Permalink
Commits on Feb 12, 2012
  1. ext4: Add temporary richacl mount option for ext4

    This helps in easy testing of the patchset. The mount
    option will be later removed in favour of a feature flag.
    
    ***Should be folded before merging***
    
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    committed Oct 18, 2011
Commits on Oct 23, 2011
  1. ext4: Add Ext4 compat richacl feature flag

    This feature flag can be used to enable richacl on
    the file system. Once enabled the "acl" mount option
    will enable richacl instead of posix acl
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    committed Oct 18, 2011
  2. ext4: Implement rich acl for ext4

    Support the richacl permission model in ext4.  The richacls are stored
    in "system.richacl" xattrs.This need to be enabled by tune2fs or during
    mkfs.ext4
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    committed Oct 18, 2011
  3. ext4: Use IS_POSIXACL() to check for POSIX ACL support

    Use IS_POSIXACL() instead of a file system specific mount flag since we
    have IS_POSIXACL() in the vfs already, anyway.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    committed Oct 18, 2011
  4. vfs: Add richacl permission check

    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    committed Oct 18, 2011
  5. vfs: Cache richacl in struct inode

    Cache richacls in struct inode so that this doesn't have to be done
    individually in each filesystem.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  6. richacl: xattr mapping functions

    Map between "system.richacl" xattrs and the in-kernel representation.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  7. richacl: Automatic Inheritance

    Automatic Inheritance (AI) allows changes to the acl of a directory to
    recursively propagate down to files and directories in the directory.
    
    To implement this, the kernel keeps track of which permissions have been
    inherited, and makes sure that permission propagation is turned off when
    the file permission bits of a file are changed (upon create or chmod).
    
    The actual permission propagation is implemented in user space.
    
    AI works as follows:
    
     - When the ACL4_AUTO_INHERIT flag in the acl of a file is cleared, the
       file is not affected by AI.
    
     - When the ACL4_AUTO_INHERIT flag in the acl of a directory is set and
       a file or subdirectory is created in that directory, files created in
       the directory will have the ACL4_AUTO_INHERIT flag set, and all
       inherited aces will have the ACE4_INHERITED_ACE flag set.  This
       allows user space to distinguish between aces which have been
       inherited, and aces which have been explicitly added.
    
     - When the ACL4_PROTECTED acl flag in the acl of a file is set, AI will
       not modify the acl of the file.  This does not affect propagation of
       permissions from the file to its children (if the file is a
       directory).
    
    Linux does not have a way of creating files without setting the file
    permission bits, so all files created inside a directory with
    ACL4_AUTO_INHERIT set will also have the ACL4_PROTECTED flag set.  This
    effectively disables AI.
    
    Protocols which support creating files without specifying permissions
    can explicitly clear the ACL4_PROTECTED flag after creating a file (and
    reset the file masks to "undo" applying the create mode; see
    richacl_compute_max_masks()).  This is a workaround; a per-create or
    per-process flag indicating to ignore the create mode when AI is in
    effect would fix this problem.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  8. richacl: Check if an acl is equivalent to a file mode

    This function is used to avoid storing richacls on disk if the acl can
    be computed from the file permission bits.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  9. richacl: Create-time inheritance

    When a new file is created, it can inherit an acl from its parent
    directory; this is similar to how default acls work in POSIX (draft)
    ACLs.
    
    As with POSIX ACLs, if a file inherits an acl from its parent directory,
    the intersection between the create mode and the permissions granted by
    the inherited acl determines the file masks and file permission bits,
    and the umask is ignored.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  10. richacl: Permission check algorithm

    As in the standard POSIX file permission model, each process is the
    owner, group, or other file class.  A process is
    
      - in the owner file class if it owns the file,
      - in the group file class if it is in the file's owning group or it
        matches any of the user or group entries, and
      - in the other file class otherwise.
    
    Each file class is associated with a file mask.
    
    A richacl grants a requested access if the NFSv4 acl in the richacl
    grants the requested permissions (according to the NFSv4 permission
    check algorithm) and the file mask that applies to the process includes
    the requested permissions.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  11. richacl: Update the file masks in chmod()

    Doing a chmod() sets the file mode, which includes the file permission
    bits.  When a file has a richacl, the permissions that the richacl
    grants need to be limited to what the new file permission bits allow.
    
    This is done by setting the file masks in the richacl to what the file
    permission bits map to.  The richacl access check algorithm takes the
    file masks into account, which ensures that the richacl cannot grant too
    many permissions.
    
