--- linux-2.6.18.2/fs/attr.c 2006-04-09 13:49:53 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/attr.c 2006-09-25 15:40:02 +0200 @@ -79,6 +106,8 @@ int inode_setattr(struct inode * inode, inode->i_uid = attr->ia_uid; if (ia_valid & ATTR_GID) inode->i_gid = attr->ia_gid; + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode)) + inode->i_tag = attr->ia_tag; if (ia_valid & ATTR_ATIME) inode->i_atime = timespec_trunc(attr->ia_atime, inode->i_sb->s_time_gran); --- linux-2.6.18.2/fs/ext2/inode.c 2006-09-20 16:58:34 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/ext2/inode.c 2006-11-04 08:24:09 +0100 @@ -1174,8 +1225,8 @@ static int ext2_update_inode(struct inod struct ext2_inode_info *ei = EXT2_I(inode); struct super_block *sb = inode->i_sb; ino_t ino = inode->i_ino; - uid_t uid = inode->i_uid; - gid_t gid = inode->i_gid; + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag); + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag); struct buffer_head * bh; struct ext2_inode * raw_inode = ext2_get_inode(sb, ino, &bh); int n; --- linux-2.6.18.2/fs/ext2/inode.c 2006-09-20 16:58:34 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/ext2/inode.c 2006-11-04 08:24:09 +0100 @@ -1296,7 +1350,8 @@ int ext2_setattr(struct dentry *dentry, if (error) return error; if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) || - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) { + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) || + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) { error = DQUOT_TRANSFER(inode, iattr) ? -EDQUOT : 0; if (error) return error; --- linux-2.6.18.2/fs/ext3/inode.c 2006-09-20 16:58:34 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/ext3/inode.c 2006-11-04 08:15:22 +0100 @@ -2915,7 +2986,8 @@ int ext3_setattr(struct dentry *dentry, return error; if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) || - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) { + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) || + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) { handle_t *handle; /* (user+group)*(old+new) structure, inode write (sb, --- linux-2.6.18.2/fs/ext3/inode.c 2006-09-20 16:58:34 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/ext3/inode.c 2006-11-04 08:15:22 +0100 @@ -2937,6 +3009,8 @@ int ext3_setattr(struct dentry *dentry, inode->i_uid = attr->ia_uid; if (attr->ia_valid & ATTR_GID) inode->i_gid = attr->ia_gid; + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode)) + inode->i_tag = attr->ia_tag; error = ext3_mark_inode_dirty(handle, inode); ext3_journal_stop(handle); } --- linux-2.6.18.2/fs/inode.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/inode.c 2006-10-29 02:50:41 +0100 @@ -115,6 +115,9 @@ static struct inode *alloc_inode(struct struct address_space * const mapping = &inode->i_data; inode->i_sb = sb; + + /* essential because of inode slab reuse */ + inode->i_tag = 0; inode->i_blkbits = sb->s_blocksize_bits; inode->i_flags = 0; atomic_set(&inode->i_count, 1); --- linux-2.6.18.2/fs/jfs/acl.c 2006-06-18 04:54:36 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/jfs/acl.c 2006-09-25 15:40:02 +0200 @@ -232,7 +232,8 @@ int jfs_setattr(struct dentry *dentry, s return rc; if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) || - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) { + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) || + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) { if (DQUOT_TRANSFER(inode, iattr)) return -EDQUOT; } --- linux-2.6.18.2/fs/jfs/jfs_filsys.h 2005-10-28 20:49:44 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/jfs/jfs_filsys.h 2006-09-25 15:40:02 +0200 @@ -84,6 +84,7 @@ #define JFS_DIR_INDEX 0x00200000 /* Persistant index for */ /* directory entries */ +#define JFS_TAGGED 0x00800000 /* Context Tagging */ /* * buffer cache configuration --- linux-2.6.18.2/fs/namei.