[PATCH 2/3] ceph: rename struct ceph_acls_info to ceph_acl_sec_ctx

Jeff Layton jlayton at kernel.org
Thu Sep 6 15:14:29 UTC 2018


On Tue, 2018-06-26 at 16:43 +0800, Yan, Zheng wrote:
> this is preparation for security label support
> 
> Signed-off-by: "Yan, Zheng" <zyan at redhat.com>
> ---
>  fs/ceph/acl.c   | 22 +++++++---------------
>  fs/ceph/dir.c   | 28 ++++++++++++++--------------
>  fs/ceph/file.c  | 18 +++++++++---------
>  fs/ceph/super.h | 29 +++++++++++++++--------------
>  fs/ceph/xattr.c | 10 ++++++++++
>  5 files changed, 55 insertions(+), 52 deletions(-)
> 
> diff --git a/fs/ceph/acl.c b/fs/ceph/acl.c
> index 3351ea14390b..f13ba4250f00 100644
> --- a/fs/ceph/acl.c
> +++ b/fs/ceph/acl.c
> @@ -172,7 +172,7 @@ int ceph_set_acl(struct inode *inode, struct posix_acl *acl, int type)
>  }
>  
>  int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
> -		       struct ceph_acls_info *info)
> +		       struct ceph_acl_sec_ctx *as_ctx)
>  {
>  	struct posix_acl *acl, *default_acl;
>  	size_t val_size1 = 0, val_size2 = 0;
> @@ -248,9 +248,9 @@ int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
>  
>  	kfree(tmp_buf);
>  
> -	info->acl = acl;
> -	info->default_acl = default_acl;
> -	info->pagelist = pagelist;
> +	as_ctx->acl = acl;
> +	as_ctx->default_acl = default_acl;
> +	as_ctx->pagelist = pagelist;
>  	return 0;
>  
>  out_err:
> @@ -262,18 +262,10 @@ int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
>  	return err;
>  }
>  
> -void ceph_init_inode_acls(struct inode* inode, struct ceph_acls_info *info)
> +void ceph_init_inode_acls(struct inode* inode, struct ceph_acl_sec_ctx *as_ctx)
>  {
>  	if (!inode)
>  		return;
> -	ceph_set_cached_acl(inode, ACL_TYPE_ACCESS, info->acl);
> -	ceph_set_cached_acl(inode, ACL_TYPE_DEFAULT, info->default_acl);
> -}
> -
> -void ceph_release_acls_info(struct ceph_acls_info *info)
> -{
> -	posix_acl_release(info->acl);
> -	posix_acl_release(info->default_acl);
> -	if (info->pagelist)
> -		ceph_pagelist_release(info->pagelist);
> +	ceph_set_cached_acl(inode, ACL_TYPE_ACCESS, as_ctx->acl);
> +	ceph_set_cached_acl(inode, ACL_TYPE_DEFAULT, as_ctx->default_acl);
>  }
> diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c
> index 036ac0f3a393..f451ad5a37ab 100644
> --- a/fs/ceph/dir.c
> +++ b/fs/ceph/dir.c
> @@ -821,7 +821,7 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry,
>  	struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb);
>  	struct ceph_mds_client *mdsc = fsc->mdsc;
>  	struct ceph_mds_request *req;
> -	struct ceph_acls_info acls = {};
> +	struct ceph_acl_sec_ctx as_ctx = {};
>  	int err;
>  
>  	if (ceph_snap(dir) != CEPH_NOSNAP)
> @@ -830,7 +830,7 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry,
>  	if (ceph_quota_is_max_files_exceeded(dir))
>  		return -EDQUOT;
>  
> -	err = ceph_pre_init_acls(dir, &mode, &acls);
> +	err = ceph_pre_init_acls(dir, &mode, &as_ctx);
>  	if (err < 0)
>  		return err;
>  
> @@ -849,9 +849,9 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry,
>  	req->r_args.mknod.rdev = cpu_to_le32(rdev);
>  	req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
>  	req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
> -	if (acls.pagelist) {
> -		req->r_pagelist = acls.pagelist;
> -		acls.pagelist = NULL;
> +	if (as_ctx.pagelist) {
> +		req->r_pagelist = as_ctx.pagelist;
> +		as_ctx.pagelist = NULL;
>  	}
>  	err = ceph_mdsc_do_request(mdsc, dir, req);
>  	if (!err && !req->r_reply_info.head->is_dentry)
