From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: Re: [PATCH v23 08/22] richacl: Compute maximum file masks from an
 acl
Date: Tue, 05 Jul 2016 10:22:17 -0400
Message-ID: <1467728537.3800.32.camel@redhat.com>
References: <1467294433-3222-1-git-send-email-agruenba@redhat.com>
	 <1467294433-3222-9-git-send-email-agruenba@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Return-path: <linux-nfs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
In-Reply-To: <1467294433-3222-9-git-send-email-agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Sender: linux-nfs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
To: Andreas Gruenbacher <agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, Alexander Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
Cc: Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>, Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>, Andreas Dilger <adilger.kernel-m1MBpc4rdrD3fQ9qLvQP4Q@public.gmane.org>, "J. Bruce Fields" <bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>, Trond Myklebust <trond.myklebust-7I+n7zu2hftEKMMhf/gKZA@public.gmane.org>, Anna Schumaker <anna.schumaker-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org>, Dave Chinner <david-FqsqvQoI3Ljby3iVrkZq2A@public.gmane.org>, linux-ext4-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, xfs-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
List-Id: linux-api@vger.kernel.org

On Thu, 2016-06-30 at 15:46 +0200, Andreas Gruenbacher wrote:
> Compute upper bound owner, group, and other file masks with as few
> permissions as possible without denying any permissions that the NFSv=
4
> acl in a richacl grants.
>=20
> This algorithm is used when a file inherits an acl at create time and
> when an acl is set via a mechanism that does not provide file masks
> (such as setting an acl via nfsd).=C2=A0=C2=A0When user-space sets an=
 acl via
> setxattr, the extended attribute already includes the file masks.
>=20
> Setting an acl also sets the file mode permission bits: they are
> determined by the file masks; see richacl_masks_to_mode().
>=20
> Signed-off-by: Andreas Gruenbacher <agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
> Reviewed-by: J. Bruce Fields <bfields-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
> ---
> =C2=A0fs/richacl.c=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0| 157 ++++++++++++++++++++++++++++++++++++++++++++=
++++
> =C2=A0include/linux/richacl.h |=C2=A0=C2=A0=C2=A01 +
> =C2=A02 files changed, 158 insertions(+)
>=20
> diff --git a/fs/richacl.c b/fs/richacl.c
> index d0a4135..056228f 100644
> --- a/fs/richacl.c
> +++ b/fs/richacl.c
> @@ -181,3 +181,160 @@ richacl_want_to_mask(unsigned int want)
> =C2=A0	return mask;
> =C2=A0}
> =C2=A0EXPORT_SYMBOL_GPL(richacl_want_to_mask);
> +
> +/*
> + * Note: functions like richacl_allowed_to_who(), richacl_group_clas=
s_allowed(),
> + * and richacl_compute_max_masks() iterate through the entire acl in=
 reverse
> + * order as an optimization.
> + *
> + * In the standard algorithm, aces are considered in forward order.=C2=
=A0=C2=A0When a
> + * process matches an ace, the permissions in the ace are either all=
owed or
> + * denied depending on the ace type.=C2=A0=C2=A0Once a permission ha=
s been allowed or
> + * denied, it is no longer considered in further aces.
> + *
> + * By iterating through the acl in reverse order, we can compute the=
 same
> + * result without having to keep track of which permissions have bee=
n allowed
> + * and denied already.
> + */
>=20

Clever!


> +
> +/**
> + * richacl_allowed_to_who=C2=A0=C2=A0-=C2=A0=C2=A0permissions allowe=
d to a specific who value
> + *
> + * Compute the maximum mask values allowed to a specific who value, =
taking
> + * everyone@ aces into account.
> + */
> +static unsigned int richacl_allowed_to_who(struct richacl *acl,
> +					=C2=A0=C2=A0=C2=A0struct richace *who)
> +{
> +	struct richace *ace;
> +	unsigned int allowed =3D 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace))
> +			continue;
> +		if (richace_is_same_identifier(ace, who) ||
> +		=C2=A0=C2=A0=C2=A0=C2=A0richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace))
> +				allowed |=3D ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				allowed &=3D ~ace->e_mask;
> +		}
> +	}
> +	return allowed;
> +}
> +
> +/**
> + * richacl_group_class_allowed=C2=A0=C2=A0-=C2=A0=C2=A0maximum permi=
ssions of the group class
> + *
> + * Compute the maximum mask values allowed to a process in the group=
 class
> + * (i.e., a process which is not the owner but is in the owning grou=
p or
> + * matches a user or group acl entry).=C2=A0=C2=A0This includes perm=
issions granted or
> + * denied by everyone@ aces.
