2 * Common NFSv4 ACL handling code.
4 * Copyright (c) 2002, 2003 The Regents of the University of Michigan.
7 * Marius Aamodt Eriksen <marius@umich.edu>
8 * Jeff Sedlak <jsedlak@umich.edu>
9 * J. Bruce Fields <bfields@umich.edu>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of the University nor the names of its
21 * contributors may be used to endorse or promote products derived
22 * from this software without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
25 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
26 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
32 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
33 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
34 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 #include <linux/slab.h>
38 #include <linux/nfs_fs.h>
44 #define NFS4_ACL_TYPE_DEFAULT 0x01
45 #define NFS4_ACL_DIR 0x02
46 #define NFS4_ACL_OWNER 0x04
48 /* mode bit translations: */
49 #define NFS4_READ_MODE (NFS4_ACE_READ_DATA)
50 #define NFS4_WRITE_MODE (NFS4_ACE_WRITE_DATA | NFS4_ACE_APPEND_DATA)
51 #define NFS4_EXECUTE_MODE NFS4_ACE_EXECUTE
52 #define NFS4_ANYONE_MODE (NFS4_ACE_READ_ATTRIBUTES | NFS4_ACE_READ_ACL | NFS4_ACE_SYNCHRONIZE)
53 #define NFS4_OWNER_MODE (NFS4_ACE_WRITE_ATTRIBUTES | NFS4_ACE_WRITE_ACL)
55 /* We don't support these bits; insist they be neither allowed nor denied */
56 #define NFS4_MASK_UNSUPP (NFS4_ACE_DELETE | NFS4_ACE_WRITE_OWNER \
57 | NFS4_ACE_READ_NAMED_ATTRS | NFS4_ACE_WRITE_NAMED_ATTRS)
59 /* flags used to simulate posix default ACLs */
60 #define NFS4_INHERITANCE_FLAGS (NFS4_ACE_FILE_INHERIT_ACE \
61 | NFS4_ACE_DIRECTORY_INHERIT_ACE)
63 #define NFS4_SUPPORTED_FLAGS (NFS4_INHERITANCE_FLAGS \
64 | NFS4_ACE_INHERIT_ONLY_ACE \
65 | NFS4_ACE_IDENTIFIER_GROUP)
67 #define MASK_EQUAL(mask1, mask2) \
68 ( ((mask1) & NFS4_ACE_MASK_ALL) == ((mask2) & NFS4_ACE_MASK_ALL) )
71 mask_from_posix(unsigned short perm
, unsigned int flags
)
73 int mask
= NFS4_ANYONE_MODE
;
75 if (flags
& NFS4_ACL_OWNER
)
76 mask
|= NFS4_OWNER_MODE
;
78 mask
|= NFS4_READ_MODE
;
80 mask
|= NFS4_WRITE_MODE
;
81 if ((perm
& ACL_WRITE
) && (flags
& NFS4_ACL_DIR
))
82 mask
|= NFS4_ACE_DELETE_CHILD
;
83 if (perm
& ACL_EXECUTE
)
84 mask
|= NFS4_EXECUTE_MODE
;
89 deny_mask_from_posix(unsigned short perm
, u32 flags
)
94 mask
|= NFS4_READ_MODE
;
96 mask
|= NFS4_WRITE_MODE
;
97 if ((perm
& ACL_WRITE
) && (flags
& NFS4_ACL_DIR
))
98 mask
|= NFS4_ACE_DELETE_CHILD
;
99 if (perm
& ACL_EXECUTE
)
100 mask
|= NFS4_EXECUTE_MODE
;
104 /* XXX: modify functions to return NFS errors; they're only ever
105 * used by nfs code, after all.... */
107 /* We only map from NFSv4 to POSIX ACLs when setting ACLs, when we err on the
108 * side of being more restrictive, so the mode bit mapping below is
109 * pessimistic. An optimistic version would be needed to handle DENY's,