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namei.c 2006-11-04 08:24:09 +0100 @@ -256,6 +286,8 @@ int permission(struct inode *inode, int /* Ordinary permission routines do not understand MAY_APPEND. */ submask = mask & ~MAY_APPEND; + if ((retval = dx_permission(inode, mask, nd))) + return retval; if (inode->i_op && inode->i_op->permission) retval = inode->i_op->permission(inode, submask, nd); else --- linux-2.6.18.2/fs/namei.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namei.c 2006-11-04 08:24:09 +0100 @@ -410,6 +442,8 @@ static int exec_permission_lite(struct i { umode_t mode = inode->i_mode; + if (dx_barrier(inode)) + return -EACCES; if (inode->i_op && inode->i_op->permission) return -EAGAIN; --- linux-2.6.18.2/fs/namei.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namei.c 2006-11-04 08:24:09 +0100 @@ -759,6 +806,12 @@ ***** path->dentry = dentry; __follow_mount(path); return 0; +hidden: + vxwprintk(1, "xid=%d did lookup hidden %p[#%d,%lu] »%s«.", + vx_current_xid(), inode, inode->i_tag, inode->i_ino, + vxd_path(dentry, mnt)); + dput(dentry); + return -ENOENT; need_lookup: dentry = real_lookup(nd->dentry, name, nd); --- linux-2.6.18.2/fs/open.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/open.c 2006-11-04 08:24:09 +0100 @@ -715,7 +725,7 @@ static int chown_common(struct dentry * newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { newattrs.ia_valid |= ATTR_UID; - newattrs.ia_uid = user; + newattrs.ia_uid = dx_map_uid(user); } if (group != (gid_t) -1) { newattrs.ia_valid |= ATTR_GID; --- linux-2.6.18.2/fs/open.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/open.c 2006-11-04 08:24:09 +0100 @@ -719,7 +729,7 @@ ***** } if (group != (gid_t) -1) { newattrs.ia_valid |= ATTR_GID; - newattrs.ia_gid = group; + newattrs.ia_gid = dx_map_gid(group); } if (!S_ISDIR(inode->i_mode)) newattrs.ia_valid |= ATTR_KILL_SUID|ATTR_KILL_SGID; --- linux-2.6.18.2/fs/reiserfs/inode.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/reiserfs/inode.c 2006-09-25 15:40:02 +0200 @@ -2983,6 +3037,9 @@ int reiserfs_setattr(struct dentry *dent inode->i_uid = attr->ia_uid; if (attr->ia_valid & ATTR_GID) inode->i_gid = attr->ia_gid; + if ((attr->ia_valid & ATTR_TAG) && + IS_TAGGED(inode)) + inode->i_tag = attr->ia_tag; mark_inode_dirty(inode); error = journal_end(&th, inode->i_sb, jbegin_count); --- linux-2.6.18.2/fs/stat.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/stat.c 2006-09-25 15:40:02 +0200 @@ -26,6 +26,7 @@ void generic_fillattr(struct inode *inod stat->nlink = inode->i_nlink; stat->uid = inode->i_uid; stat->gid = inode->i_gid; + stat->tag = inode->i_tag; stat->rdev = inode->i_rdev; stat->atime = inode->i_atime; stat->mtime = inode->i_mtime; --- linux-2.6.18.2/fs/xfs/linux-2.6/xfs_iops.c 2006-09-20 16:58:39 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/linux-2.6/xfs_iops.c 2006-09-25 15:40:02 +0200 @@ -652,6 +658,10 @@ xfs_vn_setattr( vattr.va_mask |= XFS_AT_GID; vattr.va_gid = attr->ia_gid; } + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode)) { + vattr.va_mask |= XFS_AT_TAG; + vattr.va_tag = attr->ia_tag; + } if (ia_valid & ATTR_SIZE) { vattr.va_mask |= XFS_AT_SIZE; vattr.va_size = attr->ia_size; --- linux-2.6.18.2/fs/xfs/linux-2.6/xfs_vnode.h 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/linux-2.6/xfs_vnode.h 2006-09-25 15:40:02 +0200 @@ -400,6 +401,7 @@ typedef struct bhv_vattr { #define XFS_AT_PROJID 0x04000000 #define XFS_AT_SIZE_NOPERM 0x08000000 #define XFS_AT_GENCOUNT 0x10000000 +#define XFS_AT_TAG 0x20000000 #define XFS_AT_ALL (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\ XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\ --- linux-2.6.18.2/fs/xfs/linux-2.6/xfs_vnode.h 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/linux-2.6/xfs_vnode.h 