> + *
> + * See richacl_compute_max_masks().
> + */
> +static unsigned int richacl_group_class_allowed(struct richacl *acl)
> +{
> +	struct richace *ace;
> +	unsigned int everyone_allowed =3D 0, group_class_allowed =3D 0;
> +	int had_group_ace =3D 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace) ||
> +		=C2=A0=C2=A0=C2=A0=C2=A0richace_is_owner(ace))
> +			continue;
> +
> +		if (richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace))
> +				everyone_allowed |=3D ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				everyone_allowed &=3D ~ace->e_mask;
> +		} else {
> +			group_class_allowed |=3D
> +				richacl_allowed_to_who(acl, ace);
> +
> +			if (richace_is_group(ace))
> +				had_group_ace =3D 1;
> +		}
> +	}
> +	/*
> +	=C2=A0* If the acl doesn't contain any group@ aces, richacl_allowed=
_to_who()
> +	=C2=A0* wasn't called for the owning group.=C2=A0=C2=A0We could mak=
e that call now, but
> +	=C2=A0* we already know the result (everyone_allowed).
> +	=C2=A0*/
> +	if (!had_group_ace)
> +		group_class_allowed |=3D everyone_allowed;
> +	return group_class_allowed;
> +}
> +
> +/**
> + * richacl_compute_max_masks=C2=A0=C2=A0-=C2=A0=C2=A0compute upper b=
ound masks
> + *
> + * Computes upper bound owner, group, and other masks so that none o=
f the
> + * permissions allowed by the acl are disabled.
> + *
> + * We don't make assumptions about who the owner is so that the owne=
r can
> + * change with no effect on the file masks or file mode permission b=
its; this
> + * means that we must assume that all entries can match the owner.
> + */
> +void richacl_compute_max_masks(struct richacl *acl)
> +{
> +	unsigned int gmask =3D ~0;
> +	struct richace *ace;
> +
> +	/*
> +	=C2=A0* @gmask contains all permissions which the group class is ev=
er
> +	=C2=A0* allowed.=C2=A0=C2=A0We use it to avoid adding permissions t=
o the group mask
> +	=C2=A0* from everyone@ allow aces which the group class is always d=
enied
> +	=C2=A0* through other aces.=C2=A0=C2=A0For example, the following a=
cl would otherwise
> +	=C2=A0* result in a group mask of rw:
> +	=C2=A0*
> +	=C2=A0*	group@:w::deny
> +	=C2=A0*	everyone@:rw::allow
> +	=C2=A0*
> +	=C2=A0* Avoid computing @gmask for acls which do not include any gr=
oup class
> +	=C2=A0* deny aces: in such acls, the group class is never denied an=
y
> +	=C2=A0* permissions from everyone@ allow aces, and the group class =
cannot
> +	=C2=A0* have fewer permissions than the other class.
> +	=C2=A0*/
> +
> +restart:
> +	acl->a_owner_mask =3D 0;
> +	acl->a_group_mask =3D 0;
> +	acl->a_other_mask =3D 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace))
> +			continue;
> +
> +		if (richace_is_owner(ace)) {
> +			if (richace_is_allow(ace))
> +				acl->a_owner_mask |=3D ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				acl->a_owner_mask &=3D ~ace->e_mask;
> +		} else if (richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace)) {
> +				acl->a_owner_mask |=3D ace->e_mask;
> +				acl->a_group_mask |=3D ace->e_mask & gmask;
> +				acl->a_other_mask |=3D ace->e_mask;
> +			} else if (richace_is_deny(ace)) {
> +				acl->a_owner_mask &=3D ~ace->e_mask;
> +				acl->a_group_mask &=3D ~ace->e_mask;
> +				acl->a_other_mask &=3D ~ace->e_mask;
> +			}
> +		} else {
> +			if (richace_is_allow(ace)) {
> +				acl->a_owner_mask |=3D ace->e_mask & gmask;
> +				acl->a_group_mask |=3D ace->e_mask & gmask;
> +			} else if (richace_is_deny(ace) && gmask =3D=3D ~0) {
> +				gmask =3D richacl_group_class_allowed(acl);
> +				if (likely(gmask !=3D ~0))
> +					/* should always be true */
> +					goto restart;
> +			}
> +		}
> +	}
> +
> +	acl->a_flags &=3D ~(RICHACL_WRITE_THROUGH | RICHACL_MASKED);
> +}
> +EXPORT_SYMBOL_GPL(richacl_compute_max_masks);
> diff --git a/include/linux/richacl.h b/include/linux/richacl.h
> index 9102ef0..3559b2c 100644
> --- a/include/linux/richacl.h
> +++ b/include/linux/richacl.h
> @@ -178,5 +178,6 @@ extern void richace_copy(struct richace *, const =
