feaa7bba02
This patch fixes the way we have been dealing with unlinked, but still open files. It removes all limits (other than memory for inodes, as per every other filesystem) on numbers of these which we can support on GFS2. It also means that (like other fs) its the responsibility of the last process to close the file to deallocate the storage, rather than the person who did the unlinking. Note that with GFS2, those two events might take place on different nodes. Also there are a number of other changes: o We use the Linux inode subsystem as it was intended to be used, wrt allocating GFS2 inodes o The Linux inode cache is now the point which we use for local enforcement of only holding one copy of the inode in core at once (previous to this we used the glock layer). o We no longer use the unlinked "special" file. We just ignore it completely. This makes unlinking more efficient. o We now use the 4th block allocation state. The previously unused state is used to track unlinked but still open inodes. o gfs2_inoded is no longer needed o Several fields are now no longer needed (and removed) from the in core struct gfs2_inode o Several fields are no longer needed (and removed) from the in core superblock There are a number of future possible optimisations and clean ups which have been made possible by this patch. Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
315 lines
6.4 KiB
C
315 lines
6.4 KiB
C
/*
|
|
* Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
|
|
* Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved.
|
|
*
|
|
* This copyrighted material is made available to anyone wishing to use,
|
|
* modify, copy, or redistribute it subject to the terms and conditions
|
|
* of the GNU General Public License v.2.
|
|
*/
|
|
|
|
#include <linux/sched.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/spinlock.h>
|
|
#include <linux/completion.h>
|
|
#include <linux/buffer_head.h>
|
|
#include <linux/posix_acl.h>
|
|
#include <linux/posix_acl_xattr.h>
|
|
#include <linux/gfs2_ondisk.h>
|
|
|
|
#include "gfs2.h"
|
|
#include "lm_interface.h"
|
|
#include "incore.h"
|
|
#include "acl.h"
|
|
#include "eaops.h"
|
|
#include "eattr.h"
|
|
#include "glock.h"
|
|
#include "inode.h"
|
|
#include "meta_io.h"
|
|
#include "trans.h"
|
|
#include "util.h"
|
|
|
|
#define ACL_ACCESS 1
|
|
#define ACL_DEFAULT 0
|
|
|
|
int gfs2_acl_validate_set(struct gfs2_inode *ip, int access,
|
|
struct gfs2_ea_request *er,
|
|
int *remove, mode_t *mode)
|
|
{
|
|
struct posix_acl *acl;
|
|
int error;
|
|
|
|
error = gfs2_acl_validate_remove(ip, access);
|
|
if (error)
|
|
return error;
|
|
|
|
if (!er->er_data)
|
|
return -EINVAL;
|
|
|
|
acl = posix_acl_from_xattr(er->er_data, er->er_data_len);
|
|
if (IS_ERR(acl))
|
|
return PTR_ERR(acl);
|
|
if (!acl) {
|
|
*remove = 1;
|
|
return 0;
|
|
}
|
|
|
|
error = posix_acl_valid(acl);
|
|
if (error)
|
|
goto out;
|
|
|
|
if (access) {
|
|
error = posix_acl_equiv_mode(acl, mode);
