xfs: invalidate cached acl if set via ioctl
authorAndreas Gruenbacher <agruenba@redhat.com>
Tue, 3 Nov 2015 01:56:17 +0000 (12:56 +1100)
committerDave Chinner <david@fromorbit.com>
Tue, 3 Nov 2015 01:56:17 +0000 (12:56 +1100)
Setting or removing the "SGI_ACL_[FILE|DEFAULT]" attributes via the
XFS_IOC_ATTRMULTI_BY_HANDLE ioctl completely bypasses the POSIX ACL
infrastructure, like setting the "trusted.SGI_ACL_[FILE|DEFAULT]" xattrs
did until commit 6caa1056.  Similar to that commit, invalidate cached
acls when setting/removing them via the ioctl as well.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
fs/xfs/xfs_acl.h
fs/xfs/xfs_ioctl.c
fs/xfs/xfs_xattr.c

index 3841b07f27bf0106a9c1ed901deaf6f8b3d3472f..75af0a4d9028abb1735b410abd2e73f2c9725044 100644 (file)
@@ -36,4 +36,7 @@ static inline struct posix_acl *xfs_get_acl(struct inode *inode, int type)
 # define posix_acl_access_exists(inode)                        0
 # define posix_acl_default_exists(inode)               0
 #endif /* CONFIG_XFS_POSIX_ACL */
+
+extern void xfs_forget_acl(struct inode *inode, const char *name, int xflags);
+
 #endif /* __XFS_ACL_H__ */
index e939c20cb4dee90f70731d5d668cbef98b8354c0..67bb2983c0365941924d8bf9e98331497bd85e2d 100644 (file)
@@ -40,6 +40,7 @@
 #include "xfs_symlink.h"
 #include "xfs_trans.h"
 #include "xfs_pnfs.h"
+#include "xfs_acl.h"
 
 #include <linux/capability.h>
 #include <linux/dcache.h>
@@ -494,6 +495,8 @@ xfs_attrmulti_attr_set(
                return PTR_ERR(kbuf);
 
        error = xfs_attr_set(XFS_I(inode), name, kbuf, len, flags);
+       if (!error)
+               xfs_forget_acl(inode, name, flags);
        kfree(kbuf);
        return error;
 }
@@ -504,9 +507,14 @@ xfs_attrmulti_attr_remove(
        unsigned char           *name,
        __uint32_t              flags)
 {
+       int                     error;
+
        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
                return -EPERM;
-       return xfs_attr_remove(XFS_I(inode), name, flags);
+       error = xfs_attr_remove(XFS_I(inode), name, flags);
+       if (!error)
+               xfs_forget_acl(inode, name, flags);
+       return error;
 }
 
 STATIC int
index 1e08d3e85cd041c5d0d6803a11e37c97e7ceaccc..8294f86441bfcdc108eb28ec57b7a449f31dd675 100644 (file)
@@ -53,6 +53,28 @@ xfs_xattr_get(struct dentry *dentry, const char *name,
        return asize;
 }
 
+void
+xfs_forget_acl(
+       struct inode            *inode,
+       const char              *name,
+       int                     xflags)
+{
+       /*
+        * Invalidate any cached ACLs if the user has bypassed the ACL
+        * interface. We don't validate the content whatsoever so it is caller
+        * responsibility to provide data in valid format and ensure i_mode is
+        * consistent.
+        */
+       if (xflags & ATTR_ROOT) {
+#ifdef CONFIG_XFS_POSIX_ACL
+               if (!strcmp(name, SGI_ACL_FILE))
+                       forget_cached_acl(inode, ACL_TYPE_ACCESS);
+               else if (!strcmp(name, SGI_ACL_DEFAULT))
+                       forget_cached_acl(inode, ACL_TYPE_DEFAULT);
+#endif
+       }
+}
+
 static int
 xfs_xattr_set(struct dentry *dentry, const char *name, const void *value,
                size_t size, int flags, int xflags)
@@ -73,20 +95,8 @@ xfs_xattr_set(struct dentry *dentry, const char *name, const void *value,
                return xfs_attr_remove(ip, (unsigned char *)name, xflags);
        error = xfs_attr_set(ip, (unsigned char *)name,
                                (void *)value, size, xflags);
-       /*
-        * Invalidate any cached ACLs if the user has bypassed the ACL
-        * interface. We don't validate the content whatsoever so it is caller
-        * responsibility to provide data in valid format and ensure i_mode is
-        * consistent.
-        */
-#ifdef CONFIG_XFS_POSIX_ACL
-       if (!error && (xflags & ATTR_ROOT)) {
-               if (!strcmp(name, SGI_ACL_FILE))
-                       forget_cached_acl(VFS_I(ip), ACL_TYPE_ACCESS);
-               else if (!strcmp(name, SGI_ACL_DEFAULT))
-                       forget_cached_acl(VFS_I(ip), ACL_TYPE_DEFAULT);
-       }
-#endif
+       if (!error)
+               xfs_forget_acl(d_inode(dentry), name, xflags);
 
        return error;
 }