110 * but we espect to coalesce all ALLOWs and DENYs before mapping to mode
114 low_mode_from_nfs4(u32 perm
, unsigned short *mode
, unsigned int flags
)
116 u32 write_mode
= NFS4_WRITE_MODE
;
118 if (flags
& NFS4_ACL_DIR
)
119 write_mode
|= NFS4_ACE_DELETE_CHILD
;
121 if ((perm
& NFS4_READ_MODE
) == NFS4_READ_MODE
)
123 if ((perm
& write_mode
) == write_mode
)
125 if ((perm
& NFS4_EXECUTE_MODE
) == NFS4_EXECUTE_MODE
)
126 *mode
|= ACL_EXECUTE
;
129 struct ace_container
{
130 struct nfs4_ace
*ace
;
131 struct list_head ace_l
;
134 static short ace2type(struct nfs4_ace
*);
135 static void _posix_to_nfsv4_one(struct posix_acl
*, struct nfs4_acl
*,
139 nfsd4_get_nfs4_acl(struct svc_rqst
*rqstp
, struct dentry
*dentry
,
140 struct nfs4_acl
**acl
)
142 struct inode
*inode
= dentry
->d_inode
;
144 struct posix_acl
*pacl
= NULL
, *dpacl
= NULL
;
145 unsigned int flags
= 0;
148 pacl
= get_acl(inode
, ACL_TYPE_ACCESS
);
150 pacl
= posix_acl_from_mode(inode
->i_mode
, GFP_KERNEL
);
153 return PTR_ERR(pacl
);
155 /* allocate for worst case: one (deny, allow) pair each: */
156 size
+= 2 * pacl
->a_count
;
158 if (S_ISDIR(inode
->i_mode
)) {
159 flags
= NFS4_ACL_DIR
;
160 dpacl
= get_acl(inode
, ACL_TYPE_DEFAULT
);
162 error
= PTR_ERR(dpacl
);
167 size
+= 2 * dpacl
->a_count
;
170 *acl
= kmalloc(nfs4_acl_bytes(size
), GFP_KERNEL
);
177 _posix_to_nfsv4_one(pacl
, *acl
, flags
& ~NFS4_ACL_TYPE_DEFAULT
);
180 _posix_to_nfsv4_one(dpacl
, *acl
, flags
| NFS4_ACL_TYPE_DEFAULT
);
183 posix_acl_release(dpacl
);
185 posix_acl_release(pacl
);
189 struct posix_acl_summary
{
190 unsigned short owner
;
191 unsigned short users
;
192 unsigned short group
;
193 unsigned short groups
;
194 unsigned short other
;
199 summarize_posix_acl(struct posix_acl
*acl
, struct posix_acl_summary
*pas
)
201 struct posix_acl_entry
*pa
, *pe
;
204 * Only pas.users and pas.groups need initialization; previous
205 * posix_acl_valid() calls ensure that the other fields will be
206 * initialized in the following loop. But, just to placate gcc:
208 memset(pas
, 0, sizeof(*pas
));
211 pe
= acl
->a_entries
+ acl
->a_count
;
213 FOREACH_ACL_ENTRY(pa
, acl
, pe
) {
216 pas
->owner
= pa
->e_perm
;
219 pas
->group
= pa
->e_perm
;
222 pas
->users
|= pa
->e_perm
;
225 pas
->groups
|= pa
->e_perm
;
228 pas
->other
= pa
->e_perm
;
231 pas
->mask
= pa
->e_perm
;
235 /* We'll only care about effective permissions: */
236 pas
->users
&= pas
->mask
;
237 pas
->group
&= pas
->mask
;
238 pas
->groups
&= pas
->mask
;
241 /* We assume the acl has been verified with posix_acl_valid. */
243 _posix_to_nfsv4_one(struct posix_acl
*pacl
, struct nfs4_acl
*acl
,
246 struct posix_acl_entry
*pa
, *group_owner_entry
;
247 struct nfs4_ace
*ace
;
248 struct posix_acl_summary pas
;
250 int eflag
= ((flags
& NFS4_ACL_TYPE_DEFAULT
) ?
