[XFS] Kill attr_capable checks as already done in xattr_permission.

No need for addition permission checks in the xattr handler,
fs/xattr.c:xattr_permission() already does them, and in fact slightly more
strict then what was in the attr_capable handlers.

SGI-PV: 981809
SGI-Modid: xfs-linux-melb:xfs-kern:31164a

Signed-off-by: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Tim Shimmin <tes@sgi.com>
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>

diff --git a/fs/xfs/linux-2.6/xfs_iops.c b/fs/xfs/linux-2.6/xfs_iops.c
index 5fc61c8..13b6cfd 100644 (file)
--- a/fs/xfs/linux-2.6/xfs_iops.c
+++ b/fs/xfs/linux-2.6/xfs_iops.c
@@ -739,15 +739,11 @@ xfs_vn_setxattr(
        char            *attr = (char *)name;
        attrnames_t     *namesp;
        int             xflags = 0;
-       int             error;
 
        namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);
        if (!namesp)
                return -EOPNOTSUPP;
        attr += namesp->attr_namelen;
-       error = namesp->attr_capable(vp, NULL);
-       if (error)
-               return error;
 
        /* Convert Linux syscall to XFS internal ATTR flags */
        if (flags & XATTR_CREATE)
@@ -769,15 +765,11 @@ xfs_vn_getxattr(
        char            *attr = (char *)name;
        attrnames_t     *namesp;
        int             xflags = 0;
-       ssize_t         error;
 
        namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);
        if (!namesp)
                return -EOPNOTSUPP;
        attr += namesp->attr_namelen;
-       error = namesp->attr_capable(vp, NULL);
-       if (error)
-               return error;
 
        /* Convert Linux syscall to XFS internal ATTR flags */
        if (!size) {
@@ -817,15 +809,12 @@ xfs_vn_removexattr(
        char            *attr = (char *)name;
        attrnames_t     *namesp;
        int             xflags = 0;
-       int             error;
 
        namesp = attr_lookup_namespace(attr, attr_namespaces, ATTR_NAMECOUNT);
        if (!namesp)
                return -EOPNOTSUPP;
        attr += namesp->attr_namelen;
-       error = namesp->attr_capable(vp, NULL);
-       if (error)
-               return error;
+
        xflags |= namesp->attr_flag;
        return namesp->attr_remove(vp, attr, xflags);
 }

diff --git a/fs/xfs/xfs_attr.c b/fs/xfs/xfs_attr.c
index df151a8..86d8619 100644 (file)
--- a/fs/xfs/xfs_attr.c
+++ b/fs/xfs/xfs_attr.c
@@ -2622,43 +2622,6 @@ attr_lookup_namespace(
        return NULL;
 }
 
-/*
- * Some checks to prevent people abusing EAs to get over quota:
- * - Don't allow modifying user EAs on devices/symlinks;
- * - Don't allow modifying user EAs if sticky bit set;
- */
-STATIC int
-attr_user_capable(
-       bhv_vnode_t     *vp,
-       cred_t          *cred)
-{
-       struct inode    *inode = vn_to_inode(vp);
-
-       if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
-               return -EPERM;
-       if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) &&
-           !capable(CAP_SYS_ADMIN))
-               return -EPERM;
-       if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
-           (current_fsuid(cred) != inode->i_uid) && !capable(CAP_FOWNER))
-               return -EPERM;
-       return 0;
-}
-
-STATIC int
-attr_trusted_capable(
-       bhv_vnode_t     *vp,
-       cred_t          *cred)
-{
-       struct inode    *inode = vn_to_inode(vp);
-
-       if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
-               return -EPERM;
-       if (!capable(CAP_SYS_ADMIN))
-               return -EPERM;
-       return 0;
-}
-
 STATIC int
 attr_system_set(
        bhv_vnode_t *vp, char *name, void *data, size_t size, int xflags)
@@ -2709,7 +2672,6 @@ struct attrnames attr_system = {
        .attr_get       = attr_system_get,
        .attr_set       = attr_system_set,
        .attr_remove    = attr_system_remove,
-       .attr_capable   = (attrcapable_t)fs_noerr,
 };
 
 struct attrnames attr_trusted = {
@@ -2719,7 +2681,6 @@ struct attrnames attr_trusted = {
        .attr_get       = attr_generic_get,
        .attr_set       = attr_generic_set,
        .attr_remove    = attr_generic_remove,
-       .attr_capable   = attr_trusted_capable,
 };
 
 struct attrnames attr_secure = {
@@ -2729,7 +2690,6 @@ struct attrnames attr_secure = {
        .attr_get       = attr_generic_get,
        .attr_set       = attr_generic_set,
        .attr_remove    = attr_generic_remove,
-       .attr_capable   = (attrcapable_t)fs_noerr,
 };
 
 struct attrnames attr_user = {
@@ -2738,7 +2698,6 @@ struct attrnames attr_user = {
        .attr_get       = attr_generic_get,
        .attr_set       = attr_generic_set,
        .attr_remove    = attr_generic_remove,
-       .attr_capable   = attr_user_capable,
 };
 
 struct attrnames *attr_namespaces[] =

diff --git a/fs/xfs/xfs_attr.h b/fs/xfs/xfs_attr.h
index 6cfc938..9b96d17 100644 (file)
--- a/fs/xfs/xfs_attr.h
+++ b/fs/xfs/xfs_attr.h
@@ -42,7 +42,6 @@ typedef int (*attrset_t)(bhv_vnode_t *, char *, void *, size_t, int);
 typedef int (*attrget_t)(bhv_vnode_t *, char *, void *, size_t, int);
 typedef int (*attrremove_t)(bhv_vnode_t *, char *, int);
 typedef int (*attrexists_t)(bhv_vnode_t *);
-typedef int (*attrcapable_t)(bhv_vnode_t *, struct cred *);
 
 typedef struct attrnames {
        char *          attr_name;
@@ -52,7 +51,6 @@ typedef struct attrnames {
        attrset_t       attr_set;
        attrremove_t    attr_remove;
        attrexists_t    attr_exists;
-       attrcapable_t   attr_capable;
 } attrnames_t;
 
 #define ATTR_NAMECOUNT 4