|
|
@@ -1290,6 +1290,101 @@ error:
|
|
|
return ret;
|
|
|
}
|
|
|
|
|
|
+/**
|
|
|
+ * rdtgroup_kn_mode_restrict - Restrict user access to named resctrl file
|
|
|
+ * @r: The resource group with which the file is associated.
|
|
|
+ * @name: Name of the file
|
|
|
+ *
|
|
|
+ * The permissions of named resctrl file, directory, or link are modified
|
|
|
+ * to not allow read, write, or execute by any user.
|
|
|
+ *
|
|
|
+ * WARNING: This function is intended to communicate to the user that the
|
|
|
+ * resctrl file has been locked down - that it is not relevant to the
|
|
|
+ * particular state the system finds itself in. It should not be relied
|
|
|
+ * on to protect from user access because after the file's permissions
|
|
|
+ * are restricted the user can still change the permissions using chmod
|
|
|
+ * from the command line.
|
|
|
+ *
|
|
|
+ * Return: 0 on success, <0 on failure.
|
|
|
+ */
|
|
|
+int rdtgroup_kn_mode_restrict(struct rdtgroup *r, const char *name)
|
|
|
+{
|
|
|
+ struct iattr iattr = {.ia_valid = ATTR_MODE,};
|
|
|
+ struct kernfs_node *kn;
|
|
|
+ int ret = 0;
|
|
|
+
|
|
|
+ kn = kernfs_find_and_get_ns(r->kn, name, NULL);
|
|
|
+ if (!kn)
|
|
|
+ return -ENOENT;
|
|
|
+
|
|
|
+ switch (kernfs_type(kn)) {
|
|
|
+ case KERNFS_DIR:
|
|
|
+ iattr.ia_mode = S_IFDIR;
|
|
|
+ break;
|
|
|
+ case KERNFS_FILE:
|
|
|
+ iattr.ia_mode = S_IFREG;
|
|
|
+ break;
|
|
|
+ case KERNFS_LINK:
|
|
|
+ iattr.ia_mode = S_IFLNK;
|
|
|
+ break;
|
|
|
+ }
|
|
|
+
|
|
|
+ ret = kernfs_setattr(kn, &iattr);
|
|
|
+ kernfs_put(kn);
|
|
|
+ return ret;
|
|
|
+}
|
|
|
+
|
|
|
+/**
|
|
|
+ * rdtgroup_kn_mode_restore - Restore user access to named resctrl file
|
|
|
+ * @r: The resource group with which the file is associated.
|
|
|
+ * @name: Name of the file
|
|
|
+ *
|
|
|
+ * Restore the permissions of the named file. If @name is a directory the
|
|
|
+ * permissions of its parent will be used.
|
|
|
+ *
|
|
|
+ * Return: 0 on success, <0 on failure.
|
|
|
+ */
|
|
|
+int rdtgroup_kn_mode_restore(struct rdtgroup *r, const char *name)
|
|
|
+{
|
|
|
+ struct iattr iattr = {.ia_valid = ATTR_MODE,};
|
|
|
+ struct kernfs_node *kn, *parent;
|
|
|
+ struct rftype *rfts, *rft;
|
|
|
+ int ret, len;
|
|
|
+
|
|
|
+ rfts = res_common_files;
|
|
|
+ len = ARRAY_SIZE(res_common_files);
|
|
|
+
|
|
|
+ for (rft = rfts; rft < rfts + len; rft++) {
|
|
|
+ if (!strcmp(rft->name, name))
|
|
|
+ iattr.ia_mode = rft->mode;
|
|
|
+ }
|
|
|
+
|
|
|
+ kn = kernfs_find_and_get_ns(r->kn, name, NULL);
|
|
|
+ if (!kn)
|
|
|
+ return -ENOENT;
|
|
|
+
|
|
|
+ switch (kernfs_type(kn)) {
|
|
|
+ case KERNFS_DIR:
|
|
|
+ parent = kernfs_get_parent(kn);
|
|
|
+ if (parent) {
|
|
|
+ iattr.ia_mode |= parent->mode;
|
|
|
+ kernfs_put(parent);
|
|
|
+ }
|
|
|
+ iattr.ia_mode |= S_IFDIR;
|
|
|
+ break;
|
|
|
+ case KERNFS_FILE:
|
|
|
+ iattr.ia_mode |= S_IFREG;
|
|
|
+ break;
|
|
|
+ case KERNFS_LINK:
|
|
|
+ iattr.ia_mode |= S_IFLNK;
|
|
|
+ break;
|
|
|
+ }
|
|
|
+
|
|
|
+ ret = kernfs_setattr(kn, &iattr);
|
|
|
+ kernfs_put(kn);
|
|
|
+ return ret;
|
|
|
+}
|
|
|
+
|
|
|
static int rdtgroup_mkdir_info_resdir(struct rdt_resource *r, char *name,
|
|
|
unsigned long fflags)
|
|
|
{
|
Reinette Chatre