251 NFS4_INHERITANCE_FLAGS
| NFS4_ACE_INHERIT_ONLY_ACE
: 0);
253 BUG_ON(pacl
->a_count
< 3);
254 summarize_posix_acl(pacl
, &pas
);
256 pa
= pacl
->a_entries
;
257 ace
= acl
->aces
+ acl
->naces
;
259 /* We could deny everything not granted by the owner: */
262 * but it is equivalent (and simpler) to deny only what is not
263 * granted by later entries:
265 deny
&= pas
.users
| pas
.group
| pas
.groups
| pas
.other
;
267 ace
->type
= NFS4_ACE_ACCESS_DENIED_ACE_TYPE
;
269 ace
->access_mask
= deny_mask_from_posix(deny
, flags
);
270 ace
->whotype
= NFS4_ACL_WHO_OWNER
;
275 ace
->type
= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
;
277 ace
->access_mask
= mask_from_posix(pa
->e_perm
, flags
| NFS4_ACL_OWNER
);
278 ace
->whotype
= NFS4_ACL_WHO_OWNER
;
283 while (pa
->e_tag
== ACL_USER
) {
284 deny
= ~(pa
->e_perm
& pas
.mask
);
285 deny
&= pas
.groups
| pas
.group
| pas
.other
;
287 ace
->type
= NFS4_ACE_ACCESS_DENIED_ACE_TYPE
;
289 ace
->access_mask
= deny_mask_from_posix(deny
, flags
);
290 ace
->whotype
= NFS4_ACL_WHO_NAMED
;
291 ace
->who_uid
= pa
->e_uid
;
295 ace
->type
= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
;
297 ace
->access_mask
= mask_from_posix(pa
->e_perm
& pas
.mask
,
299 ace
->whotype
= NFS4_ACL_WHO_NAMED
;
300 ace
->who_uid
= pa
->e_uid
;
306 /* In the case of groups, we apply allow ACEs first, then deny ACEs,
307 * since a user can be in more than one group. */
311 group_owner_entry
= pa
;
313 ace
->type
= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
;
315 ace
->access_mask
= mask_from_posix(pas
.group
, flags
);
316 ace
->whotype
= NFS4_ACL_WHO_GROUP
;
321 while (pa
->e_tag
== ACL_GROUP
) {
322 ace
->type
= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
;
323 ace
->flag
= eflag
| NFS4_ACE_IDENTIFIER_GROUP
;
324 ace
->access_mask
= mask_from_posix(pa
->e_perm
& pas
.mask
,
326 ace
->whotype
= NFS4_ACL_WHO_NAMED
;
327 ace
->who_gid
= pa
->e_gid
;
335 pa
= group_owner_entry
;
337 deny
= ~pas
.group
& pas
.other
;
339 ace
->type
= NFS4_ACE_ACCESS_DENIED_ACE_TYPE
;
341 ace
->access_mask
= deny_mask_from_posix(deny
, flags
);
342 ace
->whotype
= NFS4_ACL_WHO_GROUP
;
348 while (pa
->e_tag
== ACL_GROUP
) {
349 deny
= ~(pa
->e_perm
& pas
.mask
);
352 ace
->type
= NFS4_ACE_ACCESS_DENIED_ACE_TYPE
;
353 ace
->flag
= eflag
| NFS4_ACE_IDENTIFIER_GROUP
;
354 ace
->access_mask
= deny_mask_from_posix(deny
, flags
);
355 ace
->whotype
= NFS4_ACL_WHO_NAMED
;
356 ace
->who_gid
= pa
->e_gid
;
363 if (pa
->e_tag
== ACL_MASK
)
365 ace
->type
= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
;
367 ace
->access_mask
= mask_from_posix(pa
->e_perm
, flags
);
368 ace
->whotype
= NFS4_ACL_WHO_EVERYONE
;
373 pace_gt(struct posix_acl_entry
*pace1
, struct posix_acl_entry
*pace2
)
375 if (pace1
->e_tag
!= pace2
->e_tag
)
376 return pace1
->e_tag
> pace2
->e_tag
;
377 if (pace1
->e_tag
== ACL_USER
)
378 return uid_gt(pace1
->e_uid
, pace2
->e_uid
);
379 if (pace1
->e_tag
== ACL_GROUP
)
380 return gid_gt(pace1
->e_gid
, pace2
->e_gid
);
385 sort_pacl_range(struct posix_acl
*pacl
, int start
, int end
) {
387 struct posix_acl_entry tmp
;
389 /* We just do a bubble sort; easy to do in place, and we're not
390 * expecting acl's to be long enough to justify anything more. */
393 for (i
= start
; i
< end
; i
++) {
394 if (pace_gt(&pacl
->a_entries
[i
],
395 &pacl
->a_entries
[i
+1])) {
397 tmp
= pacl
->a_entries
[i
];
398 pacl
