Binary files linux-2.4.20-pre11-ctx14/core and linux-2.4.20-pre11-ctx14.quota/core differ diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/attr.c linux-2.4.20-pre11-ctx14.quota/fs/attr.c --- linux-2.4.20-pre11-ctx14/fs/attr.c Mon Feb 25 20:38:07 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/attr.c Mon Oct 28 18:09:59 2002 @@ -20,26 +20,37 @@ { int retval = -EPERM; unsigned int ia_valid = attr->ia_valid; + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); /* If force is set do it anyway. */ if (ia_valid & ATTR_FORCE) goto fine; + /* Make sure a caller can chcontext. */ + if ((ia_valid & ATTR_CTX) && (context_mismatch || + attr->ia_context != inode->i_context) && + !capable(CAP_CHCTX)) + goto error; + /* Make sure a caller can chown. */ if ((ia_valid & ATTR_UID) && (current->fsuid != inode->i_uid || - attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN)) + attr->ia_uid != inode->i_uid || context_mismatch) && + !capable(CAP_CHOWN)) goto error; /* Make sure caller can chgrp. */ if ((ia_valid & ATTR_GID) && - (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) && + (!in_group_p(attr->ia_gid) && (context_mismatch || + attr->ia_gid != inode->i_gid)) && !capable(CAP_CHOWN)) goto error; /* Make sure a caller can chmod. */ if (ia_valid & ATTR_MODE) { - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if (((current->fsuid != inode->i_uid) || + context_mismatch) && !capable(CAP_FOWNER)) goto error; /* Also check the setgid bit! */ if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid : @@ -49,7 +60,8 @@ /* Check for setting the inode time. */ if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) { - if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) + if (((current->fsuid != inode->i_uid) || + context_mismatch) && !capable(CAP_FOWNER)) goto error; } fine: @@ -71,6 +83,8 @@ if (ia_valid & ATTR_UID) inode->i_uid = attr->ia_uid; + if (ia_valid & ATTR_CTX) + inode->i_context = attr->ia_context; if (ia_valid & ATTR_GID) inode->i_gid = attr->ia_gid; if (ia_valid & ATTR_ATIME) @@ -95,6 +109,8 @@ if (ia_valid & ATTR_UID) dn_mask |= DN_ATTRIB; + if (ia_valid & ATTR_CTX) + dn_mask |= DN_ATTRIB; if (ia_valid & ATTR_GID) dn_mask |= DN_ATTRIB; if (ia_valid & ATTR_SIZE) @@ -134,6 +150,7 @@ error = inode_change_ok(inode, attr); if (!error) { if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) || + (ia_valid & ATTR_CTX && attr->ia_context != inode->i_context) || (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) error = DQUOT_TRANSFER(inode, attr) ? -EDQUOT : 0; if (!error) diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/binfmt_misc.c linux-2.4.20-pre11-ctx14.quota/fs/binfmt_misc.c --- linux-2.4.20-pre11-ctx14/fs/binfmt_misc.c Sat Aug 3 02:39:45 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/binfmt_misc.c Mon Oct 28 18:09:59 2002 @@ -377,6 +377,7 @@ if (inode) { inode->i_mode = mode; inode->i_uid = 0; + inode->i_context = 0; inode->i_gid = 0; inode->i_blksize = PAGE_CACHE_SIZE; inode->i_blocks = 0; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/block_dev.c linux-2.4.20-pre11-ctx14.quota/fs/block_dev.c --- linux-2.4.20-pre11-ctx14/fs/block_dev.c Sat Aug 3 02:39:45 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/block_dev.c Mon Oct 28 18:09:59 2002 @@ -225,7 +225,7 @@ if (!root) return NULL; root->i_mode = S_IFDIR | S_IRUSR | S_IWUSR; - root->i_uid = root->i_gid = 0; + root->i_uid = root->i_gid = root->i_context = 0; root->i_atime = root->i_mtime = root->i_ctime = CURRENT_TIME; sb->s_maxbytes = ~0ULL; sb->s_blocksize = 1024; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/devpts/inode.c linux-2.4.20-pre11-ctx14.quota/fs/devpts/inode.c --- linux-2.4.20-pre11-ctx14/fs/devpts/inode.