1. 17 10月, 2007 6 次提交
  2. 20 7月, 2007 3 次提交
  3. 18 7月, 2007 1 次提交
    • S
      Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check · 3bd858ab
      Satyam Sharma 提交于
      Introduce is_owner_or_cap() macro in fs.h, and convert over relevant
      users to it. This is done because we want to avoid bugs in the future
      where we check for only effective fsuid of the current task against a
      file's owning uid, without simultaneously checking for CAP_FOWNER as
      well, thus violating its semantics.
      [ XFS uses special macros and structures, and in general looked ...
      untouchable, so we leave it alone -- but it has been looked over. ]
      
      The (current->fsuid != inode->i_uid) check in generic_permission() and
      exec_permission_lite() is left alone, because those operations are
      covered by CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH. Similarly operations
      falling under the purview of CAP_CHOWN and CAP_LEASE are also left alone.
      Signed-off-by: NSatyam Sharma <ssatyam@cse.iitk.ac.in>
      Cc: Al Viro <viro@ftp.linux.org.uk>
      Acked-by: NSerge E. Hallyn <serge@hallyn.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3bd858ab
  4. 11 5月, 2007 1 次提交
  5. 10 5月, 2007 2 次提交
  6. 09 5月, 2007 2 次提交
  7. 08 5月, 2007 1 次提交
  8. 28 4月, 2007 1 次提交
  9. 17 2月, 2007 1 次提交
  10. 13 2月, 2007 1 次提交
  11. 09 12月, 2006 2 次提交
  12. 08 12月, 2006 2 次提交
  13. 01 10月, 2006 2 次提交
  14. 30 9月, 2006 1 次提交
  15. 27 9月, 2006 1 次提交
    • I
      [PATCH] autofs4 needs to force fail return revalidate · bcdc5e01
      Ian Kent 提交于
      For a long time now I have had a problem with not being able to return a
      lookup failure on an existsing directory.  In autofs this corresponds to a
      mount failure on a autofs managed mount entry that is browsable (and so the
      mount point directory exists).
      
      While this problem has been present for a long time I've avoided resolving
      it because it was not very visible.  But now that autofs v5 has "mount and
      expire on demand" of nested multiple mounts, such as is found when mounting
      an export list from a server, solving the problem cannot be avoided any
      longer.
      
      I've tried very hard to find a way to do this entirely within the autofs4
      module but have not been able to find a satisfactory way to achieve it.
      
      So, I need to propose a change to the VFS.
      Signed-off-by: NIan Kent <raven@themaw.net>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      bcdc5e01
  16. 25 9月, 2006 1 次提交
  17. 25 8月, 2006 2 次提交
    • T
      VFS: Fix access("file", X_OK) in the presence of ACLs · a343bb77
      Trond Myklebust 提交于
      Currently, the access() call will return incorrect information on NFS if
      there exists an ACL that grants execute access to the user on a regular
      file. The reason the information is incorrect is that the VFS overrides
      this execute access in open_exec() by checking (inode->i_mode & 0111).
      
      This patch propagates the VFS execute bit check back into the generic
      permission() call.
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      (cherry picked from 64cbae98848c4c99851cb0a405f0b4982cd76c1e commit)
      a343bb77
    • A
      VFS: add lookup hint for network file systems · a634904a
      ASANO Masahiro 提交于
      I'm trying to speeding up mkdir(2) for network file systems.  A typical
      mkdir(2) calls two inode_operations: lookup and mkdir.  The lookup
      operation would fail with ENOENT in common case.  I think it is unnecessary
      because the subsequent mkdir operation can check it.  In case of creat(2),
      lookup operation is called with the LOOKUP_CREATE flag, so individual
      filesystem can omit real lookup.  e.g.  nfs_lookup().
      
      Here is a sample patch which uses LOOKUP_CREATE and O_EXCL on mkdir,
      symlink and mknod.  This uses the gadget for creat(2).
      