->a_entries
[i
] = pacl
->a_entries
[i
+1];
399 pacl
->a_entries
[i
+1] = tmp
;
406 sort_pacl(struct posix_acl
*pacl
)
408 /* posix_acl_valid requires that users and groups be in order
412 /* no users or groups */
413 if (!pacl
|| pacl
->a_count
<= 4)
417 while (pacl
->a_entries
[i
].e_tag
== ACL_USER
)
419 sort_pacl_range(pacl
, 1, i
-1);
421 BUG_ON(pacl
->a_entries
[i
].e_tag
!= ACL_GROUP_OBJ
);
423 while (pacl
->a_entries
[j
].e_tag
== ACL_GROUP
)
425 sort_pacl_range(pacl
, i
, j
-1);
430 * While processing the NFSv4 ACE, this maintains bitmasks representing
431 * which permission bits have been allowed and which denied to a given
433 struct posix_ace_state
{
438 struct posix_user_ace_state
{
443 struct posix_ace_state perms
;
446 struct posix_ace_state_array
{
448 struct posix_user_ace_state aces
[];
452 * While processing the NFSv4 ACE, this maintains the partial permissions
453 * calculated so far: */
455 struct posix_acl_state
{
457 struct posix_ace_state owner
;
458 struct posix_ace_state group
;
459 struct posix_ace_state other
;
460 struct posix_ace_state everyone
;
461 struct posix_ace_state mask
; /* Deny unused in this case */
462 struct posix_ace_state_array
*users
;
463 struct posix_ace_state_array
*groups
;
467 init_state(struct posix_acl_state
*state
, int cnt
)
471 memset(state
, 0, sizeof(struct posix_acl_state
));
474 * In the worst case, each individual acl could be for a distinct
475 * named user or group, but we don't no which, so we allocate
476 * enough space for either:
478 alloc
= sizeof(struct posix_ace_state_array
)
479 + cnt
*sizeof(struct posix_user_ace_state
);
480 state
->users
= kzalloc(alloc
, GFP_KERNEL
);
483 state
->groups
= kzalloc(alloc
, GFP_KERNEL
);
484 if (!state
->groups
) {
492 free_state(struct posix_acl_state
*state
) {
494 kfree(state
->groups
);
497 static inline void add_to_mask(struct posix_acl_state
*state
, struct posix_ace_state
*astate
)
499 state
->mask
.allow
|= astate
->allow
;
503 * Certain bits (SYNCHRONIZE, DELETE, WRITE_OWNER, READ/WRITE_NAMED_ATTRS,
504 * READ_ATTRIBUTES, READ_ACL) are currently unenforceable and don't translate
505 * to traditional read/write/execute permissions.
507 * It's problematic to reject acls that use certain mode bits, because it
508 * places the burden on users to learn the rules about which bits one
509 * particular server sets, without giving the user a lot of help--we return an
510 * error that could mean any number of different things. To make matters
511 * worse, the problematic bits might be introduced by some application that's
512 * automatically mapping from some other acl model.
514 * So wherever possible we accept anything, possibly erring on the side of
515 * denying more permissions than necessary.
517 * However we do reject *explicit* DENY's of a few bits representing
518 * permissions we could never deny:
521 static inline int check_deny(u32 mask
, int isowner
)
523 if (mask
& (NFS4_ACE_READ_ATTRIBUTES
| NFS4_ACE_READ_ACL
))
527 if (mask
& (NFS4_ACE_WRITE_ATTRIBUTES
| NFS4_ACE_WRITE_ACL
))
532 static struct posix_acl
*
533 posix_state_to_acl(struct posix_acl_state
*state
, unsigned int flags
)
535 struct posix_acl_entry
*pace
;
536 struct posix_acl
*pacl
;
541 * ACLs with no ACEs are treated differently in the inheritable
542 * and effective cases: when there are no inheritable ACEs,
543 * calls ->set_acl with a NULL ACL structure.
