[Xenial][PATCH 6/9] ceph: Propagate dentry down to inode_change_ok()
Khalid Elmously
khalid.elmously at canonical.com
Thu Dec 7 08:37:54 UTC 2017
BugLink: http://bugs.launchpad.net/bugs/1415636
commit fd5472ed44683cf593322a2ef54b9a7675dc780a upstream.
To avoid clearing of capabilities or security related extended
attributes too early, inode_change_ok() will need to take dentry instead
of inode. ceph_setattr() has the dentry easily available but
__ceph_setattr() is also called from ceph_set_acl() where dentry is not
easily available. Luckily that call path does not need inode_change_ok()
to be called anyway. So reorganize functions a bit so that
inode_change_ok() is called only from paths where dentry is available.
Reviewed-by: Christoph Hellwig <hch at lst.de>
Acked-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Jan Kara <jack at suse.cz>
Signed-off-by: Khalid Elmously <khalid.elmously at canonical.com>
---
fs/ceph/acl.c | 5 +++++
fs/ceph/inode.c | 15 +++++++--------
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/fs/ceph/acl.c b/fs/ceph/acl.c
index 722c93f84ef4..b2f248fa2724 100644
--- a/fs/ceph/acl.c
+++ b/fs/ceph/acl.c
@@ -123,6 +123,11 @@ int ceph_set_acl(struct inode *inode, struct posix_acl *acl, int type)
goto out_free;
}
+ if (ceph_snap(inode) != CEPH_NOSNAP) {
+ ret = -EROFS;
+ goto out_free;
+ }
+
if (new_mode != old_mode) {
newattrs.ia_mode = new_mode;
newattrs.ia_valid = ATTR_MODE;
diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
index 5db076410d23..4e544cf34cc1 100644
--- a/fs/ceph/inode.c
+++ b/fs/ceph/inode.c
@@ -1787,13 +1787,6 @@ int __ceph_setattr(struct inode *inode, struct iattr *attr)
int inode_dirty_flags = 0;
bool lock_snap_rwsem = false;
- if (ceph_snap(inode) != CEPH_NOSNAP)
- return -EROFS;
-
- err = inode_change_ok(inode, attr);
- if (err != 0)
- return err;
-
prealloc_cf = ceph_alloc_cap_flush();
if (!prealloc_cf)
return -ENOMEM;
@@ -1998,9 +1991,15 @@ int __ceph_setattr(struct inode *inode, struct iattr *attr)
int ceph_setattr(struct dentry *dentry, struct iattr *attr)
{
struct inode *inode = d_inode(dentry);
-
int err;
+ if (ceph_snap(inode) != CEPH_NOSNAP)
+ return -EROFS;
+
+ err = inode_change_ok(inode, attr);
+ if (err != 0)
+ return err;
+
err = __ceph_setattr(inode, attr);
if (err >= 0 && (attr->ia_valid & ATTR_MODE))
--
2.14.1
More information about the kernel-team
mailing list