    It is possible to explicitly add permissions to the file masks which go
    beyond what the file permission bits can grant (like the ACE4_WRITE_ACL
    permission).  The POSIX.1 standard calls this an alternate file access
    control mechanism.  A subsequent chmod() would ensure that those
    permissions are disabled again.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  12. richacl: Compute maximum file masks from an acl

    Compute upper bound owner, group, and other file masks with as few
    permissions as possible without denying any permissions that the NFSv4
    acl in a richacl grants.
    
    This algorithm is used when a file inherits an acl at create time and
    when an acl is set via a mechanism that does not specify file modes
    (such as via nfsd).  When user-space sets an acl, the file masks are
    passed in as part of the xattr.
    
    When setting a richacl, the file masks determine what the file
    permission bits will be set to; see richacl_masks_to_mode().
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  13. richacl: Permission mapping functions

    We need to map from POSIX permissions to NFSv4 permissions when a
    chmod() is done, from NFSv4 permissions to POSIX permissions when an acl
    is set (which implicitly sets the file permission bits), and from the
    MAY_READ/MAY_WRITE/MAY_EXEC/MAY_APPEND flags to NFSv4 permissions when
    doing an access check in a richacl.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  14. richacl: In-memory representation and helper functions

    A richacl consists of an NFSv4 acl and an owner, group, and other mask.
    These three masks correspond to the owner, group, and other file
    permission bits, but they contain NFSv4 permissions instead of POSIX
    permissions.
    
    Each entry in the NFSv4 acl applies to the file owner (OWNER@), the
    owning group (GROUP@), literally everyone (EVERYONE@), or to a specific
    uid or gid.
    
    As in the standard POSIX file permission model, each process is the
    owner, group, or other file class.  A richacl grants a requested access
    only if the NFSv4 acl in the richacl grants the access (according to the
    NFSv4 permission check algorithm), and the file mask that applies to the
    process includes the requested permissions.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  15. vfs: Make acl_permission_check() work for richacls

    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  16. vfs: Add permission flags for setting file attributes

    Some permission models can allow processes to take ownership of a file,
    change the file permissions, and set the file timestamps.  Introduce new
    permission mask flags and check for those permissions in
    inode_change_ok().
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  17. vfs: Make the inode passed to inode_change_ok non-const

    We will need to call iop->permission and iop->get_acl from
    inode_change_ok() for additional permission checks, and both take a
    non-const inode.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  18. vfs: Add delete child and delete self permission flags

    Normally, deleting a file requires write access to the parent directory.
    Some permission models use a different permission on the parent
    directory to indicate delete access.  In addition, a process can have
    per-file delete access even without delete access on the parent
    directory.
    
    Introduce two new inode_permission() mask flags and use them in
    may_delete()
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  19. vfs: Add new file and directory create permission flags

    Some permission models distinguish between the permission to create a
    non-directory and a directory.  Pass this information down to
    inode_permission() as mask flags
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  20. vfs: Optimize out IS_RICHACL() if CONFIG_FS_RICHACL is not defined

    if CONFIG_FS_RICHACL is not defined optimize out
    the ACL check function.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  21. vfs: Add IS_RICHACL() test for richacl support

    Introduce a new MS_RICHACL super-block flag and a new IS_RICHACL() test
    which file systems like nfs can use.  IS_ACL() is true if IS_POSIXACL()
    or IS_RICHACL() is true.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  22. vfs: Add generic IS_ACL() test for acl support

    When IS_POSIXACL() is true, the vfs does not apply the umask.  Other acl
    models will need the same exception, so introduce a separate IS_ACL()
    test.
    
    The IS_POSIX_ACL() test is still needed so that nfsd can determine when
    the underlying file system supports POSIX ACLs (as opposed to some other
    kind).
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  23. vfs: Add a comment to inode_permission()

    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  24. vfs: Pass all mask flags down to iop->check_acl

    Some file permission models differentiate between writing to a file
    (MAY_WRITE) and appending to it (MAY_WRITE | MAY_APPEND).  Pass all the
    mask flags down to iop->check_acl so that filesystems can distinguish
    between writing and appending.
    