> @@ -859,10 +859,10 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry,
>  	ceph_mdsc_put_request(req);
>  out:
>  	if (!err)
> -		ceph_init_inode_acls(d_inode(dentry), &acls);
> +		ceph_init_inode_acls(d_inode(dentry), &as_ctx);
>  	else
>  		d_drop(dentry);
> -	ceph_release_acls_info(&acls);
> +	ceph_release_acl_sec_ctx(&as_ctx);
>  	return err;
>  }
>  
> @@ -919,7 +919,7 @@ static int ceph_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
>  	struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb);
>  	struct ceph_mds_client *mdsc = fsc->mdsc;
>  	struct ceph_mds_request *req;
> -	struct ceph_acls_info acls = {};
> +	struct ceph_acl_sec_ctx as_ctx = {};
>  	int err = -EROFS;
>  	int op;
>  
> @@ -942,7 +942,7 @@ static int ceph_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
>  	}
>  
>  	mode |= S_IFDIR;
> -	err = ceph_pre_init_acls(dir, &mode, &acls);
> +	err = ceph_pre_init_acls(dir, &mode, &as_ctx);
>  	if (err < 0)
>  		goto out;
>  
> @@ -959,9 +959,9 @@ static int ceph_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
>  	req->r_args.mkdir.mode = cpu_to_le32(mode);
>  	req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
>  	req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
> -	if (acls.pagelist) {
> -		req->r_pagelist = acls.pagelist;
> -		acls.pagelist = NULL;
> +	if (as_ctx.pagelist) {
> +		req->r_pagelist = as_ctx.pagelist;
> +		as_ctx.pagelist = NULL;
>  	}
>  	err = ceph_mdsc_do_request(mdsc, dir, req);
>  	if (!err &&
> @@ -971,10 +971,10 @@ static int ceph_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
>  	ceph_mdsc_put_request(req);
>  out:
>  	if (!err)
> -		ceph_init_inode_acls(d_inode(dentry), &acls);
> +		ceph_init_inode_acls(d_inode(dentry), &as_ctx);
>  	else
>  		d_drop(dentry);
> -	ceph_release_acls_info(&acls);
> +	ceph_release_acl_sec_ctx(&as_ctx);
>  	return err;
>  }
>  
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index ad0bed99b1d5..701506ec5768 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -436,7 +436,7 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
>  	struct ceph_mds_client *mdsc = fsc->mdsc;
>  	struct ceph_mds_request *req;
>  	struct dentry *dn;
> -	struct ceph_acls_info acls = {};
> +	struct ceph_acl_sec_ctx as_ctx = {};
>  	int mask;
>  	int err;
>  
> @@ -450,7 +450,7 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
>  	if (flags & O_CREAT) {
>  		if (ceph_quota_is_max_files_exceeded(dir))
>  			return -EDQUOT;
> -		err = ceph_pre_init_acls(dir, &mode, &acls);
> +		err = ceph_pre_init_acls(dir, &mode, &as_ctx);
>  		if (err < 0)
>  			return err;
>  	}
> @@ -459,16 +459,16 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
>  	req = prepare_open_request(dir->i_sb, flags, mode);
>  	if (IS_ERR(req)) {
>  		err = PTR_ERR(req);
> -		goto out_acl;
> +		goto out_ctx;
>  	}
>  	req->r_dentry = dget(dentry);
>  	req->r_num_caps = 2;
>  	if (flags & O_CREAT) {
>  		req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
>  		req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
> -		if (acls.pagelist) {
> -			req->r_pagelist = acls.pagelist;
> -			acls.pagelist = NULL;
> +		if (as_ctx.pagelist) {
> +			req->r_pagelist = as_ctx.pagelist;
> +			as_ctx.pagelist = NULL;
>  		}
>  	}
>  
> @@ -506,7 +506,7 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
>  	} else {
>  		dout("atomic_open finish_open on dn %p\n", dn);
>  		if (req->r_op == CEPH_MDS_OP_CREATE && req->r_reply_info.has_create_ino) {