struct richace *);
> =C2=A0extern int richacl_masks_to_mode(const struct richacl *);
> =C2=A0extern unsigned int richacl_mode_to_mask(umode_t);
> =C2=A0extern unsigned int richacl_want_to_mask(unsigned int);
> +extern void richacl_compute_max_masks(struct richacl *);
> =C2=A0
> =C2=A0#endif /* __RICHACL_H */

Reviewed-by: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from mail-qk0-f175.google.com ([209.85.220.175]:35816 "EHLO
	mail-qk0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755175AbcGEOWV (ORCPT
	<rfc822;linux-nfs@vger.kernel.org>); Tue, 5 Jul 2016 10:22:21 -0400
Received: by mail-qk0-f175.google.com with SMTP id s126so5225529qkh.2
        for <linux-nfs@vger.kernel.org>; Tue, 05 Jul 2016 07:22:21 -0700 (PDT)
Message-ID: <1467728537.3800.32.camel@redhat.com>
Subject: Re: [PATCH v23 08/22] richacl: Compute maximum file masks from an
 acl
From: Jeff Layton <jlayton@redhat.com>
To: Andreas Gruenbacher <agruenba@redhat.com>,
        Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Christoph Hellwig <hch@infradead.org>, "Theodore Ts'o" <tytso@mit.edu>,
        Andreas Dilger <adilger.kernel@dilger.ca>,
        "J. Bruce Fields" <bfields@fieldses.org>,
        Trond Myklebust <trond.myklebust@primarydata.com>,
        Anna Schumaker <anna.schumaker@netapp.com>,
        Dave Chinner <david@fromorbit.com>, linux-ext4@vger.kernel.org,
        xfs@oss.sgi.com, linux-kernel@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org,
        linux-cifs@vger.kernel.org, linux-api@vger.kernel.org
Date: Tue, 05 Jul 2016 10:22:17 -0400
In-Reply-To: <1467294433-3222-9-git-send-email-agruenba@redhat.com>
References: <1467294433-3222-1-git-send-email-agruenba@redhat.com>
	 <1467294433-3222-9-git-send-email-agruenba@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Sender: linux-nfs-owner@vger.kernel.org
List-ID: <linux-nfs.vger.kernel.org>

On Thu, 2016-06-30 at 15:46 +0200, Andreas Gruenbacher wrote:
> Compute upper bound owner, group, and other file masks with as few
> permissions as possible without denying any permissions that the NFSv4
> acl in a richacl grants.
> 
> This algorithm is used when a file inherits an acl at create time and
> when an acl is set via a mechanism that does not provide file masks
> (such as setting an acl via nfsd).  When user-space sets an acl via
> setxattr, the extended attribute already includes the file masks.
> 
> Setting an acl also sets the file mode permission bits: they are
> determined by the file masks; see richacl_masks_to_mode().
> 
> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
> Reviewed-by: J. Bruce Fields <bfields@redhat.com>
> ---
>  fs/richacl.c            | 157 ++++++++++++++++++++++++++++++++++++++++++++++++
>  include/linux/richacl.h |   1 +
>  2 files changed, 158 insertions(+)
> 
> diff --git a/fs/richacl.c b/fs/richacl.c
> index d0a4135..056228f 100644
> --- a/fs/richacl.c
> +++ b/fs/richacl.c
> @@ -181,3 +181,160 @@ richacl_want_to_mask(unsigned int want)
>  	return mask;
>  }
>  EXPORT_SYMBOL_GPL(richacl_want_to_mask);
> +
> +/*
> + * Note: functions like richacl_allowed_to_who(), richacl_group_class_allowed(),
> + * and richacl_compute_max_masks() iterate through the entire acl in reverse
> + * order as an optimization.
> + *
> + * In the standard algorithm, aces are considered in forward order.  When a
> + * process matches an ace, the permissions in the ace are either allowed or
> + * denied depending on the ace type.  Once a permission has been allowed or
> + * denied, it is no longer considered in further aces.
> + *
> + * By iterating through the acl in reverse order, we can compute the same
> + * result without having to keep track of which permissions have been allowed
> + * and denied already.
> + */
> 

Clever!


> +
> +/**
> + * richacl_allowed_to_who  -  permissions allowed to a specific who value
> + *
> + * Compute the maximum mask values allowed to a specific who value, taking
> + * everyone@ aces into account.
