typedef u32 cfs_cap_t;
-#define CFS_CAP_CHOWN 0
-#define CFS_CAP_DAC_OVERRIDE 1
-#define CFS_CAP_DAC_READ_SEARCH 2
-#define CFS_CAP_FOWNER 3
-#define CFS_CAP_FSETID 4
-#define CFS_CAP_LINUX_IMMUTABLE 9
-#define CFS_CAP_SYS_ADMIN 21
-#define CFS_CAP_SYS_BOOT 23
-#define CFS_CAP_SYS_RESOURCE 24
-
-#define CFS_CAP_FS_MASK (BIT(CFS_CAP_CHOWN) | \
- BIT(CFS_CAP_DAC_OVERRIDE) | \
- BIT(CFS_CAP_DAC_READ_SEARCH) | \
- BIT(CFS_CAP_FOWNER) | \
- BIT(CFS_CAP_FSETID) | \
- BIT(CFS_CAP_LINUX_IMMUTABLE) | \
- BIT(CFS_CAP_SYS_ADMIN) | \
- BIT(CFS_CAP_SYS_BOOT) | \
- BIT(CFS_CAP_SYS_RESOURCE))
+#define CFS_CAP_FS_MASK (BIT(CAP_CHOWN) | \
+ BIT(CAP_DAC_OVERRIDE) | \
+ BIT(CAP_DAC_READ_SEARCH) | \
+ BIT(CAP_FOWNER) | \
+ BIT(CAP_FSETID) | \
+ BIT(CAP_LINUX_IMMUTABLE) | \
+ BIT(CAP_SYS_ADMIN) | \
+ BIT(CAP_SYS_BOOT) | \
+ BIT(CAP_SYS_RESOURCE))
void cfs_cap_raise(cfs_cap_t cap);
void cfs_cap_lower(cfs_cap_t cap);
int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset);
int sptlrpc_unpack_user_desc(struct lustre_msg *req, int offset, int swabbed);
-#define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN)
-#define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE)
-
enum {
LUSTRE_SEC_NONE = 0,
LUSTRE_SEC_REMOTE = 1,
switch (cmd) {
case Q_SETQUOTA:
case Q_SETINFO:
- if (!capable(CFS_CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
break;
case Q_GETQUOTA:
!uid_eq(current_euid(), make_kuid(&init_user_ns, id))) ||
(type == GRPQUOTA &&
!in_egroup_p(make_kgid(&init_user_ns, id)))) &&
- !capable(CFS_CAP_SYS_ADMIN))
+ !capable(CAP_SYS_ADMIN))
return -EPERM;
break;
case Q_GETINFO:
}
case OBD_IOC_CHANGELOG_SEND:
case OBD_IOC_CHANGELOG_CLEAR:
- if (!capable(CFS_CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg,
return rc;
}
case LL_IOC_HSM_CT_START:
- if (!capable(CFS_CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void __user *)arg,
sizeof(struct lov_user_ost_data);
int rc;
- if (!capable(CFS_CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN))
return -EPERM;
lump = libcfs_kvzalloc(lum_size, GFP_NOFS);
size_t outsize;
int rc;
- if (!capable(CFS_CAP_DAC_READ_SEARCH) &&
+ if (!capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
return -EPERM;
* NOT defined in HSM_USER_MASK.
*/
if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
- !capable(CFS_CAP_SYS_ADMIN))
+ !capable(CAP_SYS_ADMIN))
return -EPERM;
/* Detect out-of range archive id */
/* POSIX: check before ATTR_*TIME_SET set (from setattr_prepare) */
if (attr->ia_valid & TIMES_SET_FLAGS) {
if ((!uid_eq(current_fsuid(), inode->i_uid)) &&
- !capable(CFS_CAP_FOWNER))
+ !capable(CAP_FOWNER))
return -EPERM;
}
u32 linkno;
int rc;
- if (!capable(CFS_CAP_DAC_READ_SEARCH) &&
+ if (!capable(CAP_DAC_READ_SEARCH) &&
!(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
return -EPERM;
return -EOPNOTSUPP;
if (handler->flags == XATTR_TRUSTED_T &&
- !capable(CFS_CAP_SYS_ADMIN))
+ !capable(CAP_SYS_ADMIN))
return -EPERM;
return 0;
int err = 0;
/* Allow non-root access for OBD_IOC_PING_TARGET - used by lfs check */
- if (!capable(CFS_CAP_SYS_ADMIN) && (cmd != OBD_IOC_PING_TARGET))
+ if (!capable(CAP_SYS_ADMIN) && (cmd != OBD_IOC_PING_TARGET))
return err = -EACCES;
if ((cmd & 0xffffff00) == ((int)'T') << 8) /* ignore all tty ioctls */
return err = -ENOTTY;
(*lgh)->lgh_ctxt = ctxt;
(*lgh)->lgh_logops = ctxt->loc_logops;
- raised = cfs_cap_raised(CFS_CAP_SYS_RESOURCE);
+ raised = cfs_cap_raised(CAP_SYS_RESOURCE);
if (!raised)
- cfs_cap_raise(CFS_CAP_SYS_RESOURCE);
+ cfs_cap_raise(CAP_SYS_RESOURCE);
rc = ctxt->loc_logops->lop_open(env, *lgh, logid, name, open_param);
if (!raised)
- cfs_cap_lower(CFS_CAP_SYS_RESOURCE);
+ cfs_cap_lower(CAP_SYS_RESOURCE);
if (rc) {
llog_free_handle(*lgh);
*lgh = NULL;
switch (cmd) {
case OBD_IOC_CREATE: /* may create echo object */
- if (!capable(CFS_CAP_SYS_ADMIN)) {
+ if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM;
goto out;
}
goto out;
case OBD_IOC_DESTROY:
- if (!capable(CFS_CAP_SYS_ADMIN)) {
+ if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM;
goto out;
}
goto out;
case OBD_IOC_SETATTR:
- if (!capable(CFS_CAP_SYS_ADMIN)) {
+ if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM;
goto out;
}
goto out;
case OBD_IOC_BRW_WRITE:
- if (!capable(CFS_CAP_SYS_ADMIN)) {
+ if (!capable(CAP_SYS_ADMIN)) {
rc = -EPERM;
goto out;
}
oap->oap_obj_off = offset;
LASSERT(!(offset & ~PAGE_MASK));
- if (capable(CFS_CAP_SYS_RESOURCE))
+ if (capable(CAP_SYS_RESOURCE))
oap->oap_brw_flags = OBD_BRW_NOQUOTA;
INIT_LIST_HEAD(&oap->oap_pending_item);
/* Set the OBD_BRW_SRVLOCK before the page is queued. */
brw_flags |= ops->ops_srvlock ? OBD_BRW_SRVLOCK : 0;
- if (capable(CFS_CAP_SYS_RESOURCE)) {
+ if (capable(CAP_SYS_RESOURCE)) {
brw_flags |= OBD_BRW_NOQUOTA;
cmd |= OBD_BRW_NOQUOTA;
}
oap->oap_count = opg->ops_to - opg->ops_from;
oap->oap_brw_flags = brw_flags | OBD_BRW_SYNC;
- if (capable(CFS_CAP_SYS_RESOURCE)) {
+ if (capable(CAP_SYS_RESOURCE)) {
oap->oap_brw_flags |= OBD_BRW_NOQUOTA;
oap->oap_cmd |= OBD_BRW_NOQUOTA;
}
OSDN Git Service