|
|
if (!error)
|
|
*remove = 1;
|
|
else if (error > 0)
|
|
error = 0;
|
|
}
|
|
|
|
out:
|
|
posix_acl_release(acl);
|
|
|
|
return error;
|
|
}
|
|
|
|
int gfs2_acl_validate_remove(struct gfs2_inode *ip, int access)
|
|
{
|
|
if (!GFS2_SB(&ip->i_inode)->sd_args.ar_posix_acl)
|
|
return -EOPNOTSUPP;
|
|
if (current->fsuid != ip->i_di.di_uid && !capable(CAP_FOWNER))
|
|
return -EPERM;
|
|
if (S_ISLNK(ip->i_di.di_mode))
|
|
return -EOPNOTSUPP;
|
|
if (!access && !S_ISDIR(ip->i_di.di_mode))
|
|
return -EACCES;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int acl_get(struct gfs2_inode *ip, int access, struct posix_acl **acl,
|
|
struct gfs2_ea_location *el, char **data, unsigned int *len)
|
|
{
|
|
struct gfs2_ea_request er;
|
|
struct gfs2_ea_location el_this;
|
|
int error;
|
|
|
|
if (!ip->i_di.di_eattr)
|
|
return 0;
|
|
|
|
memset(&er, 0, sizeof(struct gfs2_ea_request));
|
|
if (access) {
|
|
er.er_name = GFS2_POSIX_ACL_ACCESS;
|
|
er.er_name_len = GFS2_POSIX_ACL_ACCESS_LEN;
|
|
} else {
|
|
er.er_name = GFS2_POSIX_ACL_DEFAULT;
|
|
er.er_name_len = GFS2_POSIX_ACL_DEFAULT_LEN;
|
|
}
|
|
er.er_type = GFS2_EATYPE_SYS;
|
|
|
|
if (!el)
|
|
el = &el_this;
|
|
|
|
error = gfs2_ea_find(ip, &er, el);
|
|
if (error)
|
|
return error;
|
|
if (!el->el_ea)
|
|
return 0;
|
|
if (!GFS2_EA_DATA_LEN(el->el_ea))
|
|
goto out;
|
|
|
|
er.er_data_len = GFS2_EA_DATA_LEN(el->el_ea);
|
|
er.er_data = kmalloc(er.er_data_len, GFP_KERNEL);
|
|
error = -ENOMEM;
|
|
if (!er.er_data)
|
|
goto out;
|
|
|
|
error = gfs2_ea_get_copy(ip, el, er.er_data);
|
|
if (error)
|
|
goto out_kfree;
|
|
|
|
if (acl) {
|
|
*acl = posix_acl_from_xattr(er.er_data, er.er_data_len);
|
|
if (IS_ERR(*acl))
|
|
error = PTR_ERR(*acl);
|
|
}
|
|
|
|
out_kfree:
|
|
if (error || !data)
|
|
kfree(er.er_data);
|
|
else {
|
|
*data = er.er_data;
|
|
*len = er.er_data_len;
|
|
}
|
|
|
|
out:
|
|
if (error || el == &el_this)
|
|
brelse(el->el_bh);
|
|
|
|
return error;
|
|
}
|
|
|
|
/**
|
|
* gfs2_check_acl_locked - Check an ACL to see if we're allowed to do something
|
|
* @inode: the file we want to do something to
|
|
* @mask: what we want to do
|
|
*
|
|
* Returns: errno
|
|
*/
|
|
|
|
int gfs2_check_acl_locked(struct inode *inode, int mask)
|
|
{
|
|
struct posix_acl *acl = NULL;
|
|
int error;
|
|
|
|
error = acl_get(GFS2_I(inode), ACL_ACCESS, &acl, NULL, NULL, NULL);
|
|
if (error)
|
|
return error;
|
|
|
|
if (acl) {
|
|
error = posix_acl_permission(inode, acl, mask);
|
|
posix_acl_release(acl);
|
|
return error;
|
|
}
|
|
|
|
return -EAGAIN;
|
|
}
|
|
|
|
int gfs2_check_acl(struct inode *inode, int mask)
|
|
{
|
|
struct gfs2_inode *ip = GFS2_I(inode);
|
|
struct gfs2_holder i_gh;
|
|
int error;
|
|
|
|
error = gfs2_glock_nq_init(ip->i_gl,
|
|
LM_ST_SHARED, LM_FLAG_ANY,
|
|
&i_gh);
|
|
if (!error) {
|
|
error = gfs2_check_acl_locked(inode, mask);
|
|
gfs2_glock_dq_uninit(&i_gh);
|
|
}
|
|
|
|
return error;
|
|
}
|
|
|
|