545 if (state
->empty
&& (flags
& NFS4_ACL_TYPE_DEFAULT
))
549 * When there are no effective ACEs, the following will end
550 * up setting a 3-element effective posix ACL with all
553 if (!state
->users
->n
&& !state
->groups
->n
)
555 else /* Note we also include a MASK ACE in this case: */
556 nace
= 4 + state
->users
->n
+ state
->groups
->n
;
557 pacl
= posix_acl_alloc(nace
, GFP_KERNEL
);
559 return ERR_PTR(-ENOMEM
);
561 pace
= pacl
->a_entries
;
562 pace
->e_tag
= ACL_USER_OBJ
;
563 error
= check_deny(state
->owner
.deny
, 1);
566 low_mode_from_nfs4(state
->owner
.allow
, &pace
->e_perm
, flags
);
568 for (i
=0; i
< state
->users
->n
; i
++) {
570 pace
->e_tag
= ACL_USER
;
571 error
= check_deny(state
->users
->aces
[i
].perms
.deny
, 0);
574 low_mode_from_nfs4(state
->users
->aces
[i
].perms
.allow
,
575 &pace
->e_perm
, flags
);
576 pace
->e_uid
= state
->users
->aces
[i
].uid
;
577 add_to_mask(state
, &state
->users
->aces
[i
].perms
);
581 pace
->e_tag
= ACL_GROUP_OBJ
;
582 error
= check_deny(state
->group
.deny
, 0);
585 low_mode_from_nfs4(state
->group
.allow
, &pace
->e_perm
, flags
);
586 add_to_mask(state
, &state
->group
);
588 for (i
=0; i
< state
->groups
->n
; i
++) {
590 pace
->e_tag
= ACL_GROUP
;
591 error
= check_deny(state
->groups
->aces
[i
].perms
.deny
, 0);
594 low_mode_from_nfs4(state
->groups
->aces
[i
].perms
.allow
,
595 &pace
->e_perm
, flags
);
596 pace
->e_gid
= state
->groups
->aces
[i
].gid
;
597 add_to_mask(state
, &state
->groups
->aces
[i
].perms
);
600 if (state
->users
->n
|| state
->groups
->n
) {
602 pace
->e_tag
= ACL_MASK
;
603 low_mode_from_nfs4(state
->mask
.allow
, &pace
->e_perm
, flags
);
607 pace
->e_tag
= ACL_OTHER
;
608 error
= check_deny(state
->other
.deny
, 0);
611 low_mode_from_nfs4(state
->other
.allow
, &pace
->e_perm
, flags
);
615 posix_acl_release(pacl
);
616 return ERR_PTR(error
);
619 static inline void allow_bits(struct posix_ace_state
*astate
, u32 mask
)
621 /* Allow all bits in the mask not already denied: */
622 astate
->allow
|= mask
& ~astate
->deny
;
625 static inline void deny_bits(struct posix_ace_state
*astate
, u32 mask
)
627 /* Deny all bits in the mask not already allowed: */
628 astate
->deny
|= mask
& ~astate
->allow
;
631 static int find_uid(struct posix_acl_state
*state
, kuid_t uid
)
633 struct posix_ace_state_array
*a
= state
->users
;
636 for (i
= 0; i
< a
->n
; i
++)
637 if (uid_eq(a
->aces
[i
].uid
, uid
))
641 a
->aces
[i
].uid
= uid
;
642 a
->aces
[i
].perms
.allow
= state
->everyone
.allow
;
643 a
->aces
[i
].perms
.deny
= state
->everyone
.deny
;
648 static int find_gid(struct posix_acl_state
*state
, kgid_t gid
)
650 struct posix_ace_state_array
*a
= state
->groups
;
653 for (i
= 0; i
< a
->n
; i
++)
654 if (gid_eq(a
->aces
[i
].gid
, gid
))
658 a
->aces
[i
].gid
= gid
;
659 a
->aces
[i
].perms
.allow
= state
->everyone
.allow
;
660 a
->aces
[i
].perms
.deny
= state
->everyone
.deny
;
665 static void deny_bits_array(struct posix_ace_state_array
*a
, u32 mask
)
669 for (i
=0; i
< a
->n
; i
++)
670 deny_bits(&a
->aces
[i
].perms
, mask
);