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/devpts/inode.c Mon Oct 28 18:09:59 2002 @@ -183,7 +183,7 @@ static int devpts_tty_permission(struct inode *inode, int mask) { int ret = -EACCES; - if (current->s_context == inode->u.devpts_i.s_context){ + if (current->s_context == inode->i_context){ ret = vfs_permission(inode, mask); } return ret; @@ -211,7 +211,7 @@ inode->i_uid = sbi->setuid ? sbi->uid : current->fsuid; inode->i_gid = sbi->setgid ? sbi->gid : current->fsgid; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; - inode->u.devpts_i.s_context = current->s_context; + inode->i_context = current->s_context; inode->i_op = &devpts_tty_inode_operations; init_special_inode(inode, S_IFCHR|sbi->mode, kdev_t_to_nr(device)); diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/devpts/root.c linux-2.4.20-pre11-ctx14.quota/fs/devpts/root.c --- linux-2.4.20-pre11-ctx14/fs/devpts/root.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/devpts/root.c Mon Oct 28 18:09:59 2002 @@ -68,7 +68,7 @@ struct inode *inode = sbi->inodes[ptynr]; if ( inode != NULL && (current->s_context == 1 - || inode->u.devpts_i.s_context == current->s_context)) { + || inode->i_context == current->s_context)) { genptsname(numbuf, ptynr); if ( filldir(dirent, numbuf, strlen(numbuf), nr, nr, DT_CHR) < 0 ) return 0; @@ -133,7 +133,7 @@ inode = sbi->inodes[entry]; if (inode != NULL - && inode->u.devpts_i.s_context == current->s_context){ + && inode->i_context == current->s_context){ atomic_inc(&inode->i_count); }else{ inode = NULL; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/dquot.c linux-2.4.20-pre11-ctx14.quota/fs/dquot.c --- linux-2.4.20-pre11-ctx14/fs/dquot.c Sat Aug 3 02:39:45 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/dquot.c Mon Oct 28 18:09:59 2002 @@ -676,6 +676,8 @@ return current->fsuid == dquot->dq_id && !(dquot->dq_flags & flag); case GRPQUOTA: return in_group_p(dquot->dq_id) && !(dquot->dq_flags & flag); + case CTXQUOTA: + return current->s_context == dquot->dq_id && !(dquot->dq_flags & flag); } return 0; } @@ -970,10 +972,15 @@ if (inode->i_dquot[cnt] == NODQUOT) { switch (cnt) { case USRQUOTA: - id = inode->i_uid; + id = inode->i_uid ^ + (inode->i_context << 16); break; case GRPQUOTA: - id = inode->i_gid; + id = inode->i_gid ^ + (inode->i_context << 16); + break; + case CTXQUOTA: + id = inode->i_context; break; } dquot[cnt] = dqget(inode->i_sb, id, cnt); @@ -1137,7 +1144,9 @@ unsigned long blocks; struct dquot *transfer_from[MAXQUOTAS]; struct dquot *transfer_to[MAXQUOTAS]; - int cnt, ret = NO_QUOTA, chuid = (iattr->ia_valid & ATTR_UID) && inode->i_uid != iattr->ia_uid, + int cnt, ret = NO_QUOTA, + chuid = (iattr->ia_valid & ATTR_UID) && inode->i_uid != iattr->ia_uid, + chctx = (iattr->ia_valid & ATTR_CTX) && inode->i_context != iattr->ia_context, chgid = (iattr->ia_valid & ATTR_GID) && inode->i_gid != iattr->ia_gid; char warntype[MAXQUOTAS]; @@ -1161,6 +1170,11 @@ continue; transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_gid, cnt); break; + case CTXQUOTA: + if (!chctx) + continue; + transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_context, cnt); + break; } } /* NOBLOCK START: From now on we shouldn't block */ @@ -1402,7 +1416,8 @@ break; case Q_GETQUOTA: if (((type == USRQUOTA && current->euid != id) || - (type == GRPQUOTA && !in_egroup_p(id))) && + (type == GRPQUOTA && (!in_egroup_p(id))) || + (type == CTXQUOTA && current->s_context != id)) && !capable(CAP_SYS_ADMIN)) goto out; break; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext2/ialloc.c linux-2.4.20-pre11-ctx14.quota/fs/ext2/ialloc.c --- linux-2.4.20-pre11-ctx14/fs/ext2/ialloc.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext2/ialloc.c Mon Oct 28 18:09:59 2002 @@ -371,6 +371,7 @@ mark_buffer_dirty(sb->u.ext2_sb.s_sbh); sb->s_dirt = 1; inode->i_uid = current->fsuid; + inode->i_context = current->s_context; if (test_opt (sb, GRPID)) inode->i_gid = dir->i_gid; else if (dir->i_mode & S_ISGID) { diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext2/inode.c linux-2.4.20-pre11-ctx14.quota/fs/ext2/inode.c --- linux-2.4.20-pre11-ctx14/fs/ext2/inode.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext2/inode.c Mon Oct 28 18:09:59 2002 @@ -929,8 +929,9 @@ inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low); inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low); if(!(test_opt (inode->i_sb, NO_UID32))) { - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16; + // inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16; inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16; + inode->i_context = le16_to_cpu(raw_inode->i_uid_high); } inode->i_nlink = le16_to_cpu(raw_inode->i_links_count); inode->i_size = le32_to_cpu(raw_inode->i_size); @@ -1080,8 +1081,9 @@ * re-used with the upper 16 bits of the uid/gid intact */ if(!inode->u.ext2_i.i_dtime) { - raw_inode->i_uid_high = cpu_to_le16(high_16_bits(inode->i_uid)); + // raw_inode->i_uid_high = cpu_to_le16(high_16_bits(inode->i_uid)); raw_inode->i_gid_high = cpu_to_le16(high_16_bits(inode->i_gid)); + raw_inode->i_uid_high = cpu_to_le16(low_16_bits(inode->i_context)); } else { raw_inode->i_uid_high = 0; raw_inode->i_gid_high = 0; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext2/ioctl.c linux-2.4.20-pre11-ctx14.quota/fs/ext2/ioctl.c --- linux-2.4.20-pre11-ctx14/fs/ext2/ioctl.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext2/ioctl.c Mon Oct 28 18:09:59 2002 @@ -17,6 +17,8 @@ unsigned long arg) { unsigned int flags; + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); ext2_debug ("cmd = %u, arg = %lu\n", cmd, arg); @@ -33,6 +35,9 @@ if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EACCES; + if (context_mismatch && !capable(CAP_FOWNER)) /* fixme CONTEXT */ + return -EPERM; + if (get_user(flags, (int *) arg)) return -EFAULT; @@ -84,6 +89,8 @@ return put_user(inode->i_generation, (int *) arg); case EXT2_IOC_SETVERSION: if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + return -EPERM; + if (context_mismatch && !capable(CAP_FOWNER)) /* fixme CONTEXT */ return -EPERM; if (IS_RDONLY(inode)) return -EROFS; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext2/super.c