user/sven/linux.git/fs/attr.c, branch v3.8 Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.8 2012-11-20T12:17:24Z userns: Allow chown and setgid preservation 2012-11-20T12:17:24Z Eric W. Biederman ebiederm@xmission.com 2012-09-03T02:12:51Z urn:sha1:7fa294c8991ce0ed4e713f08209eb2ce3e1044ac - Allow chown if CAP_CHOWN is present in the current user namespace and the uid of the inode maps into the current user namespace, and the destination uid or gid maps into the current user namespace. - Allow perserving setgid when changing an inode if CAP_FSETID is present in the current user namespace and the owner of the file has a mapping into the current user namespace. Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> ima: add inode_post_setattr call 2012-09-07T18:57:46Z Mimi Zohar zohar@linux.vnet.ibm.com 2011-03-10T03:57:53Z urn:sha1:9957a5043e7b0b7361cdf48eea22b2900293e63a Changing an inode's metadata may result in our not needing to appraise the file. In such cases, we must remove 'security.ima'. Changelog v1: - use ima_inode_post_setattr() stub function, if IMA_APPRAISE not configured Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> notify_change(): check that i_mutex is held 2012-07-14T12:35:42Z Andrew Morton akpm@linux-foundation.org 2012-06-19T23:55:58Z urn:sha1:c4107b3097465e25f7d6a9b0ac0518b07b24e774 Cc: Djalal Harouni <tixxdz@opendz.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> vfs: increment iversion when a file is truncated 2012-05-31T01:04:53Z Dmitry Kasatkin dmitry.kasatkin@intel.com 2012-05-29T18:02:21Z urn:sha1:799243a389bde0de10fa21ca1ca453d2fe538b85 When a file is truncated with truncate()/ftruncate() and then closed, iversion is not updated. This patch uses ATTR_SIZE flag as an indication to increment iversion. Mimi said: On fput(), i_version is used to detect and flag files that have changed and need to be re-measured in the IMA measurement policy. When a file is truncated with truncate()/ftruncate() and then closed, i_version is not updated. As a result, although the file has changed, it will not be re-measured and added to the IMA measurement list on subsequent access. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> userns: Use uid_eq gid_eq helpers when comparing kuids and kgids in the vfs 2012-05-03T10:29:34Z Eric W. Biederman ebiederm@xmission.com 2012-03-04T05:17:15Z urn:sha1:8e96e3b7b8407be794ab1fd8e4b332818a358e78 Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> fs: reduce the use of module.h wherever possible 2012-02-29T00:31:58Z Paul Gortmaker paul.gortmaker@windriver.com 2011-11-17T04:57:37Z urn:sha1:630d9c47274aa89bfa77fe6556d7818bdcb12992 For files only using THIS_MODULE and/or EXPORT_SYMBOL, map them onto including export.h -- or if the file isn't even using those, then just delete the include. Fix up any implicit include dependencies that were being masked by module.h along the way. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> switch is_sxid() to umode_t 2012-01-04T03:55:11Z Al Viro viro@zeniv.linux.org.uk 2011-07-25T03:21:59Z urn:sha1:8d334acdd2c1f57c7a574c6f24d08e4c95582ff0 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Merge branch 'next-evm' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6 into next 2011-08-09T00:31:03Z James Morris jmorris@namei.org 2011-08-09T00:31:03Z urn:sha1:5a2f3a02aea164f4f59c0c3497772090a411b462 Conflicts: fs/attr.c Resolve conflict manually. Signed-off-by: James Morris <jmorris@namei.org> fs: move inode_dio_wait calls into ->setattr 2011-07-21T00:47:47Z Christoph Hellwig hch@infradead.org 2011-06-24T18:29:45Z urn:sha1:562c72aa57c36b178eacc3500a0215651eca9429 Let filesystems handle waiting for direct I/O requests themselves instead of doing it beforehand. This means filesystem-specific locks to prevent new dio referenes from appearing can be held. This is important to allow generalizing i_dio_count to non-DIO_LOCKING filesystems. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> fs: kill i_alloc_sem 2011-07-21T00:47:46Z Christoph Hellwig hch@infradead.org 2011-06-24T18:29:43Z urn:sha1:bd5fe6c5eb9c548d7f07fe8f89a150bb6705e8e3 i_alloc_sem is a rather special rw_semaphore. It's the last one that may be released by a non-owner, and it's write side is always mirrored by real exclusion. It's intended use it to wait for all pending direct I/O requests to finish before starting a truncate. Replace it with a hand-grown construct: - exclusion for truncates is already guaranteed by i_mutex, so it can simply fall way - the reader side is replaced by an i_dio_count member in struct inode that counts the number of pending direct I/O requests. Truncate can't proceed as long as it's non-zero - when i_dio_count reaches non-zero we wake up a pending truncate using wake_up_bit on a new bit in i_flags - new references to i_dio_count can't appear while we are waiting for it to read zero because the direct I/O count always needs i_mutex (or an equivalent like XFS's i_iolock) for starting a new operation. This scheme is much simpler, and saves the space of a spinlock_t and a struct list_head in struct inode (typically 160 bits on a non-debug 64-bit system). Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>