673 static void allow_bits_array(struct posix_ace_state_array
*a
, u32 mask
)
677 for (i
=0; i
< a
->n
; i
++)
678 allow_bits(&a
->aces
[i
].perms
, mask
);
681 static void process_one_v4_ace(struct posix_acl_state
*state
,
682 struct nfs4_ace
*ace
)
684 u32 mask
= ace
->access_mask
;
689 switch (ace2type(ace
)) {
691 if (ace
->type
== NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
) {
692 allow_bits(&state
->owner
, mask
);
694 deny_bits(&state
->owner
, mask
);
698 i
= find_uid(state
, ace
->who_uid
);
699 if (ace
->type
== NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
) {
700 allow_bits(&state
->users
->aces
[i
].perms
, mask
);
702 deny_bits(&state
->users
->aces
[i
].perms
, mask
);
703 mask
= state
->users
->aces
[i
].perms
.deny
;
704 deny_bits(&state
->owner
, mask
);
708 if (ace
->type
== NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
) {
709 allow_bits(&state
->group
, mask
);
711 deny_bits(&state
->group
, mask
);
712 mask
= state
->group
.deny
;
713 deny_bits(&state
->owner
, mask
);
714 deny_bits(&state
->everyone
, mask
);
715 deny_bits_array(state
->users
, mask
);
716 deny_bits_array(state
->groups
, mask
);
720 i
= find_gid(state
, ace
->who_gid
);
721 if (ace
->type
== NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
) {
722 allow_bits(&state
->groups
->aces
[i
].perms
, mask
);
724 deny_bits(&state
->groups
->aces
[i
].perms
, mask
);
725 mask
= state
->groups
->aces
[i
].perms
.deny
;
726 deny_bits(&state
->owner
, mask
);
727 deny_bits(&state
->group
, mask
);
728 deny_bits(&state
->everyone
, mask
);
729 deny_bits_array(state
->users
, mask
);
730 deny_bits_array(state
->groups
, mask
);
734 if (ace
->type
== NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
) {
735 allow_bits(&state
->owner
, mask
);
736 allow_bits(&state
->group
, mask
);
737 allow_bits(&state
->other
, mask
);
738 allow_bits(&state
->everyone
, mask
);
739 allow_bits_array(state
->users
, mask
);
740 allow_bits_array(state
->groups
, mask
);
742 deny_bits(&state
->owner
, mask
);
743 deny_bits(&state
->group
, mask
);
744 deny_bits(&state
->other
, mask
);
745 deny_bits(&state
->everyone
, mask
);
746 deny_bits_array(state
->users
, mask
);
747 deny_bits_array(state
->groups
, mask
);
752 static int nfs4_acl_nfsv4_to_posix(struct nfs4_acl
*acl
,
753 struct posix_acl
**pacl
, struct posix_acl
**dpacl
,
756 struct posix_acl_state effective_acl_state
, default_acl_state
;
757 struct nfs4_ace
*ace
;
760 ret
= init_state(&effective_acl_state
, acl
->naces
);
763 ret
= init_state(&default_acl_state
, acl
->naces
);
767 for (ace
= acl
->aces
; ace
< acl
->aces
+ acl
->naces
; ace
++) {
768 if (ace
->type
!= NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE
&&
769 ace
->type
!= NFS4_ACE_ACCESS_DENIED_ACE_TYPE
)
771 if (ace
->flag
& ~NFS4_SUPPORTED_FLAGS
)
773 if ((ace
->flag
& NFS4_INHERITANCE_FLAGS
) == 0) {
774 process_one_v4_ace(&effective_acl_state
, ace
);
777 if (!(flags
& NFS4_ACL_DIR
))
780 * Note that when only one of FILE_INHERIT or DIRECTORY_INHERIT
781 * is set, we're effectively turning on the other. That's OK,
782 * according to rfc 3530.
