[PATCH 007 of 9] knfsd: nfsd4: acls: don't return explicit mask

From: NeilBrown
Date: Mon Feb 12 2007 - 18:47:37 EST

Next message: NeilBrown: "[PATCH 009 of 9] knfsd: nfsd4: fix handling of directories without default ACLs"
Previous message: NeilBrown: "[PATCH 003 of 9] knfsd: nfsd4: simplify nfsv4->posix translation"
In reply to: NeilBrown: "[PATCH 003 of 9] knfsd: nfsd4: simplify nfsv4->posix translation"
Next in thread: NeilBrown: "[PATCH 009 of 9] knfsd: nfsd4: fix handling of directories without default ACLs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: J. Bruce Fields <bfields@xxxxxxxxxxxxxxxxxxxxx>
Return just the effective permissions, and forget about the mask. It isn't
worth the complexity.

WARNING: This breaks backwards compatibility with overly-picky nfsv4->posix acl
translation, as may has been included in some patched versions of libacl. To
our knowledge no such version was every distributed by anyone outside citi.

Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxxxxxx>
Signed-off-by: Neil Brown <neilb@xxxxxxx>

### Diffstat output
./fs/nfsd/nfs4acl.c | 25 +++++++------------------
1 file changed, 7 insertions(+), 18 deletions(-)

diff .prev/fs/nfsd/nfs4acl.c ./fs/nfsd/nfs4acl.c
--- .prev/fs/nfsd/nfs4acl.c 2007-02-13 10:23:49.000000000 +1100
+++ ./fs/nfsd/nfs4acl.c 2007-02-13 10:37:27.000000000 +1100
@@ -180,7 +180,8 @@ _posix_to_nfsv4_one(struct posix_acl *pa
unsigned int flags)
{
struct posix_acl_entry *pa, *pe, *group_owner_entry;
- u32 mask, mask_mask;
+ u32 mask;
+ unsigned short mask_mask;
int eflag = ((flags & NFS4_ACL_TYPE_DEFAULT) ?
NFS4_INHERITANCE_FLAGS : 0);

@@ -188,9 +189,9 @@ _posix_to_nfsv4_one(struct posix_acl *pa
pe = pacl->a_entries + pacl->a_count;
pa = pe - 2; /* if mask entry exists, it's second from the last. */
if (pa->e_tag == ACL_MASK)
- mask_mask = deny_mask(mask_from_posix(pa->e_perm, flags), flags);
+ mask_mask = pa->e_perm;
else
- mask_mask = 0;
+ mask_mask = S_IRWXO;

pa = pacl->a_entries;
BUG_ON(pa->e_tag != ACL_USER_OBJ);
@@ -199,10 +200,7 @@ _posix_to_nfsv4_one(struct posix_acl *pa
pa++;

while (pa->e_tag == ACL_USER) {
- mask = mask_from_posix(pa->e_perm, flags);
- nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
- eflag, mask_mask, NFS4_ACL_WHO_NAMED, pa->e_id);
-
+ mask = mask_from_posix(pa->e_perm & mask_mask, flags);
nfs4_acl_add_pair(acl, eflag, mask,
NFS4_ACL_WHO_NAMED, pa->e_id, flags);
pa++;
@@ -213,24 +211,15 @@ _posix_to_nfsv4_one(struct posix_acl *pa

/* allow ACEs */

- if (pacl->a_count > 3) {
- BUG_ON(pa->e_tag != ACL_GROUP_OBJ);
- nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
- NFS4_ACE_IDENTIFIER_GROUP | eflag, mask_mask,
- NFS4_ACL_WHO_GROUP, 0);
- }
group_owner_entry = pa;
- mask = mask_from_posix(pa->e_perm, flags);
+ mask = mask_from_posix(pa->e_perm & mask_mask, flags);
nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE,
NFS4_ACE_IDENTIFIER_GROUP | eflag, mask,
NFS4_ACL_WHO_GROUP, 0);
pa++;

while (pa->e_tag == ACL_GROUP) {
- mask = mask_from_posix(pa->e_perm, flags);
- nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
- NFS4_ACE_IDENTIFIER_GROUP | eflag, mask_mask,
- NFS4_ACL_WHO_NAMED, pa->e_id);
+ mask = mask_from_posix(pa->e_perm & mask_mask, flags);
nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE,
NFS4_ACE_IDENTIFIER_GROUP | eflag, mask,
NFS4_ACL_WHO_NAMED, pa->e_id);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: NeilBrown: "[PATCH 009 of 9] knfsd: nfsd4: fix handling of directories without default ACLs"
Previous message: NeilBrown: "[PATCH 003 of 9] knfsd: nfsd4: simplify nfsv4->posix translation"
In reply to: NeilBrown: "[PATCH 003 of 9] knfsd: nfsd4: simplify nfsv4->posix translation"
Next in thread: NeilBrown: "[PATCH 009 of 9] knfsd: nfsd4: fix handling of directories without default ACLs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]