> + */
> +static unsigned int richacl_allowed_to_who(struct richacl *acl,
> +					   struct richace *who)
> +{
> +	struct richace *ace;
> +	unsigned int allowed = 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace))
> +			continue;
> +		if (richace_is_same_identifier(ace, who) ||
> +		    richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace))
> +				allowed |= ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				allowed &= ~ace->e_mask;
> +		}
> +	}
> +	return allowed;
> +}
> +
> +/**
> + * richacl_group_class_allowed  -  maximum permissions of the group class
> + *
> + * Compute the maximum mask values allowed to a process in the group class
> + * (i.e., a process which is not the owner but is in the owning group or
> + * matches a user or group acl entry).  This includes permissions granted or
> + * denied by everyone@ aces.
> + *
> + * See richacl_compute_max_masks().
> + */
> +static unsigned int richacl_group_class_allowed(struct richacl *acl)
> +{
> +	struct richace *ace;
> +	unsigned int everyone_allowed = 0, group_class_allowed = 0;
> +	int had_group_ace = 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace) ||
> +		    richace_is_owner(ace))
> +			continue;
> +
> +		if (richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace))
> +				everyone_allowed |= ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				everyone_allowed &= ~ace->e_mask;
> +		} else {
> +			group_class_allowed |=
> +				richacl_allowed_to_who(acl, ace);
> +
> +			if (richace_is_group(ace))
> +				had_group_ace = 1;
> +		}
> +	}
> +	/*
> +	 * If the acl doesn't contain any group@ aces, richacl_allowed_to_who()
> +	 * wasn't called for the owning group.  We could make that call now, but
> +	 * we already know the result (everyone_allowed).
> +	 */
> +	if (!had_group_ace)
> +		group_class_allowed |= everyone_allowed;
> +	return group_class_allowed;
> +}
> +
> +/**
> + * richacl_compute_max_masks  -  compute upper bound masks
> + *
> + * Computes upper bound owner, group, and other masks so that none of the
> + * permissions allowed by the acl are disabled.
> + *
> + * We don't make assumptions about who the owner is so that the owner can
> + * change with no effect on the file masks or file mode permission bits; this
> + * means that we must assume that all entries can match the owner.
> + */
> +void richacl_compute_max_masks(struct richacl *acl)
> +{
> +	unsigned int gmask = ~0;
> +	struct richace *ace;
> +
> +	/*
> +	 * @gmask contains all permissions which the group class is ever
> +	 * allowed.  We use it to avoid adding permissions to the group mask
> +	 * from everyone@ allow aces which the group class is always denied
