct inode *inode, sector_t iblock,
|
||||
struct buffer_head *bh_result, int create);
|
||||
@@ -1212,7 +1212,6 @@ extern void unlock_super(struct super_block *);
|
||||
/*
|
||||
* VFS helper functions..
|
||||
*/
|
||||
extern int vfs_permission(struct nameidata *, int);
|
||||
extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
|
||||
extern int vfs_mkdir(struct inode *, struct dentry *, int);
|
||||
extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
|
||||
@@ -1310,7 +1309,6 @@ struct file_operations {
|
||||
ssize_t (*sendpage) (struct file *, struct page *, int, size_t, loff_t *, int);
|
||||
unsigned long (*get_unmapped_area)(struct file *, unsigned long, unsigned long, unsigned long, unsigned long);
|
||||
int (*check_flags)(int);
|
||||
int (*dir_notify)(struct file *filp, unsigned long arg);
|
||||
int (*flock) (struct file *, int, struct file_lock *);
|
||||
ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, loff_t *, size_t, unsigned int);
|
||||
ssize_t (*splice_read)(struct file *, loff_t *, struct pipe_inode_info *, size_t, unsigned int);
|
||||
@@ -1869,7 +1867,7 @@ extern void free_write_pipe(struct file *);
|
||||
|
||||
extern struct file *do_filp_open(int dfd, const char *pathname,
|
||||
int open_flag, int mode);
|
||||
extern int may_open(struct nameidata *, int, int);
|
||||
extern int may_open(struct path *, int, int);
|
||||
|
||||
extern int kernel_read(struct file *, unsigned long, char *, unsigned long);
|
||||
extern struct file * open_exec(const char *);
|
||||
@@ -1904,6 +1902,8 @@ extern struct inode *ilookup(struct super_block *sb, unsigned long ino);
|
||||
|
||||
extern struct inode * iget5_locked(struct super_block *, unsigned long, int (*test)(struct inode *, void *), int (*set)(struct inode *, void *), void *);
|
||||
extern struct inode * iget_locked(struct super_block *, unsigned long);
|
||||
extern int insert_inode_locked4(struct inode *, unsigned long, int (*test)(struct inode *, void *), void *);
|
||||
extern int insert_inode_locked(struct inode *);
|
||||
extern void unlock_new_inode(struct inode *);
|
||||
|
||||
extern void __iget(struct inode * inode);
|
||||
|
||||
@@ -10,12 +10,6 @@ struct fs_struct {
|
||||
struct path root, pwd;
|
||||
};
|
||||
|
||||
#define INIT_FS { \
|
||||
.count = ATOMIC_INIT(1), \
|
||||
.lock = RW_LOCK_UNLOCKED, \
|
||||
.umask = 0022, \
|
||||
}
|
||||
|
||||
extern struct kmem_cache *fs_cachep;
|
||||
|
||||
extern void exit_fs(struct task_struct *);
|
||||
|
||||
@@ -12,6 +12,7 @@
|
||||
#include <net/net_namespace.h>
|
||||
|
||||
extern struct files_struct init_files;
|
||||
extern struct fs_struct init_fs;
|
||||
|
||||
#define INIT_KIOCTX(name, which_mm) \
|
||||
{ \
|
||||
|
||||
@@ -94,4 +94,9 @@ static inline char *nd_get_link(struct nameidata *nd)
|
||||
return nd->saved_names[nd->depth];
|
||||
}
|
||||
|
||||
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
|
||||
{
|
||||
((char *) name)[min(len, maxlen)] = '\0';
|
||||
}
|
||||
|
||||
#endif /* _LINUX_NAMEI_H */
|
||||
|
||||
@@ -335,17 +335,37 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @dir contains the inode structure of the parent directory of the new link.
|
||||
* @new_dentry contains the dentry structure for the new link.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_link:
|
||||
* Check permission before creating a new hard link to a file.
