From patchwork Tue Aug 4 11:53:38 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Andreas_Gr=C3=BCnbacher?= X-Patchwork-Id: 6936861 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id B51FCC05AC for ; Tue, 4 Aug 2015 11:56:41 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id BA66620495 for ; Tue, 4 Aug 2015 11:56:40 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0CF9B2045E for ; Tue, 4 Aug 2015 11:56:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933864AbbHDL4B (ORCPT ); Tue, 4 Aug 2015 07:56:01 -0400 Received: from mail-wi0-f178.google.com ([209.85.212.178]:34299 "EHLO mail-wi0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933776AbbHDLz6 (ORCPT ); Tue, 4 Aug 2015 07:55:58 -0400 Received: by wibud3 with SMTP id ud3so173580503wib.1; Tue, 04 Aug 2015 04:55:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=fm2OCJipWIL0bdJrqlxr6JDFyQP0wQQ30MwKsyHpyD0=; b=WT2qRP+zjSRL+uEiBEG5E0MQuDAL7uA10v1mG9pCfbNEPNYY6Sz/NVMHX8J3RsYcft R3c3xLHB30U/zKGOSZG+9Amwbm9+J5DUGUDb90bzud8thNdIAFGc79IAj3NGvAWzlJlL 5bhDsuBX4Q4pOIDCezSDZKectNRHFVEa+e0EFoitdNuPvNH68KohFFyfSS4pGnQYaLSu Vinw08jQXn//JQOXUHI7IekcPj5ecKMSfHcD5Y/gq+2PD8UErDpqFc21EwV7UK+mvzr+ hnSZf8JaMCNezAGKhTXp3xHoxQ39Gysc6IM39Zj+VFTqHuzgpBOyror89/HX21+swjgp joXw== X-Received: by 10.180.79.132 with SMTP id j4mr7045147wix.87.1438689356892; Tue, 04 Aug 2015 04:55:56 -0700 (PDT) Received: from schleppi.home.com (p54980F84.dip0.t-ipconnect.de. [84.152.15.132]) by smtp.gmail.com with ESMTPSA id u7sm2018458wif.3.2015.08.04.04.55.55 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 04 Aug 2015 04:55:56 -0700 (PDT) From: Andreas Gruenbacher X-Google-Original-From: Andreas Gruenbacher To: linux-kernel@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-api@vger.kernel.org, linux-cifs@vger.kernel.org, linux-security-module@vger.kernel.org, Andreas Gruenbacher Subject: [RFC v6 40/40] nfs: Add support for the v4.1 dacl attribute Date: Tue, 4 Aug 2015 13:53:38 +0200 Message-Id: <1438689218-6921-41-git-send-email-agruenba@redhat.com> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1438689218-6921-1-git-send-email-agruenba@redhat.com> References: <1438689218-6921-1-git-send-email-agruenba@redhat.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, SUSPICIOUS_RECIPS, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The dacl attribute includes Automatic Inheritance flags not supported by the acl attribute. it is only supported in NFS version 4.1 and higher. On systems where NFS version 4.0 is still the default, an additional mount option is needed: mount -t nfs4 -o vers=4.1 [...] Signed-off-by: Andreas Gruenbacher --- fs/nfs/nfs4proc.c | 2 +- fs/nfs/nfs4xdr.c | 55 ++++++++++++++++++++++++++++++++++++++++++------- include/linux/nfs_xdr.h | 2 +- 3 files changed, 50 insertions(+), 9 deletions(-) diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index e72f53e..5b53e90 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -4482,7 +4482,7 @@ static struct richacl *__nfs4_get_acl_uncached(struct inode *inode) struct nfs_server *server = NFS_SERVER(inode); struct page *pages[DIV_ROUND_UP(NFS4ACL_SIZE_MAX, PAGE_SIZE)] = {}; struct