2006-09-25 15:40:02 +0200 @@ -406,7 +408,8 @@ ***** XFS_AT_ATIME|XFS_AT_MTIME|XFS_AT_CTIME|XFS_AT_RDEV|\ XFS_AT_BLKSIZE|XFS_AT_NBLOCKS|XFS_AT_VCODE|XFS_AT_MAC|\ XFS_AT_ACL|XFS_AT_CAP|XFS_AT_INF|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|\ - XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT) + XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT\ + XFS_AT_TAG) #define XFS_AT_STAT (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\ XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\ --- linux-2.6.18.2/fs/xfs/xfs_clnt.h 2006-06-18 04:54:50 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_clnt.h 2006-09-25 15:40:02 +0200 @@ -99,5 +99,7 @@ struct xfs_mount_args { */ #define XFSMNT2_COMPAT_IOSIZE 0x00000001 /* don't report large preferred * I/O size in stat(2) */ +#define XFSMNT2_TAGGED 0x80000000 /* context tagging */ + #endif /* __XFS_CLNT_H__ */ --- linux-2.6.18.2/fs/xfs/xfs_mount.h 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_mount.h 2006-09-25 15:40:02 +0200 @@ -460,6 +460,7 @@ typedef struct xfs_mount { #define XFS_MOUNT_NO_PERCPU_SB (1ULL << 23) /* don't use per-cpu superblock counters */ +#define XFS_MOUNT_TAGGED (1ULL << 31) /* context tagging */ /* * Default minimum read and write sizes. --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -160,6 +160,7 @@ xfs_getattr( vap->va_mode = ip->i_d.di_mode; vap->va_uid = ip->i_d.di_uid; vap->va_gid = ip->i_d.di_gid; + vap->va_tag = ip->i_d.di_tag; vap->va_projid = ip->i_d.di_projid; /* --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -260,6 +261,7 @@ xfs_setattr( uint commit_flags=0; uid_t uid=0, iuid=0; gid_t gid=0, igid=0; + tag_t tag=0, itag=0; int timeflags = 0; bhv_vnode_t *vp; xfs_prid_t projid=0, iprojid=0; --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -316,6 +318,7 @@ xfs_setattr( (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID))) { uint qflags = 0; + /* FIXME: handle tagging? */ if ((mask & XFS_AT_UID) && XFS_IS_UQUOTA_ON(mp)) { uid = vap->va_uid; qflags |= XFS_QMOPT_UQUOTA; --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -395,6 +398,8 @@ xfs_setattr( if (mask & (XFS_AT_MODE|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|XFS_AT_UID| XFS_AT_GID|XFS_AT_PROJID)) { + /* FIXME: handle tagging? */ + /* * CAP_FOWNER overrides the following restrictions: * --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -443,7 +448,7 @@ xfs_setattr( * and can change the group id only to a group of which he * or she is a member. */ - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) { + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) { /* * These IDs could have changed since we last looked at them. * But, we're assured that if the ownership did change --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -482,6 +489,7 @@ xfs_setattr( if ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) || (XFS_IS_PQUOTA_ON(mp) && iprojid != projid) || (XFS_IS_GQUOTA_ON(mp) && igid != gid)) { + /* FIXME: handle tagging? */ ASSERT(tp); code = XFS_QM_DQVOPCHOWNRESV(mp, tp, ip, udqp, gdqp, capable(CAP_FOWNER) ? --- linux-2.6.18.2/fs/xfs/xfs_vnodeops.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/xfs_vnodeops.c 2006-09-25 15:40:02 +0200 @@ -707,7 +715,7 @@ xfs_setattr( * and can change the group id only to a group of which he * or she is a member. */ - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) { + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) { /* * CAP_FSETID overrides the following restrictions: * --- linux-2.6.18.2/include/linux/ext2_fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/ext2_fs.h 2006-11-04 08:24:09 +0100 @@ -313,8 +321,9 @@ struct ext2_inode { #define EXT2_MOUNT_XATTR_USER 0x004000 /* Extended user attributes */ #define EXT2_MOUNT_POSIX_ACL 0x008000 /* POSIX Access Control Lists */ #define EXT2_MOUNT_XIP 0x010000 /* Execute in place */ -#define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */ -#define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */ +#define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */ +#define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */ +#define EXT2_MOUNT_TAGGED (1<<24) /* Enable Context Tags */ #define clear_opt(o, opt) o &= ~EXT2_MOUNT_##opt --- linux-2.6.18.2/include/linux/ext3_fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/ext3_fs.h 2006-09-25 15:40:02 +0200 @@ -371,6 +382,7 @@ struct ext3_inode { #define EXT3_MOUNT_QUOTA 0x80000 /* Some quota option set */ #define EXT3_MOUNT_USRQUOTA 0x100000 /* "old" user quota */ #define EXT3_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */ +#define EXT3_MOUNT_TAGGED (1<<24) /* Enable Context Tags */ /* Compatibility, for having both ext2_fs.h and ext3_fs.h included at once */ #ifndef _LINUX_EXT2_FS_H --- linux-2.6.18.2/include/linux/fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/fs.h 2006-11-01 01:01:33 +0100 @@ -119,6 +119,8 @@ extern int dir_notify_enable; #define MS_PRIVATE (1<<18) /* change to private */ #define MS_SLAVE (1<<19) /* change to slave */ #define MS_SHARED (1<<20) /* change to shared */ +#define MS_TAGGED (1<<24) /* use generic inode tagging */ +#define MS_TAGID (1<<25) /* use specific tag for this mount */ #define MS_ACTIVE (1<<30) #define MS_NOUSER (1<<31) --- linux-2.6.18.2/include/linux/fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/fs.h 2006-11-01 01:01:33 +0100 @@ -280,6 +296,7 @@ typedef void (dio_iodone_t)(struct kiocb #define ATTR_KILL_SUID 2048 #define ATTR_KILL_SGID 4096 #define ATTR_FILE 8192 +#define ATTR_TAG 16384 /* * This is the Inode Attributes structure, used for notify_change(). It --- linux-2.6.18.2/include/linux/fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/fs.h 2006-11-01 01:01:33 +0100 @@ -295,6 +312,7 @@ struct iattr { umode_t ia_mode; uid_t ia_uid; gid_t ia_gid; + tag_t ia_tag; loff_t ia_size; struct timespec ia_atime; struct timespec ia_mtime; --- linux-2.6.18.2/include/linux/fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/fs.h 2006-11-01 01:01:33 +0100 @@ -505,6 +526,7 @@ struct inode { unsigned int i_nlink; uid_t i_uid; gid_t i_gid; + tag_t i_tag; dev_t i_rdev; loff_t i_size; struct timespec i_atime; --- linux-2.6.18.2/include/linux/fs.h 2006-09-20 16:58:43 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/fs.h 2006-11-01 01:01:33 +0100 @@ -687,6 +712,7 @@ struct file { struct fown_struct f_owner; unsigned int f_uid, f_gid; struct file_ra_state f_ra; + xid_t f_xid; unsigned long f_version; void *f_security; --- linux-2.6.18.2/include/linux/reiserfs_fs_sb.h 2006-02-18 14:40:35 +0100 +++ linux-2.6.18.2-vs2.1.1/include/linux/reiserfs_fs_sb.h 2006-09-25 15:40:02 +0200 @@ -456,6 +456,7 @@ enum reiserfs_mount_options { REISERFS_POSIXACL, REISERFS_BARRIER_NONE, REISERFS_BARRIER_FLUSH, + REISERFS_TAGGED, /* Actions on error */ REISERFS_ERROR_PANIC, --- linux-2.6.18.2/include/linux/stat.h 2006-06-18 04:55:25 +0200 +++ linux-2.6.18.2-vs2.1.1/include/linux/stat.h 2006-09-25 15:40:02 +0200 @@ -63,6 +63,7 @@ struct kstat { unsigned int nlink; uid_t uid; gid_t gid; + tag_t tag; dev_t rdev; loff_t size; struct timespec atime; --- linux-2.6.18.2/include/linux/vs_tag.h 1970-01-01 01:00:00 +0100 +++ linux-2.6.18.2-vs2.1.1/include/linux/vs_tag.h 2006-09-25 15:40:02 +0200 @@ -0,0 +1,45 @@ +#ifndef _VX_VS_TAG_H +#define _VX_VS_TAG_H + +#include +#include + +/* check conditions */ + +#define DX_ADMIN 0x0001 +#define DX_WATCH 0x0002 +#define DX_HOSTID 0x0008 + +#define DX_IDENT 0x0010 + +#define DX_ARG_MASK 0x0010 + + +#define dx_task_tag(t) ((t)->xid) + +#define dx_current_tag() dx_task_tag(current) + +#define