> +	 * through other aces.  For example, the following acl would otherwise
> +	 * result in a group mask of rw:
> +	 *
> +	 *	group@:w::deny
> +	 *	everyone@:rw::allow
> +	 *
> +	 * Avoid computing @gmask for acls which do not include any group class
> +	 * deny aces: in such acls, the group class is never denied any
> +	 * permissions from everyone@ allow aces, and the group class cannot
> +	 * have fewer permissions than the other class.
> +	 */
> +
> +restart:
> +	acl->a_owner_mask = 0;
> +	acl->a_group_mask = 0;
> +	acl->a_other_mask = 0;
> +
> +	richacl_for_each_entry_reverse(ace, acl) {
> +		if (richace_is_inherit_only(ace))
> +			continue;
> +
> +		if (richace_is_owner(ace)) {
> +			if (richace_is_allow(ace))
> +				acl->a_owner_mask |= ace->e_mask;
> +			else if (richace_is_deny(ace))
> +				acl->a_owner_mask &= ~ace->e_mask;
> +		} else if (richace_is_everyone(ace)) {
> +			if (richace_is_allow(ace)) {
> +				acl->a_owner_mask |= ace->e_mask;
> +				acl->a_group_mask |= ace->e_mask & gmask;
> +				acl->a_other_mask |= ace->e_mask;
> +			} else if (richace_is_deny(ace)) {
> +				acl->a_owner_mask &= ~ace->e_mask;
> +				acl->a_group_mask &= ~ace->e_mask;
> +				acl->a_other_mask &= ~ace->e_mask;
> +			}
> +		} else {
> +			if (richace_is_allow(ace)) {
> +				acl->a_owner_mask |= ace->e_mask & gmask;
> +				acl->a_group_mask |= ace->e_mask & gmask;
> +			} else if (richace_is_deny(ace) && gmask == ~0) {
> +				gmask = richacl_group_class_allowed(acl);
> +				if (likely(gmask != ~0))
> +					/* should always be true */
> +					goto restart;
> +			}
> +		}
> +	}
> +
> +	acl->a_flags &= ~(RICHACL_WRITE_THROUGH | RICHACL_MASKED);
> +}
> +EXPORT_SYMBOL_GPL(richacl_compute_max_masks);
> diff --git a/include/linux/richacl.h b/include/linux/richacl.h
> index 9102ef0..3559b2c 100644
> --- a/include/linux/richacl.h
> +++ b/include/linux/richacl.h
> @@ -178,5 +178,6 @@ extern void richace_copy(struct richace *, const struct richace *);
>  extern int richacl_masks_to_mode(const struct richacl *);
>  extern unsigned int richacl_mode_to_mask(umode_t);
>  extern unsigned int richacl_want_to_mask(unsigned int);
> +extern void richacl_compute_max_masks(struct richacl *);
>  
>  #endif /* __RICHACL_H */

Reviewed-by: Jeff Layton <jlayton@redhat.com>

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <xfs-bounces@oss.sgi.com>
Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111])
	by oss.sgi.com (Postfix) with ESMTP id 9338A7CD5
	for <xfs@oss.sgi.com>; Tue,  5 Jul 2016 09:22:26 -0500 (CDT)
Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15])
	by relay1.corp.sgi.com (Postfix) with ESMTP id 660388F8039