|
||||
* @old_dentry contains the dentry structure for an existing link
|
||||
* to the file.
|
||||
* @new_dir contains the path structure of the parent directory of
|
||||
* the new link.
|
||||
* @new_dentry contains the dentry structure for the new link.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_unlink:
|
||||
* Check the permission to remove a hard link to a file.
|
||||
* @dir contains the inode structure of parent directory of the file.
|
||||
* @dentry contains the dentry structure for file to be unlinked.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_unlink:
|
||||
* Check the permission to remove a hard link to a file.
|
||||
* @dir contains the path structure of parent directory of the file.
|
||||
* @dentry contains the dentry structure for file to be unlinked.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_symlink:
|
||||
* Check the permission to create a symbolic link to a file.
|
||||
* @dir contains the inode structure of parent directory of the symbolic link.
|
||||
* @dentry contains the dentry structure of the symbolic link.
|
||||
* @old_name contains the pathname of file.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_symlink:
|
||||
* Check the permission to create a symbolic link to a file.
|
||||
* @dir contains the path structure of parent directory of
|
||||
* the symbolic link.
|
||||
* @dentry contains the dentry structure of the symbolic link.
|
||||
* @old_name contains the pathname of file.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_mkdir:
|
||||
* Check permissions to create a new directory in the existing directory
|
||||
* associated with inode strcture @dir.
|
||||
@@ -353,11 +373,25 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @dentry contains the dentry structure of new directory.
|
||||
* @mode contains the mode of new directory.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_mkdir:
|
||||
* Check permissions to create a new directory in the existing directory
|
||||
* associated with path strcture @path.
|
||||
* @dir containst the path structure of parent of the directory
|
||||
* to be created.
|
||||
* @dentry contains the dentry structure of new directory.
|
||||
* @mode contains the mode of new directory.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_rmdir:
|
||||
* Check the permission to remove a directory.
|
||||
* @dir contains the inode structure of parent of the directory to be removed.
|
||||
* @dentry contains the dentry structure of directory to be removed.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_rmdir:
|
||||
* Check the permission to remove a directory.
|
||||
* @dir contains the path structure of parent of the directory to be
|
||||
* removed.
|
||||
* @dentry contains the dentry structure of directory to be removed.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_mknod:
|
||||
* Check permissions when creating a special file (or a socket or a fifo
|
||||
* file created via the mknod system call). Note that if mknod operation
|
||||
@@ -368,6 +402,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @mode contains the mode of the new file.
|
||||
* @dev contains the device number.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_mknod:
|
||||
* Check permissions when creating a file. Note that this hook is called
|
||||
* even if mknod operation is being done for a regular file.
|
||||
* @dir contains the path structure of parent of the new file.
|
||||
* @dentry contains the dentry structure of the new file.
|
||||
* @mode contains the mode of the new file.
|
||||
* @dev contains the undecoded device number. Use new_decode_dev() to get
|
||||
* the decoded device number.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_rename:
|
||||
* Check for permission to rename a file or directory.
|
||||
* @old_dir contains the inode structure for parent of the old link.
|
||||
@@ -375,6 +418,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @new_dir contains the inode structure for parent of the new link.
|
||||
* @new_dentry contains the dentry structure of the new link.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_rename:
|
||||
* Check for permission to rename a file or directory.
|
||||
* @old_dir contains the path structure for parent of the old link.
|
||||
* @old_dentry contains the dentry structure of the old link.
|
||||
* @new_dir contains the path structure for parent of the new link.
|
||||
* @new_dentry contains the dentry structure of the new link.