dx_check(c,m) __dx_check(dx_current_tag(),c,m) + +#define dx_weak_check(c,m) ((m) ? dx_check(c,m) : 1) + + +/* + * check current context for ADMIN/WATCH and + * optionally against supplied argument + */ +static inline int __dx_check(tag_t cid, tag_t id, unsigned int mode) +{ + if (mode & DX_ARG_MASK) { + if ((mode & DX_IDENT) && + (id == cid)) + return 1; + } + return (((mode & DX_ADMIN) && (cid == 0)) || + ((mode & DX_WATCH) && (cid == 1)) || + ((mode & DX_HOSTID) && (id == 0))); +} + +#else +#warning duplicate inclusion +#endif --- linux-2.6.18.2/include/linux/vserver/tag.h 1970-01-01 01:00:00 +0100 +++ linux-2.6.18.2-vs2.1.1/include/linux/vserver/tag.h 2006-09-25 15:40:02 +0200 @@ -0,0 +1,153 @@ +#ifndef _DX_TAG_H +#define _DX_TAG_H + + +#define DX_TAG(in) (IS_TAGGED(in)) + + +#ifdef CONFIG_DX_TAG_NFSD +#define DX_TAG_NFSD 1 +#else +#define DX_TAG_NFSD 0 +#endif + + +#ifdef CONFIG_TAGGING_NONE + +#define MAX_UID 0xFFFFFFFF +#define MAX_GID 0xFFFFFFFF + +#define INOTAG_TAG(cond, uid, gid, tag) (0) + +#define TAGINO_UID(cond, uid, tag) (uid) +#define TAGINO_GID(cond, gid, tag) (gid) + +#endif + + +#ifdef CONFIG_TAGGING_GID16 + +#define MAX_UID 0xFFFFFFFF +#define MAX_GID 0x0000FFFF + +#define INOTAG_TAG(cond, uid, gid, tag) \ + ((cond) ? (((gid) >> 16) & 0xFFFF) : 0) + +#define TAGINO_UID(cond, uid, tag) (uid) +#define TAGINO_GID(cond, gid, tag) \ + ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid)) + +#endif + + +#ifdef CONFIG_TAGGING_ID24 + +#define MAX_UID 0x00FFFFFF +#define MAX_GID 0x00FFFFFF + +#define INOTAG_TAG(cond, uid, gid, tag) \ + ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0) + +#define TAGINO_UID(cond, uid, tag) \ + ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid)) +#define TAGINO_GID(cond, gid, tag) \ + ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid)) + +#endif + + +#ifdef CONFIG_TAGGING_UID16 + +#define MAX_UID 0x0000FFFF +#define MAX_GID 0xFFFFFFFF + +#define INOTAG_TAG(cond, uid, gid, tag) \ + ((cond) ? (((uid) >> 16) & 0xFFFF) : 0) + +#define TAGINO_UID(cond, uid, tag) \ + ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid)) +#define TAGINO_GID(cond, gid, tag) (gid) + +#endif + + +#ifdef CONFIG_TAGGING_INTERN + +#define MAX_UID 0xFFFFFFFF +#define MAX_GID 0xFFFFFFFF + +#define INOTAG_TAG(cond, uid, gid, tag) \ + ((cond) ? (tag) : 0) + +#define TAGINO_UID(cond, uid, tag) (uid) +#define TAGINO_GID(cond, gid, tag) (gid) + +#endif + + +#ifdef CONFIG_TAGGING_RUNTIME + +#define MAX_UID 0xFFFFFFFF +#define MAX_GID 0xFFFFFFFF + +#define INOTAG_TAG(cond, uid, gid, tag) (0) + +#define TAGINO_UID(cond, uid, tag) (uid) +#define TAGINO_GID(cond, gid, tag) (gid) + +#endif + + +#ifndef CONFIG_TAGGING_NONE +#define dx_current_fstag(sb) \ + ((sb)->s_flags & MS_TAGGED ? dx_current_tag(): 0) +#else +#define dx_current_fstag(sb) (0) +#endif + +#ifndef CONFIG_TAGGING_INTERN +#define TAGINO_TAG(cond, tag) (0) +#else +#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0) +#endif + +#define INOTAG_UID(cond, uid, gid) \ + ((cond) ? ((uid) & MAX_UID) : (uid)) +#define INOTAG_GID(cond, uid, gid) \ + ((cond) ? ((gid) & MAX_GID) : (gid)) + + +static inline uid_t dx_map_uid(uid_t uid) +{ + if ((uid > MAX_UID) && (uid != -1)) + uid = -2; + return (uid & MAX_UID); +} + +static inline gid_t dx_map_gid(gid_t gid) +{ + if ((gid > MAX_GID) && (gid != -1)) + gid = -2; + return (gid & MAX_GID); +} + + +#ifdef CONFIG_VSERVER_LEGACY +#define FIOC_GETTAG _IOR('x', 1, long) +#define FIOC_SETTAG _IOW('x', 2, long) +#define FIOC_SETTAGJ _IOW('x', 3, long) +#endif + +#ifdef CONFIG_PROPAGATE + +int dx_parse_tag(char *string, tag_t *tag, int remove); + +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode); + +#define dx_propagate_tag(n,i) __dx_propagate_tag(n,i) + +#else +#define dx_propagate_tag(n,i) do { } while (0) +#endif + +#endif /* _DX_TAG_H */