tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

NFSD: Add nfsd4_encode_fattr4_posix_access_acl

The POSIX ACL extension to NFSv4 defines FATTR4_POSIX_ACCESS_ACL
for retrieving the access ACL of a file or directory. This patch
adds the XDR encoder for that attribute.

The access ACL is retrieved via get_inode_acl(). If the filesystem
provides no explicit access ACL, one is synthesized from the file
mode via posix_acl_from_mode(). Each entry is encoded as a
posixace4: tag type, permission bits, and principal name (empty
for structural entries, resolved via idmapping for USER/GROUP
entries).

Unlike the default ACL encoder which applies only to directories,
this encoder handles all inode types and ensures an access ACL is
always available through mode-based synthesis when needed.

Signed-off-by: Rick Macklem <rmacklem@uoguelph.ca>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

authored by

Rick Macklem and committed by
Chuck Lever 97e9a9ec 5e62c904

+35
+35
fs/nfsd/nfs4xdr.c
··· 3016 3016 #endif 3017 3017 #ifdef CONFIG_NFSD_V4_POSIX_ACLS 3018 3018 struct posix_acl *dpacl; 3019 + struct posix_acl *pacl; 3019 3020 #endif 3020 3021 u32 rdattr_err; 3021 3022 bool contextsupport; ··· 3586 3585 return nfsd4_encode_posixacl(xdr, args->rqstp, args->dpacl); 3587 3586 } 3588 3587 3588 + static __be32 nfsd4_encode_fattr4_posix_access_acl(struct xdr_stream *xdr, 3589 + const struct nfsd4_fattr_args *args) 3590 + { 3591 + return nfsd4_encode_posixacl(xdr, args->rqstp, args->pacl); 3592 + } 3593 + 3589 3594 #endif /* CONFIG_NFSD_V4_POSIX_ACLS */ 3590 3595 3591 3596 static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = { ··· 3706 3699 [FATTR4_ACL_TRUEFORM] = nfsd4_encode_fattr4_acl_trueform, 3707 3700 [FATTR4_ACL_TRUEFORM_SCOPE] = nfsd4_encode_fattr4_acl_trueform_scope, 3708 3701 [FATTR4_POSIX_DEFAULT_ACL] = nfsd4_encode_fattr4_posix_default_acl, 3702 + [FATTR4_POSIX_ACCESS_ACL] = nfsd4_encode_fattr4_posix_access_acl, 3709 3703 #else 3710 3704 [FATTR4_ACL_TRUEFORM] = nfsd4_encode_fattr4__noop, 3711 3705 [FATTR4_ACL_TRUEFORM_SCOPE] = nfsd4_encode_fattr4__noop, 3712 3706 [FATTR4_POSIX_DEFAULT_ACL] = nfsd4_encode_fattr4__noop, 3707 + [FATTR4_POSIX_ACCESS_ACL] = nfsd4_encode_fattr4__noop, 3713 3708 #endif 3714 3709 }; 3715 3710 ··· 3755 3746 #endif 3756 3747 #ifdef CONFIG_NFSD_V4_POSIX_ACLS 3757 3748 args.dpacl = NULL; 3749 + args.pacl = NULL; 3758 3750 #endif 3759 3751 3760 3752 /* ··· 3887 3877 } 3888 3878 } 3889 3879 } 3880 + if (attrmask[2] & FATTR4_WORD2_POSIX_ACCESS_ACL) { 3881 + struct inode *inode = d_inode(dentry); 3882 + struct posix_acl *pacl; 3883 + 3884 + pacl = get_inode_acl(inode, ACL_TYPE_ACCESS); 3885 + if (!pacl) 3886 + pacl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); 3887 + if (IS_ERR(pacl)) { 3888 + switch (PTR_ERR(pacl)) { 3889 + case -EOPNOTSUPP: 3890 + attrmask[2] &= ~FATTR4_WORD2_POSIX_ACCESS_ACL; 3891 + break; 3892 + case -EINVAL: 3893 + status = nfserr_attrnotsupp; 3894 + goto out; 3895 + default: 3896 + err = PTR_ERR(pacl); 3897 + goto out_nfserr; 3898 + } 3899 + } else { 3900 + args.pacl = pacl; 3901 + } 3902 + } 3890 3903 #endif /* CONFIG_NFSD_V4_POSIX_ACLS */ 3891 3904 3892 3905 /* attrmask */ ··· 3938 3905 #ifdef CONFIG_NFSD_V4_POSIX_ACLS 3939 3906 if (args.dpacl) 3940 3907 posix_acl_release(args.dpacl); 3908 + if (args.pacl) 3909 + posix_acl_release(args.pacl); 3941 3910 #endif /* CONFIG_NFSD_V4_POSIX_ACLS */ 3942 3911 #ifdef CONFIG_NFSD_V4_SECURITY_LABEL 3943 3912 if (args.context.context)