	for <xfs@oss.sgi.com>; Tue,  5 Jul 2016 07:22:26 -0700 (PDT)
Received: from mail-qk0-f179.google.com (mail-qk0-f179.google.com
	[209.85.220.179]) by cuda.sgi.com with ESMTP id
	8NKxiatT7mGmdrPX (version=TLSv1.2
	cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for
	<xfs@oss.sgi.com>; Tue, 05 Jul 2016 07:22:20 -0700 (PDT)
Received: by mail-qk0-f179.google.com with SMTP id t127so289341053qkf.1
	for <xfs@oss.sgi.com>; Tue, 05 Jul 2016 07:22:20 -0700 (PDT)
Message-ID: <1467728537.3800.32.camel@redhat.com>
Subject: Re: [PATCH v23 08/22] richacl: Compute maximum file masks from an acl
From: Jeff Layton <jlayton@redhat.com>
Date: Tue, 05 Jul 2016 10:22:17 -0400
In-Reply-To: <1467294433-3222-9-git-send-email-agruenba@redhat.com>
References: <1467294433-3222-1-git-send-email-agruenba@redhat.com>
	<1467294433-3222-9-git-send-email-agruenba@redhat.com>
Mime-Version: 1.0
List-Id: XFS Filesystem from SGI <xfs.oss.sgi.com>
List-Unsubscribe: <http://oss.sgi.com/mailman/options/xfs>,
	<mailto:xfs-request@oss.sgi.com?subject=unsubscribe>
List-Archive: <http://oss.sgi.com/pipermail/xfs>
List-Post: <mailto:xfs@oss.sgi.com>
List-Help: <mailto:xfs-request@oss.sgi.com?subject=help>
List-Subscribe: <http://oss.sgi.com/mailman/listinfo/xfs>,
	<mailto:xfs-request@oss.sgi.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: xfs-bounces@oss.sgi.com
Sender: xfs-bounces@oss.sgi.com
To: Andreas Gruenbacher <agruenba@redhat.com>, Alexander Viro <viro@zeniv.linux.org.uk>
Cc: "J. Bruce Fields" <bfields@fieldses.org>, linux-nfs@vger.kernel.org, Theodore Ts'o <tytso@mit.edu>, linux-cifs@vger.kernel.org, linux-api@vger.kernel.org, Trond Myklebust <trond.myklebust@primarydata.com>, linux-kernel@vger.kernel.org, xfs@oss.sgi.com, Christoph Hellwig <hch@infradead.org>, Andreas Dilger <adilger.kernel@dilger.ca>, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, Anna Schumaker <anna.schumaker@netapp.com>

T24gVGh1LCAyMDE2LTA2LTMwIGF0IDE1OjQ2ICswMjAwLCBBbmRyZWFzIEdydWVuYmFjaGVyIHdy
b3RlOgo+IENvbXB1dGUgdXBwZXIgYm91bmQgb3duZXIsIGdyb3VwLCBhbmQgb3RoZXIgZmlsZSBt
YXNrcyB3aXRoIGFzIGZldwo+IHBlcm1pc3Npb25zIGFzIHBvc3NpYmxlIHdpdGhvdXQgZGVueWlu
ZyBhbnkgcGVybWlzc2lvbnMgdGhhdCB0aGUgTkZTdjQKPiBhY2wgaW4gYSByaWNoYWNsIGdyYW50
cy4KPiAKPiBUaGlzIGFsZ29yaXRobSBpcyB1c2VkIHdoZW4gYSBmaWxlIGluaGVyaXRzIGFuIGFj
bCBhdCBjcmVhdGUgdGltZSBhbmQKPiB3aGVuIGFuIGFjbCBpcyBzZXQgdmlhIGEgbWVjaGFuaXNt
IHRoYXQgZG9lcyBub3QgcHJvdmlkZSBmaWxlIG1hc2tzCj4gKHN1Y2ggYXMgc2V0dGluZyBhbiBh
Y2wgdmlhIG5mc2QpLsKgwqBXaGVuIHVzZXItc3BhY2Ugc2V0cyBhbiBhY2wgdmlhCj4gc2V0eGF0
dHIsIHRoZSBleHRlbmRlZCBhdHRyaWJ1dGUgYWxyZWFkeSBpbmNsdWRlcyB0aGUgZmlsZSBtYXNr
cy4KPiAKPiBTZXR0aW5nIGFuIGFjbCBhbHNvIHNldHMgdGhlIGZpbGUgbW9kZSBwZXJtaXNzaW9u