    All users of iop->check_acl pass the mask value back into
    posix_acl_permission(); strip off the additional mask flags there.
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
  25. vfs: Add hex format for MAY_* flag values

    We are going to add more flags and having them in hex format
    make it simpler
    
    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    committed Oct 18, 2011
  26. vfs: Indicate that the permission functions take all the MAY_* flags

    Acked-by: J. Bruce Fields <bfields@redhat.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
    Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
    Andreas Gruenbacher committed with Oct 18, 2011
Commits on Oct 18, 2011
  1. Linux 3.1-rc10

    torvalds committed Oct 18, 2011
Commits on Oct 17, 2011
  1. Avoid using variable-length arrays in kernel/sys.c

    The size is always valid, but variable-length arrays generate worse code
    for no good reason (unless the function happens to be inlined and the
    compiler sees the length for the simple constant it is).
    
    Also, there seems to be some code generation problem on POWER, where
    Henrik Bakken reports that register r28 can get corrupted under some
    subtle circumstances (interrupt happening at the wrong time?).  That all
    indicates some seriously broken compiler issues, but since variable
    length arrays are bad regardless, there's little point in trying to
    chase it down.
    
    "Just don't do that, then".
    
    Reported-by: Henrik Grindal Bakken <henribak@cisco.com>
    Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
    Cc: stable@kernel.org
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
    torvalds committed Oct 17, 2011
Commits on Oct 16, 2011
  1. Merge branch 'fixes' of http://ftp.arm.linux.org.uk/pub/linux/arm/ker…

    …nel/git-cur/linux-2.6-arm
    
    * 'fixes' of http://ftp.arm.linux.org.uk/pub/linux/arm/kernel/git-cur/linux-2.6-arm:
      ARM: 7128/1: vic: Don't write to the read-only register VIC_IRQ_STATUS
      ARM: 7122/1: localtimer: add header linux/errno.h explicitly
      ARM: 7117/1: perf: fix HW_CACHE_* events on Cortex-A9
      ARM: 7113/1: mm: Align bank start to MAX_ORDER_NR_PAGES
    torvalds committed Oct 16, 2011
Commits on Oct 15, 2011
  1. ARM: 7128/1: vic: Don't write to the read-only register VIC_IRQ_STATUS

    This is unneeded and causes an abort on the SPMP8000 platform.
    
    Acked-by: Linus Walleij <linus.walleij@linaro.org>
    Signed-off-by: Zoltan Devai <zoss@devai.org>
    Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
    Zoltan Devai committed with Russell King Oct 10, 2011
  2. ARM: 7122/1: localtimer: add header linux/errno.h explicitly

    Per the text in  Documentation/SubmitChecklist as below, we should
    explicitly have header linux/errno.h in localtimer.h for ENXIO
    reference.
    
    1: If you use a facility then #include the file that defines/declares
       that facility.  Don't depend on other header files pulling in ones
       that you use.
    
    Otherwise, we may run into some compiling error like the following one,
    if any file includes localtimer.h without CONFIG_LOCAL_TIMERS defined.
    
      arch/arm/include/asm/localtimer.h: In function ‘local_timer_setup’:
      arch/arm/include/asm/localtimer.h:53:10: error: ‘ENXIO’ undeclared (first use in this function)
    
    Signed-off-by: Shawn Guo <shawn.guo@linaro.org>
    Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
    Shawn Guo committed with Russell King Oct 6, 2011
  3. ARM: 7117/1: perf: fix HW_CACHE_* events on Cortex-A9

    Using COHERENT_LINE_{MISS,HIT} for cache misses and references
    respectively is completely wrong. Instead, use the L1D events which
    are a better and more useful approximation despite ignoring instruction
    traffic.
    
    Reported-by: Alasdair Grant <alasdair.grant@arm.com>
    Reported-by: Matt Horsnell <matt.horsnell@arm.com>
    Reported-by: Michael Williams <michael.williams@arm.com>
    Cc: stable@kernel.org
    Cc: Jean Pihet <j-pihet@ti.com>
    Signed-off-by: Will Deacon <will.deacon@arm.com>
    Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
    wildea01 committed with Russell King Oct 3, 2011
Commits on Oct 14, 2011
  1. Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/…

    …kernel/git/groeck/linux-staging
    
    * 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
      hwmon: (w83627ehf) Properly report thermal diode sensors
    torvalds committed Oct 14, 2011
  2. Merge branch 'gpio/merge' of git://git.secretlab.ca/git/linux-2.6

    * 'gpio/merge' of git://git.secretlab.ca/git/linux-2.6:
      gpio-pca953x: fix gpio_base
      gpio/omap: fix build error with certain OMAP1 configs
    torvalds committed Oct 14, 2011