linux-2.4.20-pre11-ctx14.quota/fs/ext2/super.c --- linux-2.4.20-pre11-ctx14/fs/ext2/super.c Mon Oct 28 14:29:02 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext2/super.c Mon Oct 28 18:09:59 2002 @@ -272,7 +272,8 @@ else if (!strcmp (this_char, "grpquota") || !strcmp (this_char, "noquota") || !strcmp (this_char, "quota") - || !strcmp (this_char, "usrquota")) + || !strcmp (this_char, "usrquota") + || !strcmp (this_char, "ctxquota")) /* Don't do anything ;-) */ ; else { printk ("EXT2-fs: Unrecognized mount option %s\n", this_char); diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext3/ialloc.c linux-2.4.20-pre11-ctx14.quota/fs/ext3/ialloc.c --- linux-2.4.20-pre11-ctx14/fs/ext3/ialloc.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext3/ialloc.c Mon Oct 28 18:09:59 2002 @@ -468,6 +468,8 @@ if (err) goto fail; inode->i_uid = current->fsuid; + inode->i_context = current->s_context; + printk("ext3_new_inode: context = %d\n", inode->i_context); if (test_opt (sb, GRPID)) inode->i_gid = dir->i_gid; else if (dir->i_mode & S_ISGID) { diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext3/inode.c linux-2.4.20-pre11-ctx14.quota/fs/ext3/inode.c --- linux-2.4.20-pre11-ctx14/fs/ext3/inode.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext3/inode.c Mon Oct 28 18:09:59 2002 @@ -2075,9 +2075,11 @@ inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low); inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low); if(!(test_opt (inode->i_sb, NO_UID32))) { - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16; + // inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16; inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16; + inode->i_context = le16_to_cpu(raw_inode->i_uid_high); } + inode->i_nlink = le16_to_cpu(raw_inode->i_links_count); inode->i_size = le32_to_cpu(raw_inode->i_size); inode->i_atime = le32_to_cpu(raw_inode->i_atime); @@ -2212,8 +2214,10 @@ * re-used with the upper 16 bits of the uid/gid intact */ if(!inode->u.ext3_i.i_dtime) { + /* raw_inode->i_uid_high = + cpu_to_le16(high_16_bits(inode->i_uid)); */ raw_inode->i_uid_high = - cpu_to_le16(high_16_bits(inode->i_uid)); + cpu_to_le16(low_16_bits(inode->i_context)); raw_inode->i_gid_high = cpu_to_le16(high_16_bits(inode->i_gid)); } else { @@ -2382,6 +2386,7 @@ return error; if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) || + (ia_valid & ATTR_CTX && attr->ia_context != inode->i_context) || (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) { error = DQUOT_TRANSFER(inode, attr) ? -EDQUOT : 0; if (error) diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext3/ioctl.c linux-2.4.20-pre11-ctx14.quota/fs/ext3/ioctl.c --- linux-2.4.20-pre11-ctx14/fs/ext3/ioctl.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext3/ioctl.c Mon Oct 28 18:09:59 2002 @@ -19,6 +19,8 @@ unsigned long arg) { unsigned int flags; + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); ext3_debug ("cmd = %u, arg = %lu\n", cmd, arg); @@ -39,6 +41,9 @@ if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EACCES; + if (context_mismatch && !capable(CAP_FOWNER)) /* fixme CONTEXT */ + return -EPERM; + if (get_user(flags, (int *) arg)) return -EFAULT; @@ -124,6 +129,8 @@ int err; if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + return -EPERM; + if (context_mismatch && !capable(CAP_FOWNER)) /* fixme CONTEXT */ return -EPERM; if (IS_RDONLY(inode)) return -EROFS; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/ext3/super.c linux-2.4.20-pre11-ctx14.quota/fs/ext3/super.c --- linux-2.4.20-pre11-ctx14/fs/ext3/super.c Mon Oct 28 14:29:02 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/ext3/super.c Mon Oct 28 18:09:59 2002 @@ -594,7 +594,8 @@ else if (!strcmp (this_char, "grpquota") || !strcmp (this_char, "noquota") || !strcmp (this_char, "quota") - || !strcmp (this_char, "usrquota")) + || !strcmp (this_char, "usrquota") + || !strcmp (this_char, "ctxquota")) /* Don't do anything ;-) */ ; else if (!strcmp (this_char, "journal")) { /* @@@ FIXME */ diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/locks.c linux-2.4.20-pre11-ctx14.quota/fs/locks.c --- linux-2.4.20-pre11-ctx14/fs/locks.c Mon Oct 28 14:29:02 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/locks.c Mon Oct 28 18:09:59 2002 @@ -1267,12 +1267,15 @@ struct dentry *dentry; struct inode *inode; int error, rdlease_count = 0, wrlease_count = 0; + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); dentry = filp->f_dentry; inode = dentry->d_inode; - if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE)) - return -EACCES; + if (((current->fsuid != inode->i_uid) || + context_mismatch) && !capable(CAP_LEASE)) + return -EACCES; /* fixme CONTEXT */ if (!S_ISREG(inode->i_mode)) return -EINVAL; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/namei.c linux-2.4.20-pre11-ctx14.quota/fs/namei.c --- linux-2.4.20-pre11-ctx14/fs/namei.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/namei.c Mon Oct 28 18:09:59 2002 @@ -176,11 +176,13 @@ return -EACCES; } - if (current->fsuid == inode->i_uid) - mode >>= 6; - else if (in_group_p(inode->i_gid)) - mode >>= 3; - + if (current->s_context == inode->i_context) { /* fixme CONTEXT */ + if (current->fsuid == inode->i_uid) + mode >>= 6; + else if (in_group_p(inode->i_gid)) + mode >>= 3; + } + /* * If the DACs are ok we don't need any capability check. */ @@ -877,9 +879,11 @@ { if (!(dir->i_mode & S_ISVTX)) return 0; - if (inode->i_uid == current->fsuid) + if ((inode->i_uid == current->fsuid) && + (inode->i_context == current->s_context)) return 0; - if (dir->i_uid == current->fsuid) + if ((dir->i_uid == current->fsuid) && + (dir->i_context == current->s_context)) return 0; return !capable(CAP_FOWNER); } diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/namespace.c linux-2.4.20-pre11-ctx14.quota/fs/namespace.c --- linux-2.4.20-pre11-ctx14/fs/namespace.c Mon Oct 28 14:29:02 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/namespace.c Mon Oct 28 18:09:59 2002 @@ -403,6 +403,9 @@ if (nd->dentry->d_inode->i_mode & S_ISVTX) { if (current->uid != nd->dentry->d_inode->i_uid) return -EPERM; + if (nd->dentry->d_inode->i_context != 0 && + current->s_context != nd->dentry->d_inode->i_context) + return -EPERM; /* fixme CONTEXT */ } if (permission(nd->dentry->d_inode, MAY_WRITE)) return -EPERM; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/open.c linux-2.4.20-pre11-ctx14.quota/fs/open.c --- linux-2.4.20-pre11-ctx14/fs/open.c Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/open.c Mon Oct 28 18:09:59 2002 @@ -280,7 +280,10 @@ newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET; } else { - if (current->fsuid != inode->i_uid && + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); + if (((current->fsuid != inode->i_uid) || + context_mismatch) && (error = permission(inode,MAY_WRITE)) != 0) goto dput_and_out; } @@ -325,7 +328,10 @@ newattrs.ia_mtime = times[1].tv_sec; newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET; } else { - if (current->fsuid != inode->i_uid && + int context_mismatch = (inode->i_context != 0) && + (current->s_context != inode->i_context); + if (((current->fsuid != inode->i_uid) || + context_mismatch) && (error = permission(inode,MAY_WRITE)) != 0) goto dput_and_out; } @@ -546,9 +552,16 @@ if (group == (gid_t) -1) group = inode->i_gid; newattrs.ia_mode = inode->i_mode; - newattrs.ia_uid = user; newattrs.ia_gid = group; newattrs.ia_valid = ATTR_UID | ATTR_GID | ATTR_CTIME; + if (current->s_context < 2) { /* fixme CONTEXT */ + newattrs.ia_context = user >> 16; + newattrs.ia_uid = user & ((1 << 16)-1); + newattrs.ia_valid |= ATTR_CTX; + } else { + newattrs.ia_context = inode->i_context; + newattrs.ia_uid = user; + } /* * If the user or group of a non-directory has been changed by a * non-root user, remove the setuid bit. diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/pipe.c linux-2.4.20-pre11-ctx14.quota/fs/pipe.c --- linux-2.4.20-pre11-ctx14/fs/pipe.c Mon Oct 28 14:29:02 2002 +++ linux-2.4.20-pre11-ctx14.quota/fs/pipe.c Mon Oct 28 18:09:59 2002 @@ -491,6 +491,7 @@ inode->i_state = I_DIRTY; inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR; inode->i_uid = current->fsuid; + inode->i_context = current->s_context; inode->i_gid = current->fsgid; inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; inode->i_blksize = PAGE_SIZE; @@ -608,7 +609,7 @@ if (!root) return NULL; root->i_mode = S_IFDIR | S_IRUSR | S_IWUSR; - root->i_uid = root->i_gid = 0; + root->i_uid = root->i_gid = root->i_context = 0; root->i_atime = root->i_mtime = root->i_ctime = CURRENT_TIME; sb->s_blocksize = 1024; sb->s_blocksize_bits = 10; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/fs/stat.c linux-2.4.20-pre11-ctx14.quota/fs/stat.c --- linux-2.4.20-pre11-ctx14/fs/stat.c Fri Sep 14 01:04:43 2001 +++ linux-2.4.20-pre11-ctx14.quota/fs/stat.c Mon Oct 28 18:09:59 2002 @@ -50,8 +50,13 @@ tmp.st_ino = inode->i_ino; tmp.st_mode = inode->i_mode; tmp.st_nlink = inode->i_nlink; - SET_OLDSTAT_UID(tmp, inode->i_uid); - SET_OLDSTAT_GID(tmp, inode->i_gid); + if (current->s_context < 2) { + SET_OLDSTAT_UID(tmp, inode->i_uid ^ (inode->i_context << 16)); + SET_OLDSTAT_GID(tmp, inode->i_gid ^ (inode->i_context << 16)); + } else { + SET_OLDSTAT_UID(tmp, inode->i_uid); + SET_OLDSTAT_GID(tmp, inode->i_gid); + } tmp.st_rdev = kdev_t_to_nr(inode->i_rdev); #if BITS_PER_LONG == 32 if (inode->i_size > MAX_NON_LFS) @@ -76,8 +81,13 @@ tmp.st_ino = inode->i_ino; tmp.st_mode = inode->i_mode; tmp.st_nlink = inode->i_nlink; - SET_STAT_UID(tmp, inode->i_uid); - SET_STAT_GID(tmp, inode->i_gid); + if (current->s_context < 2) { + SET_STAT_UID(tmp, inode->i_uid ^ (inode->i_context << 16)); + SET_STAT_GID(tmp, inode->i_gid ^ (inode->i_context << 16)); + } else { + SET_STAT_UID(tmp, inode->i_uid); + SET_STAT_GID(tmp, inode->i_gid); + } tmp.st_rdev = kdev_t_to_nr(inode->i_rdev); #if BITS_PER_LONG == 32 if (inode->i_size > MAX_NON_LFS) @@ -283,8 +293,13 @@ #endif tmp.st_mode = inode->i_mode; tmp.st_nlink = inode->i_nlink; - tmp.st_uid = inode->i_uid; - tmp.st_gid = inode->i_gid; + if (current->s_context < 2) { + tmp.st_uid = inode->i_uid ^ (inode->i_context << 16); + tmp.st_gid = inode->i_gid ^ (inode->i_context << 16); + } else { + tmp.st_uid = inode->i_uid; + tmp.st_gid = inode->i_gid; + } tmp.st_rdev = kdev_t_to_nr(inode->i_rdev); tmp.st_atime = inode->i_atime; tmp.st_mtime = inode->i_mtime; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/include/linux/capability.h linux-2.4.20-pre11-ctx14.quota/include/linux/capability.h --- linux-2.4.20-pre11-ctx14/include/linux/capability.h Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/include/linux/capability.h Mon Oct 28 18:09:59 2002 @@ -284,6 +284,10 @@ #define CAP_OPENDEV 29 +/* Allow changing context information */ + +#define CAP_CHCTX CAP_CHOWN + #ifdef __KERNEL__ /* * Bounding set diff -NurBP --minimal linux-2.4.20-pre11-ctx14/include/linux/devpts_fs_info.h linux-2.4.20-pre11-ctx14.quota/include/linux/devpts_fs_info.h --- linux-2.4.20-pre11-ctx14/include/linux/devpts_fs_info.h Mon Oct 28 15:01:12 2002 +++ linux-2.4.20-pre11-ctx14.quota/include/linux/devpts_fs_info.h Thu Jan 1 01:00:00 1970 @@ -1,4 +0,0 @@ -struct devpts_inode_info{ - int s_context; -}; - diff -NurBP --minimal linux-2.4.20-pre11-ctx14/include/linux/fs.h linux-2.4.20-pre11-ctx14.quota/include/linux/fs.h --- linux-2.4.20-pre11-ctx14/include/linux/fs.h Mon Oct 28 15:01:13 2002 +++ linux-2.4.20-pre11-ctx14.quota/include/linux/fs.h Mon Oct 28 18:09:59 2002 @@ -322,7 +322,6 @@ #include #include #include -#include /* * Attribute flags. These should be or-ed together to figure out what @@ -339,6 +338,7 @@ #define ATTR_MTIME_SET 256 #define ATTR_FORCE 512 /* Not a change, but a change it */ #define ATTR_ATTR_FLAG 1024 +#define ATTR_CTX 2048 /* fixme CONTEXT */ /* * This is the Inode Attributes structure, used for notify_change(). It @@ -354,6 +354,7 @@ umode_t ia_mode; uid_t ia_uid; gid_t ia_gid; + int ia_context; loff_t ia_size; time_t ia_atime; time_t ia_mtime; @@ -449,6 +450,7 @@ nlink_t i_nlink; uid_t i_uid; gid_t i_gid; + int i_context; kdev_t i_rdev; loff_t i_size; time_t i_atime; @@ -514,7 +516,6 @@ struct socket socket_i; struct usbdev_inode_info usbdev_i; struct jffs2_inode_info jffs2_i; - struct devpts_inode_info devpts_i; void *generic_ip; } u; }; diff -NurBP --minimal linux-2.4.20-pre11-ctx14/include/linux/quota.h linux-2.4.20-pre11-ctx14.quota/include/linux/quota.h --- linux-2.4.20-pre11-ctx14/include/linux/quota.h Thu Nov 22 19:38:31 2001 +++ linux-2.4.20-pre11-ctx14.quota/include/linux/quota.h Mon Oct 28 18:09:59 2002 @@ -65,9 +65,10 @@ #define MAX_IQ_TIME 604800 /* (7*24*60*60) 1 week */ #define MAX_DQ_TIME 604800 /* (7*24*60*60) 1 week */ -#define MAXQUOTAS 2 +#define MAXQUOTAS 3 #define USRQUOTA 0 /* element used for user quotas */ #define GRPQUOTA 1 /* element used for group quotas */ +#define CTXQUOTA 2 /* element used for group quotas */ /* * Definitions for the default names of the quotas files. @@ -75,6 +76,7 @@ #define INITQFNAMES { \ "user", /* USRQUOTA */ \ "group", /* GRPQUOTA */ \ + "context", /* CTXQUOTA */ \ "undefined", \ };