> -			ceph_init_inode_acls(d_inode(dentry), &acls);
> +			ceph_init_inode_acls(d_inode(dentry), &as_ctx);
>  			*opened |= FILE_CREATED;
>  		}
>  		err = finish_open(file, dentry, ceph_open, opened);
> @@ -515,8 +515,8 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
>  	if (!req->r_err && req->r_target_inode)
>  		ceph_put_fmode(ceph_inode(req->r_target_inode), req->r_fmode);
>  	ceph_mdsc_put_request(req);
> -out_acl:
> -	ceph_release_acls_info(&acls);
> +out_ctx:
> +	ceph_release_acl_sec_ctx(&as_ctx);
>  	dout("atomic_open result=%d\n", err);
>  	return err;
>  }
> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> index 5df5262b24b0..83561421afda 100644
> --- a/fs/ceph/super.h
> +++ b/fs/ceph/super.h
> @@ -906,6 +906,14 @@ extern void __init ceph_xattr_init(void);
>  extern void ceph_xattr_exit(void);
>  extern const struct xattr_handler *ceph_xattr_handlers[];
>  
> +struct ceph_acl_sec_ctx {
> +#ifdef CONFIG_CEPH_FS_POSIX_ACL
> +	void *default_acl;
> +	void *acl;
> +#endif
> +	struct ceph_pagelist *pagelist;
> +};
> +
>  #ifdef CONFIG_SECURITY
>  extern bool ceph_security_xattr_deadlock(struct inode *in);
>  extern bool ceph_security_xattr_wanted(struct inode *in);
> @@ -920,21 +928,17 @@ static inline bool ceph_security_xattr_wanted(struct inode *in)
>  }
>  #endif
>  
> -/* acl.c */
> -struct ceph_acls_info {
> -	void *default_acl;
> -	void *acl;
> -	struct ceph_pagelist *pagelist;
> -};
> +void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx);
>  
> +/* acl.c */
>  #ifdef CONFIG_CEPH_FS_POSIX_ACL
>  
>  struct posix_acl *ceph_get_acl(struct inode *, int);
>  int ceph_set_acl(struct inode *inode, struct posix_acl *acl, int type);
>  int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
> -		       struct ceph_acls_info *info);
> -void ceph_init_inode_acls(struct inode *inode, struct ceph_acls_info *info);
> -void ceph_release_acls_info(struct ceph_acls_info *info);
> +		       struct ceph_acl_sec_ctx *as_ctx);
> +void ceph_init_inode_acls(struct inode *inode,
> +			  struct ceph_acl_sec_ctx *as_ctx);
>  
>  static inline void ceph_forget_all_cached_acls(struct inode *inode)
>  {
> @@ -947,15 +951,12 @@ static inline void ceph_forget_all_cached_acls(struct inode *inode)
>  #define ceph_set_acl NULL
>  
>  static inline int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
> -				     struct ceph_acls_info *info)
> +				     struct ceph_acl_sec_ctx *as_ctx)
>  {
>  	return 0;
>  }
>  static inline void ceph_init_inode_acls(struct inode *inode,
> -					struct ceph_acls_info *info)
> -{
> -}
> -static inline void ceph_release_acls_info(struct ceph_acls_info *info)
> +					struct ceph_acl_sec_ctx *as_ctx)
>  {
>  }
>  static inline int ceph_acl_chmod(struct dentry *dentry, struct inode *inode)
> diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
> index 5bc8edb4c2a6..ef0e968d56a1 100644
> --- a/fs/ceph/xattr.c
> +++ b/fs/ceph/xattr.c
> @@ -1190,3 +1190,13 @@ bool ceph_security_xattr_deadlock(struct inode *in)
>  	return ret;
>  }
>  #endif
> +
> +void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx)
> +{
> +#ifdef CONFIG_CEPH_FS_POSIX_ACL
> +	posix_acl_release(as_ctx->acl);
> +	posix_acl_release(as_ctx->default_acl);
> +#endif
> +	if (as_ctx->pagelist)
> +		ceph_pagelist_release(as_ctx->pagelist);
> +}

Straightforward enough.

Reviewed-by: Jeff Layton <jlayton at kernel.org>



More information about the Linux-security-module-archive mailing list