      And here is the result of a benchmark on NFSv3.
        mkdir(2) 10,000 times:
          original  50.5 sec
          patched   29.0 sec
      Signed-off-by: NASANO Masahiro <masano@tnes.nec.co.jp>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      (cherry picked from fab7bf44449b29f9d5572a5dd8adcf7c91d5bf0f commit)
      a634904a
  18. 03 8月, 2006 3 次提交
  19. 15 7月, 2006 1 次提交
    • K
      [PATCH] struct file leakage · de459215
      Kirill Korotaev 提交于
      2.6.16 leaks like hell. While testing, I found massive leakage
      (reproduced in openvz) in:
      
      *filp
      *size-4096
      
      And 1 object leaks in
      *size-32
      *size-64
      *size-128
      
      It is the fix for the first one.  filp leaks in the bowels of namei.c.
      
      Seems, size-4096 is file table leaking in expand_fdtables.
      
      I have no idea what are the rest and why they show only accompanying
      another leaks.  Some debugging structs?
      
      [akpm@osdl.org, Trond: remove the IS_ERR() check]
      Signed-off-by: NAlexey Kuznetsov <kuznet@ms2.inr.ac.ru>
      Cc: Kirill Korotaev <dev@openvz.org>
      Cc: <stable@kernel.org>
      Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      de459215
  20. 04 7月, 2006 1 次提交
  21. 26 6月, 2006 1 次提交
    • U
      [PATCH] Implement AT_SYMLINK_FOLLOW flag for linkat · 45c9b11a
      Ulrich Drepper 提交于
      When the linkat() syscall was added the flag parameter was added in the
      last minute but it wasn't used so far.  The following patch should change
      that.  My tests show that this is all that's needed.
      
      If OLDNAME is a symlink setting the flag causes linkat to follow the
      symlink and create a hardlink with the target.  This is actually the
      behavior POSIX demands for link() as well but Linux wisely does not do
      this.  With this flag (which will most likely be in the next POSIX
      revision) the programmer can choose the behavior, defaulting to the safe
      variant.  As a side effect it is now possible to implement a
      POSIX-compliant link(2) function for those who are interested.
      
        touch file
        ln -s file symlink
      
        linkat(fd, "symlink", fd, "newlink", 0)
          -> newlink is hardlink of symlink
      
        linkat(fd, "symlink", fd, "newlink", AT_SYMLINK_FOLLOW)
          -> newlink is hardlink of file
      
      The value of AT_SYMLINK_FOLLOW is determined by the definition we already
      use in glibc.
      Signed-off-by: NUlrich Drepper <drepper@redhat.com>
      Acked-by: NAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      45c9b11a
  22. 23 6月, 2006 1 次提交
  23. 20 6月, 2006 1 次提交
    • A
      [PATCH] log more info for directory entry change events · 9c937dcc
      Amy Griffis 提交于
      When an audit event involves changes to a directory entry, include
      a PATH record for the directory itself.  A few other notable changes:
      
          - fixed audit_inode_child() hooks in fsnotify_move()
          - removed unused flags arg from audit_inode()
          - added audit log routines for logging a portion of a string
      
      Here's some sample output.
      
      before patch:
      type=SYSCALL msg=audit(1149821605.320:26): arch=40000003 syscall=39 success=yes exit=0 a0=bf8d3c7c a1=1ff a2=804e1b8 a3=bf8d3c7c items=1 ppid=739 pid=800 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
      type=CWD msg=audit(1149821605.320:26):  cwd="/root"
      type=PATH msg=audit(1149821605.320:26): item=0 name="foo" parent=164068 inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0
      
      after patch:
      type=SYSCALL msg=audit(1149822032.332:24): arch=40000003 syscall=39 success=yes exit=0 a0=bfdd9c7c a1=1ff a2=804e1b8 a3=bfdd9c7c items=2 ppid=714 pid=777 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
      type=CWD msg=audit(1149822032.332:24):  cwd="/root"
      type=PATH msg=audit(1149822032.332:24): item=0 name="/root" inode=164068 dev=03:00 mode=040750 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t:s0
      type=PATH msg=audit(1149822032.332:24): item=1 name="foo" inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0
      Signed-off-by: NAmy Griffis <amy.griffis@hp.com>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      9c937dcc
  24. 06 6月, 2006 1 次提交
  25. 01 4月, 2006 1 次提交