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_readlink:
|
||||
* Check the permission to read the symbolic link.
|
||||
* @dentry contains the dentry structure for the file link.
|
||||
@@ -403,6 +453,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @dentry contains the dentry structure for the file.
|
||||
* @attr is the iattr structure containing the new file attributes.
|
||||
* Return 0 if permission is granted.
|
||||
* @path_truncate:
|
||||
* Check permission before truncating a file.
|
||||
* @path contains the path structure for the file.
|
||||
* @length is the new length of the file.
|
||||
* @time_attrs is the flags passed to do_truncate().
|
||||
* Return 0 if permission is granted.
|
||||
* @inode_getattr:
|
||||
* Check permission before obtaining file attributes.
|
||||
* @mnt is the vfsmount where the dentry was looked up
|
||||
@@ -1331,6 +1387,22 @@ struct security_operations {
|
||||
struct super_block *newsb);
|
||||
int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts);
|
||||
|
||||
#ifdef CONFIG_SECURITY_PATH
|
||||
int (*path_unlink) (struct path *dir, struct dentry *dentry);
|
||||
int (*path_mkdir) (struct path *dir, struct dentry *dentry, int mode);
|
||||
int (*path_rmdir) (struct path *dir, struct dentry *dentry);
|
||||
int (*path_mknod) (struct path *dir, struct dentry *dentry, int mode,
|
||||
unsigned int dev);
|
||||
int (*path_truncate) (struct path *path, loff_t length,
|
||||
unsigned int time_attrs);
|
||||
int (*path_symlink) (struct path *dir, struct dentry *dentry,
|
||||
const char *old_name);
|
||||
int (*path_link) (struct dentry *old_dentry, struct path *new_dir,
|
||||
struct dentry *new_dentry);
|
||||
int (*path_rename) (struct path *old_dir, struct dentry *old_dentry,
|
||||
struct path *new_dir, struct dentry *new_dentry);
|
||||
#endif
|
||||
|
||||
int (*inode_alloc_security) (struct inode *inode);
|
||||
void (*inode_free_security) (struct inode *inode);
|
||||
int (*inode_init_security) (struct inode *inode, struct inode *dir,
|
||||
@@ -2705,6 +2777,71 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
|
||||
|
||||
#endif /* CONFIG_SECURITY_NETWORK_XFRM */
|
||||
|
||||
#ifdef CONFIG_SECURITY_PATH
|
||||
int security_path_unlink(struct path *dir, struct dentry *dentry);
|
||||
int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode);
|
||||
int security_path_rmdir(struct path *dir, struct dentry *dentry);
|
||||
int security_path_mknod(struct path *dir, struct dentry *dentry, int mode,
|
||||
unsigned int dev);
|
||||
int security_path_truncate(struct path *path, loff_t length,
|
||||
unsigned int time_attrs);
|
||||
int security_path_symlink(struct path *dir, struct dentry *dentry,
|
||||
const char *old_name);
|
||||
int security_path_link(struct dentry *old_dentry, struct path *new_dir,
|
||||
struct dentry *new_dentry);
|
||||
int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
|
||||
struct path *new_dir, struct dentry *new_dentry);
|
||||
#else /* CONFIG_SECURITY_PATH */
|
||||
static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_mkdir(struct path *dir, struct dentry *dentry,
|
||||
int mode)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_rmdir(struct path *dir, struct dentry *dentry)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_mknod(struct path *dir, struct dentry *dentry,
|
||||
int mode, unsigned int dev)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_truncate(struct path *path, loff_t length,
|
||||
unsigned int time_attrs)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_symlink(struct path *dir, struct dentry *dentry,
|
||||
const char *old_name)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_link(struct dentry *old_dentry,
|
||||
struct path *new_dir,
|
||||
struct dentry *new_dentry)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_path_rename(struct path *old_dir,
|
||||
struct dentry *old_dentry,
|
||||
struct path *new_dir,
|
||||
struct dentry *new_dentry)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
#endif /* CONFIG_SECURITY_PATH */
|
||||
|
||||
#ifdef CONFIG_KEYS
|
||||
#ifdef CONFIG_SECURITY
|
||||
|
||||
|
||||
Reference in New Issue
Block a user