IGJpdHM6IHRoZXkgYXJlCj4gZGV0ZXJtaW5lZCBieSB0aGUgZmlsZSBtYXNrczsgc2VlIHJpY2hh
Y2xfbWFza3NfdG9fbW9kZSgpLgo+IAo+IFNpZ25lZC1vZmYtYnk6IEFuZHJlYXMgR3J1ZW5iYWNo
ZXIgPGFncnVlbmJhQHJlZGhhdC5jb20+Cj4gUmV2aWV3ZWQtYnk6IEouIEJydWNlIEZpZWxkcyA8
YmZpZWxkc0ByZWRoYXQuY29tPgo+IC0tLQo+IMKgZnMvcmljaGFjbC5jwqDCoMKgwqDCoMKgwqDC
oMKgwqDCoMKgfCAxNTcgKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysr
KysrKysrCj4gwqBpbmNsdWRlL2xpbnV4L3JpY2hhY2wuaCB8wqDCoMKgMSArCj4gwqAyIGZpbGVz
IGNoYW5nZWQsIDE1OCBpbnNlcnRpb25zKCspCj4gCj4gZGlmZiAtLWdpdCBhL2ZzL3JpY2hhY2wu
YyBiL2ZzL3JpY2hhY2wuYwo+IGluZGV4IGQwYTQxMzUuLjA1NjIyOGYgMTAwNjQ0Cj4gLS0tIGEv
ZnMvcmljaGFjbC5jCj4gKysrIGIvZnMvcmljaGFjbC5jCj4gQEAgLTE4MSwzICsxODEsMTYwIEBA
IHJpY2hhY2xfd2FudF90b19tYXNrKHVuc2lnbmVkIGludCB3YW50KQo+IMKgCXJldHVybiBtYXNr
Owo+IMKgfQo+IMKgRVhQT1JUX1NZTUJPTF9HUEwocmljaGFjbF93YW50X3RvX21hc2spOwo+ICsK
PiArLyoKPiArICogTm90ZTogZnVuY3Rpb25zIGxpa2UgcmljaGFjbF9hbGxvd2VkX3RvX3dobygp
LCByaWNoYWNsX2dyb3VwX2NsYXNzX2FsbG93ZWQoKSwKPiArICogYW5kIHJpY2hhY2xfY29tcHV0
ZV9tYXhfbWFza3MoKSBpdGVyYXRlIHRocm91Z2ggdGhlIGVudGlyZSBhY2wgaW4gcmV2ZXJzZQo+
ICsgKiBvcmRlciBhcyBhbiBvcHRpbWl6YXRpb24uCj4gKyAqCj4gKyAqIEluIHRoZSBzdGFuZGFy
ZCBhbGdvcml0aG0sIGFjZXMgYXJlIGNvbnNpZGVyZWQgaW4gZm9yd2FyZCBvcmRlci7CoMKgV2hl
biBhCj4gKyAqIHByb2Nlc3MgbWF0Y2hlcyBhbiBhY2UsIHRoZSBwZXJtaXNzaW9ucyBpbiB0aGUg
YWNlIGFyZSBlaXRoZXIgYWxsb3dlZCBvcgo+ICsgKiBkZW5pZWQgZGVwZW5kaW5nIG9uIHRoZSBh
Y2UgdHlwZS7CoMKgT25jZSBhIHBlcm1pc3Npb24gaGFzIGJlZW4gYWxsb3dlZCBvcgo+ICsgKiBk
ZW5pZWQsIGl0IGlzIG5vIGxvbmdlciBjb25zaWRlcmVkIGluIGZ1cnRoZXIgYWNlcy4KPiArICoK
PiArICogQnkgaXRlcmF0aW5nIHRocm91Z2ggdGhlIGFjbCBpbiByZXZlcnNlIG9yZGVyLCB3ZSBj
YW4gY29tcHV0ZSB0aGUgc2FtZQo+ICsgKiByZXN1bHQgd2l0aG91dCBoYXZpbmcgdG8ga2VlcCB0
cmFjayBvZiB3aGljaCBwZXJtaXNzaW9ucyBoYXZlIGJlZW4gYWxsb3dlZAo+ICsgKiBhbmQgZGVu
aWVkIGFscmVhZHkuCj4gKyAqLwo+IAoKQ2xldmVyIQoKCj4gKwo+ICsvKioKPiArICogcmljaGFj
bF9hbGxvd2VkX3RvX3dob8KgwqAtwqDCoHBlcm1pc3Npb25zIGFsbG93ZWQgdG8gYSBzcGVjaWZp
YyB3aG8gdmFsdWUKPiArICoKPiArICogQ29tcHV0ZSB0aGUgbWF4aW11bSBtYXNrIHZhbHVlcyBh
bGxvd2VkIHRvIGEgc3BlY2lmaWMgd2hvIHZhbHVlLCB0YWtpbmcKPiArICogZXZlcnlvbmVAIGFj
ZXMgaW50byBhY2NvdW50Lgo+ICsgKi8KPiArc3RhdGljIHVuc2lnbmVkIGludCByaWNoYWNsX2Fs
bG93ZWRfdG9fd2hvKHN0cnVjdCByaWNoYWNsICphY2wsCj4gKwkJCQkJwqDCoMKgc3RydWN0IHJp
Y2hhY2UgKndobykKPiArewo+ICsJc3RydWN0IHJpY2hhY2UgKmFjZTsKPiArCXVuc2lnbmVkIGlu
dCBhbGxvd2VkID0gMDsKPiArCj4gKwlyaWNoYWNsX2Zvcl9lYWNoX2VudHJ5X3JldmVyc2UoYWNl
LCBhY2wpIHsKPiArCQlpZiAocmljaGFjZV9pc19pbmhlcml0X29ubHkoYWNlKSkKPiArCQkJY29u
dGludWU7Cj4gKwkJaWYgKHJpY2hhY2VfaXNfc2FtZV9pZGVudGlmaWVyKGFjZSwgd2hvKSB8fAo+
ICsJCcKgwqDCoMKgcmljaGFjZV9pc19ldmVyeW9uZShhY2UpKSB7Cj4gKwkJCWlmIChyaWNoYWNl
X2lzX2FsbG93KGFjZSkpCj4gKwkJCQlhbGxvd2VkIHw9IGFjZS0+ZV9tYXNrOwo+ICsJCQllbHNl