784 process_one_v4_ace(&default_acl_state
, ace
);
786 if (!(ace
->flag
& NFS4_ACE_INHERIT_ONLY_ACE
))
787 process_one_v4_ace(&effective_acl_state
, ace
);
789 *pacl
= posix_state_to_acl(&effective_acl_state
, flags
);
791 ret
= PTR_ERR(*pacl
);
795 *dpacl
= posix_state_to_acl(&default_acl_state
,
796 flags
| NFS4_ACL_TYPE_DEFAULT
);
797 if (IS_ERR(*dpacl
)) {
798 ret
= PTR_ERR(*dpacl
);
800 posix_acl_release(*pacl
);
808 free_state(&default_acl_state
);
810 free_state(&effective_acl_state
);
815 nfsd4_set_nfs4_acl(struct svc_rqst
*rqstp
, struct svc_fh
*fhp
,
816 struct nfs4_acl
*acl
)
820 struct dentry
*dentry
;
822 struct posix_acl
*pacl
= NULL
, *dpacl
= NULL
;
823 unsigned int flags
= 0;
826 error
= fh_verify(rqstp
, fhp
, 0, NFSD_MAY_SATTR
);
830 dentry
= fhp
->fh_dentry
;
831 inode
= dentry
->d_inode
;
833 if (!inode
->i_op
->set_acl
|| !IS_POSIXACL(inode
))
834 return nfserr_attrnotsupp
;
836 if (S_ISDIR(inode
->i_mode
))
837 flags
= NFS4_ACL_DIR
;
839 host_error
= nfs4_acl_nfsv4_to_posix(acl
, &pacl
, &dpacl
, flags
);
840 if (host_error
== -EINVAL
)
841 return nfserr_attrnotsupp
;
845 host_error
= inode
->i_op
->set_acl(inode
, pacl
, ACL_TYPE_ACCESS
);
849 if (S_ISDIR(inode
->i_mode
)) {
850 host_error
= inode
->i_op
->set_acl(inode
, dpacl
,
855 posix_acl_release(pacl
);
856 posix_acl_release(dpacl
);
858 if (host_error
== -EOPNOTSUPP
)
859 return nfserr_attrnotsupp
;
861 return nfserrno(host_error
);
866 ace2type(struct nfs4_ace
*ace
)
868 switch (ace
->whotype
) {
869 case NFS4_ACL_WHO_NAMED
:
870 return (ace
->flag
& NFS4_ACE_IDENTIFIER_GROUP
?
871 ACL_GROUP
: ACL_USER
);
872 case NFS4_ACL_WHO_OWNER
:
874 case NFS4_ACL_WHO_GROUP
:
875 return ACL_GROUP_OBJ
;
876 case NFS4_ACL_WHO_EVERYONE
:
884 * return the size of the struct nfs4_acl required to represent an acl
885 * with @entries entries.
887 int nfs4_acl_bytes(int entries
)
889 return sizeof(struct nfs4_acl
) + entries
* sizeof(struct nfs4_ace
);
899 .stringlen
= sizeof("OWNER@") - 1,
900 .type
= NFS4_ACL_WHO_OWNER
,
904 .stringlen
= sizeof("GROUP@") - 1,
905 .type
= NFS4_ACL_WHO_GROUP
,
908 .string
= "EVERYONE@",
909 .stringlen
= sizeof("EVERYONE@") - 1,
910 .type
= NFS4_ACL_WHO_EVERYONE
,
915 nfs4_acl_get_whotype(char *p
, u32 len
)
919 for (i
= 0; i
< ARRAY_SIZE(s2t_map
); i
++) {
920 if (s2t_map
[i
].stringlen
== len
&&
921 0 == memcmp(s2t_map
[i
].string
, p
, len
))
922 return s2t_map
[i
].type
;
924 return NFS4_ACL_WHO_NAMED
;
927 __be32
nfs4_acl_write_who(struct xdr_stream
*xdr
, int who
)
932 for (i
= 0; i
< ARRAY_SIZE(s2t_map
); i
++) {
933 if (s2t_map
[i
].type
!= who
)
935 p
= xdr_reserve_space(xdr
, s2t_map
[i
].stringlen
+ 4);
937 return nfserr_resource
;
938 p
= xdr_encode_opaque(p
, s2t_map
[i
].string
,
939 s2t_map
[i
].stringlen
);
943 return nfserr_serverfault
;