static int munge_mode(struct gfs2_inode *ip, mode_t mode)
|
|
{
|
|
struct gfs2_sbd *sdp = GFS2_SB(&ip->i_inode);
|
|
struct buffer_head *dibh;
|
|
int error;
|
|
|
|
error = gfs2_trans_begin(sdp, RES_DINODE, 0);
|
|
if (error)
|
|
return error;
|
|
|
|
error = gfs2_meta_inode_buffer(ip, &dibh);
|
|
if (!error) {
|
|
gfs2_assert_withdraw(sdp,
|
|
(ip->i_di.di_mode & S_IFMT) == (mode & S_IFMT));
|
|
ip->i_di.di_mode = mode;
|
|
gfs2_trans_add_bh(ip->i_gl, dibh, 1);
|
|
gfs2_dinode_out(&ip->i_di, dibh->b_data);
|
|
brelse(dibh);
|
|
}
|
|
|
|
gfs2_trans_end(sdp);
|
|
|
|
return 0;
|
|
}
|
|
|
|
int gfs2_acl_create(struct gfs2_inode *dip, struct gfs2_inode *ip)
|
|
{
|
|
struct gfs2_sbd *sdp = GFS2_SB(&dip->i_inode);
|
|
struct posix_acl *acl = NULL, *clone;
|
|
struct gfs2_ea_request er;
|
|
mode_t mode = ip->i_di.di_mode;
|
|
int error;
|
|
|
|
if (!sdp->sd_args.ar_posix_acl)
|
|
return 0;
|
|
if (S_ISLNK(ip->i_di.di_mode))
|
|
return 0;
|
|
|
|
memset(&er, 0, sizeof(struct gfs2_ea_request));
|
|
er.er_type = GFS2_EATYPE_SYS;
|
|
|
|
error = acl_get(dip, ACL_DEFAULT, &acl, NULL,
|
|
&er.er_data, &er.er_data_len);
|
|
if (error)
|
|
return error;
|
|
if (!acl) {
|
|
mode &= ~current->fs->umask;
|
|
if (mode != ip->i_di.di_mode)
|
|
error = munge_mode(ip, mode);
|
|
return error;
|
|
}
|
|
|
|
clone = posix_acl_clone(acl, GFP_KERNEL);
|
|
error = -ENOMEM;
|
|
if (!clone)
|
|
goto out;
|
|
posix_acl_release(acl);
|
|
acl = clone;
|
|
|
|
if (S_ISDIR(ip->i_di.di_mode)) {
|
|
er.er_name = GFS2_POSIX_ACL_DEFAULT;
|
|
er.er_name_len = GFS2_POSIX_ACL_DEFAULT_LEN;
|
|
error = gfs2_system_eaops.eo_set(ip, &er);
|
|
if (error)
|
|
goto out;
|
|
}
|
|
|
|
error = posix_acl_create_masq(acl, &mode);
|
|
if (error < 0)
|
|
goto out;
|
|
if (error > 0) {
|
|
er.er_name = GFS2_POSIX_ACL_ACCESS;
|
|
er.er_name_len = GFS2_POSIX_ACL_ACCESS_LEN;
|
|
posix_acl_to_xattr(acl, er.er_data, er.er_data_len);
|
|
er.er_mode = mode;
|
|
er.er_flags = GFS2_ERF_MODE;
|
|
error = gfs2_system_eaops.eo_set(ip, &er);
|
|
if (error)
|
|
goto out;
|
|
} else
|
|
munge_mode(ip, mode);
|
|
|
|
out:
|
|
posix_acl_release(acl);
|
|
kfree(er.er_data);
|
|
return error;
|
|
}
|
|
|
|
int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
|
|
{
|
|
struct posix_acl *acl = NULL, *clone;
|
|
struct gfs2_ea_location el;
|
|
char *data;
|
|
unsigned int len;
|
|
int error;
|
|
|
|
error = acl_get(ip, ACL_ACCESS, &acl, &el, &data, &len);
|
|
if (error)
|
|
return error;
|
|
if (!acl)
|
|
return gfs2_setattr_simple(ip, attr);
|
|
|
|
clone = posix_acl_clone(acl, GFP_KERNEL);
|
|
error = -ENOMEM;
|
|
if (!clone)
|
|
goto out;
|
|
posix_acl_release(acl);
|
|
acl = clone;
|
|
|
|
error = posix_acl_chmod_masq(acl, attr->ia_mode);
|
|
if (!error) {
|
|
posix_acl_to_xattr(acl, data, len);
|
|
error = gfs2_ea_acl_chmod(ip, &el, attr, data);
|
|
}
|
|
|
|
out:
|
|
posix_acl_release(acl);
|
|
brelse(el.el_bh);
|
|
kfree(data);
|
|
|
|
return error;
|
|
}
|
|
|