nfs_getaclargs args = { - .fh = NFS_FH(inode), + .inode = inode, .acl_pages = pages, .acl_len = ARRAY_SIZE(pages) * PAGE_SIZE, }; diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c index 78a9fbd..bfb4d49 100644 --- a/fs/nfs/nfs4xdr.c +++ b/fs/nfs/nfs4xdr.c @@ -1648,9 +1648,16 @@ encode_setacl(struct xdr_stream *xdr, struct nfs_setaclargs *arg, struct compoun encode_nfs4_stateid(xdr, &zero_stateid); /* Encode attribute bitmap. */ - p = reserve_space(xdr, 2*4); - *p++ = cpu_to_be32(1); - *p = cpu_to_be32(FATTR4_WORD0_ACL); + if (arg->server->attr_bitmask[1] & FATTR4_WORD1_DACL) { + p = reserve_space(xdr, 3*4); + *p++ = cpu_to_be32(2); + *p++ = 0; + *p = cpu_to_be32(FATTR4_WORD1_DACL); + } else { + p = reserve_space(xdr, 2*4); + *p++ = cpu_to_be32(1); + *p = cpu_to_be32(FATTR4_WORD0_ACL); + } attrlen_offset = xdr->buf->len; xdr_reserve_space(xdr, 4); /* to be backfilled later */ @@ -2485,9 +2492,12 @@ static void nfs4_xdr_enc_getacl(struct rpc_rqst *req, struct xdr_stream *xdr, encode_compound_hdr(xdr, req, &hdr); encode_sequence(xdr, &args->seq_args, &hdr); - encode_putfh(xdr, args->fh, &hdr); + encode_putfh(xdr, NFS_FH(args->inode), &hdr); replen = hdr.replen + op_decode_hdr_maxsz + 1; - encode_getattr_two(xdr, FATTR4_WORD0_ACL, FATTR4_WORD1_MODE, &hdr); + if (NFS_SERVER(args->inode)->attr_bitmask[1] & FATTR4_WORD1_DACL) + encode_getattr_two(xdr, 0, FATTR4_WORD1_MODE | FATTR4_WORD1_DACL, &hdr); + else + encode_getattr_two(xdr, FATTR4_WORD0_ACL, FATTR4_WORD1_MODE, &hdr); xdr_inline_pages(&req->rq_rcv_buf, replen << 2, args->acl_pages, 0, args->acl_len); @@ -5375,14 +5385,28 @@ static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req, if (unlikely(bitmap[0] & (FATTR4_WORD0_ACL - 1U))) return -EIO; - if (likely(bitmap[0] & FATTR4_WORD0_ACL)) { + + if (bitmap[0] & FATTR4_WORD0_ACL) { + struct richace *ace; + + if (bitmap[1] & FATTR4_WORD1_DACL) + return -EIO; + acl = decode_acl_entries(xdr, res->server); status = PTR_ERR(acl); if (IS_ERR(acl)) goto out; + + status = -EIO; + richacl_for_each_entry(ace, acl) { + if (ace->e_flags & RICHACE_INHERITED_ACE) + goto out; + } bitmap[0] &= ~FATTR4_WORD0_ACL; - } else + } else if (!(bitmap[1] & FATTR4_WORD1_DACL)) { status = -EOPNOTSUPP; + goto out; + } status = -EIO; if (unlikely(bitmap[0])) @@ -5391,6 +5415,23 @@ static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req, status = decode_attr_mode(xdr, bitmap, &res->mode); if (status < 0) goto out; + if (bitmap[1] & FATTR4_WORD1_DACL) { + unsigned int flags; + __be32 *p; + + p = xdr_inline_decode(xdr, 4); + status = -EIO; + if (unlikely(!p)) + goto out; + flags = be32_to_cpup(p); + + acl = decode_acl_entries(xdr, res->server); + status = PTR_ERR(acl); + if (IS_ERR(acl)) + goto out; + acl->a_flags = flags; + bitmap[1] &= ~FATTR4_WORD1_DACL; + } status = 0; out: diff --git a/include/linux/nfs_xdr.h b/include/linux/nfs_xdr.h index f1c8f93..abe0b66 100644 --- a/include/linux/nfs_xdr.h +++ b/include/linux/nfs_xdr.h @@ -695,7 +695,7 @@ struct nfs_setaclres { struct nfs_getaclargs { struct nfs4_sequence_args seq_args; - struct nfs_fh * fh; + struct inode * inode; size_t acl_len; struct page ** acl_pages; };