From patchwork Wed Feb 23 13:52:06 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Aneesh Kumar K.V" X-Patchwork-Id: 584701 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p1NDvbUO026840 for ; Wed, 23 Feb 2011 13:57:40 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932304Ab1BWN5A (ORCPT ); Wed, 23 Feb 2011 08:57:00 -0500 Received: from e28smtp02.in.ibm.com ([122.248.162.2]:33271 "EHLO e28smtp02.in.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932238Ab1BWNy2 (ORCPT ); Wed, 23 Feb 2011 08:54:28 -0500 Received: from d28relay01.in.ibm.com (d28relay01.in.ibm.com [9.184.220.58]) by e28smtp02.in.ibm.com (8.14.4/8.13.1) with ESMTP id p1NDsC67020963; Wed, 23 Feb 2011 19:24:12 +0530 Received: from d28av05.in.ibm.com (d28av05.in.ibm.com [9.184.220.67]) by d28relay01.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id p1NDsAe92596984; Wed, 23 Feb 2011 19:24:11 +0530 Received: from d28av05.in.ibm.com (loopback [127.0.0.1]) by d28av05.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id p1NDs4OO021089; Thu, 24 Feb 2011 00:54:05 +1100 Received: from skywalker.ibm.com ([9.77.68.27]) by d28av05.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id p1NDqS2C014791; Thu, 24 Feb 2011 00:54:01 +1100 From: "Aneesh Kumar K.V" To: sfrench@us.ibm.com, agruen@linbit.com, dilger.kernel@dilger.ca, sandeen@redhat.com, tytso@mit.edu, bfields@fieldses.org, jlayton@redhat.com Cc: aneesh.kumar@linux.vnet.ibm.com, linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org, Andreas Gruenbacher Subject: [PATCH -V5 19/24] richacl: Automatic Inheritance Date: Wed, 23 Feb 2011 19:22:06 +0530 Message-Id: <1298469131-16555-20-git-send-email-aneesh.kumar@linux.vnet.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1298469131-16555-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> References: <1298469131-16555-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Wed, 23 Feb 2011 13:57:43 +0000 (UTC) diff --git a/fs/richacl_base.c b/fs/richacl_base.c index e60440b..c064c90 100644 --- a/fs/richacl_base.c +++ b/fs/richacl_base.c @@ -377,7 +377,8 @@ richacl_chmod(struct richacl *acl, mode_t mode) if (acl->a_owner_mask == owner_mask && acl->a_group_mask == group_mask && acl->a_other_mask == other_mask && - (acl->a_flags & ACL4_MASKED)) + (acl->a_flags & ACL4_MASKED) && + (!richacl_is_auto_inherit(acl) || richacl_is_protected(acl))) return acl; clone = richacl_clone(acl); @@ -389,6 +390,8 @@ richacl_chmod(struct richacl *acl, mode_t mode) clone->a_owner_mask = owner_mask; clone->a_group_mask = group_mask; clone->a_other_mask = other_mask; + if (richacl_is_auto_inherit(clone)) + clone->a_flags |= ACL4_PROTECTED; return clone; } @@ -558,6 +561,11 @@ richacl_inherit(const struct richacl *dir_acl, int isdir) ace++; } } + if (richacl_is_auto_inherit(dir_acl)) { + acl->a_flags = ACL4_AUTO_INHERIT; + richacl_for_each_entry(ace, acl) + ace->e_flags |= ACE4_INHERITED_ACE; + } return acl; } diff --git a/fs/richacl_inode.c b/fs/richacl_inode.c index 31e6925..5ae6326 100644 --- a/fs/richacl_inode.c +++ b/fs/richacl_inode.c @@ -37,9 +37,14 @@ richacl_inherit_inode(const struct richacl *dir_acl, struct inode *inode) acl = richacl_inherit(dir_acl, S_ISDIR(inode->i_mode)); if (acl) { + /* + * We need to set ACL4_PROTECTED because we are + * doing an implicit chmod + */ + if (richacl_is_auto_inherit(acl)) + acl->a_flags |= ACL4_PROTECTED; richacl_compute_max_masks(acl); - /* * Ensure that the acl will not grant any permissions beyond * the create mode. diff --git a/include/linux/richacl.h b/include/linux/richacl.h index 12a79f1..23befbc 100644 --- a/include/linux/richacl.h +++ b/include/linux/richacl.h @@ -47,10 +47,16 @@ struct richacl { _ace != _acl->a_entries - 1; \ _ace--) +/* a_flags values */ +#define ACL4_AUTO_INHERIT 0x01 +#define ACL4_PROTECTED 0x02 +/* #define ACL4_DEFAULTED 0x04 */ /* Flag values defined by rich-acl */ #define ACL4_MASKED 0x80 #define ACL4_VALID_FLAGS ( \ + ACL4_AUTO_INHERIT | \ + ACL4_PROTECTED | \ ACL4_MASKED) /* e_type values */ @@ -67,6 +73,7 @@ struct richacl { /*#define ACE4_SUCCESSFUL_ACCESS_ACE_FLAG 0x0010*/ /*#define ACE4_FAILED_ACCESS_ACE_FLAG 0x0020*/ #define ACE4_IDENTIFIER_GROUP 0x0040 +#define ACE4_INHERITED_ACE 0x0080 /* in-memory representation only */ #define ACE4_SPECIAL_WHO 0x4000 @@ -75,7 +82,8 @@ struct richacl { ACE4_DIRECTORY_INHERIT_ACE | \ ACE4_NO_PROPAGATE_INHERIT_ACE | \ ACE4_INHERIT_ONLY_ACE | \ - ACE4_IDENTIFIER_GROUP) + ACE4_IDENTIFIER_GROUP | \ + ACE4_INHERITED_ACE) /* e_mask bitflags */ #define ACE4_READ_DATA 0x00000001 @@ -181,6 +189,18 @@ richacl_put(struct richacl *acl) kfree(acl); } +static inline int +richacl_is_auto_inherit(const struct richacl *acl) +{ + return acl->a_flags & ACL4_AUTO_INHERIT; +} + +static inline int +richacl_is_protected(const struct richacl *acl) +{ + return acl->a_flags & ACL4_PROTECTED; +} + /* * Special e_who identifiers: we use these pointer values in comparisons * instead of doing a strcmp. @@ -259,7 +279,8 @@ richace_clear_inheritance_flags(struct richace *ace) ace->e_flags &= ~(ACE4_FILE_INHERIT_ACE | ACE4_DIRECTORY_INHERIT_ACE | ACE4_NO_PROPAGATE_INHERIT_ACE | - ACE4_INHERIT_ONLY_ACE); + ACE4_INHERIT_ONLY_ACE | + ACE4_INHERITED_ACE); } /**