IGlmIChyaWNoYWNlX2lzX2RlbnkoYWNlKSkKPiArCQkJCWFsbG93ZWQgJj0gfmFjZS0+ZV9tYXNr
Owo+ICsJCX0KPiArCX0KPiArCXJldHVybiBhbGxvd2VkOwo+ICt9Cj4gKwo+ICsvKioKPiArICog
cmljaGFjbF9ncm91cF9jbGFzc19hbGxvd2VkwqDCoC3CoMKgbWF4aW11bSBwZXJtaXNzaW9ucyBv
ZiB0aGUgZ3JvdXAgY2xhc3MKPiArICoKPiArICogQ29tcHV0ZSB0aGUgbWF4aW11bSBtYXNrIHZh
bHVlcyBhbGxvd2VkIHRvIGEgcHJvY2VzcyBpbiB0aGUgZ3JvdXAgY2xhc3MKPiArICogKGkuZS4s
IGEgcHJvY2VzcyB3aGljaCBpcyBub3QgdGhlIG93bmVyIGJ1dCBpcyBpbiB0aGUgb3duaW5nIGdy
b3VwIG9yCj4gKyAqIG1hdGNoZXMgYSB1c2VyIG9yIGdyb3VwIGFjbCBlbnRyeSkuwqDCoFRoaXMg
aW5jbHVkZXMgcGVybWlzc2lvbnMgZ3JhbnRlZCBvcgo+ICsgKiBkZW5pZWQgYnkgZXZlcnlvbmVA
IGFjZXMuCj4gKyAqCj4gKyAqIFNlZSByaWNoYWNsX2NvbXB1dGVfbWF4X21hc2tzKCkuCj4gKyAq
Lwo+ICtzdGF0aWMgdW5zaWduZWQgaW50IHJpY2hhY2xfZ3JvdXBfY2xhc3NfYWxsb3dlZChzdHJ1
Y3QgcmljaGFjbCAqYWNsKQo+ICt7Cj4gKwlzdHJ1Y3QgcmljaGFjZSAqYWNlOwo+ICsJdW5zaWdu
ZWQgaW50IGV2ZXJ5b25lX2FsbG93ZWQgPSAwLCBncm91cF9jbGFzc19hbGxvd2VkID0gMDsKPiAr
CWludCBoYWRfZ3JvdXBfYWNlID0gMDsKPiArCj4gKwlyaWNoYWNsX2Zvcl9lYWNoX2VudHJ5X3Jl
dmVyc2UoYWNlLCBhY2wpIHsKPiArCQlpZiAocmljaGFjZV9pc19pbmhlcml0X29ubHkoYWNlKSB8
fAo+ICsJCcKgwqDCoMKgcmljaGFjZV9pc19vd25lcihhY2UpKQo+ICsJCQljb250aW51ZTsKPiAr
Cj4gKwkJaWYgKHJpY2hhY2VfaXNfZXZlcnlvbmUoYWNlKSkgewo+ICsJCQlpZiAocmljaGFjZV9p
c19hbGxvdyhhY2UpKQo+ICsJCQkJZXZlcnlvbmVfYWxsb3dlZCB8PSBhY2UtPmVfbWFzazsKPiAr
CQkJZWxzZSBpZiAocmljaGFjZV9pc19kZW55KGFjZSkpCj4gKwkJCQlldmVyeW9uZV9hbGxvd2Vk
ICY9IH5hY2UtPmVfbWFzazsKPiArCQl9IGVsc2Ugewo+ICsJCQlncm91cF9jbGFzc19hbGxvd2Vk
IHw9Cj4gKwkJCQlyaWNoYWNsX2FsbG93ZWRfdG9fd2hvKGFjbCwgYWNlKTsKPiArCj4gKwkJCWlm
IChyaWNoYWNlX2lzX2dyb3VwKGFjZSkpCj4gKwkJCQloYWRfZ3JvdXBfYWNlID0gMTsKPiArCQl9
Cj4gKwl9Cj4gKwkvKgo+ICsJwqAqIElmIHRoZSBhY2wgZG9lc24ndCBjb250YWluIGFueSBncm91
cEAgYWNlcywgcmljaGFjbF9hbGxvd2VkX3RvX3dobygpCj4gKwnCoCogd2Fzbid0IGNhbGxlZCBm
b3IgdGhlIG93bmluZyBncm91cC7CoMKgV2UgY291bGQgbWFrZSB0aGF0IGNhbGwgbm93LCBidXQK
PiArCcKgKiB3ZSBhbHJlYWR5IGtub3cgdGhlIHJlc3VsdCAoZXZlcnlvbmVfYWxsb3dlZCkuCj4g
KwnCoCovCj4gKwlpZiAoIWhhZF9ncm91cF9hY2UpCj4gKwkJZ3JvdXBfY2xhc3NfYWxsb3dlZCB8
PSBldmVyeW9uZV9hbGxvd2VkOwo+ICsJcmV0dXJuIGdyb3VwX2NsYXNzX2FsbG93ZWQ7Cj4gK30K
PiArCj4gKy8qKgo+ICsgKiByaWNoYWNsX2NvbXB1dGVfbWF4X21hc2tzwqDCoC3CoMKgY29tcHV0
ZSB1cHBlciBib3VuZCBtYXNrcwo+ICsgKgo+ICsgKiBDb21wdXRlcyB1cHBlciBib3VuZCBvd25l
ciwgZ3JvdXAsIGFuZCBvdGhlciBtYXNrcyBzbyB0aGF0IG5vbmUgb2YgdGhlCj4gKyAqIHBlcm1p
c3Npb25zIGFsbG93ZWQgYnkgdGhlIGFjbCBhcmUgZGlzYWJsZWQuCj4gKyAqCj4gKyAqIFdlIGRv
bid0IG1ha2UgYXNzdW1wdGlvbnMgYWJvdXQgd2hvIHRoZSBvd25lciBpcyBzbyB0aGF0IHRoZSBv
d25lciBjYW4KPiArICogY2hhbmdlIHdpdGggbm8gZWZmZWN0IG9uIHRoZSBmaWxlIG1hc2tzIG9y
IGZpbGUgbW9kZSBwZXJtaXNzaW9uIGJpdHM7IHRoaXMKPiArICogbWVhbnMgdGhhdCB3ZSBtdXN0
IGFzc3VtZSB0aGF0IGFsbCBlbnRyaWVzIGNhbiBtYXRjaCB0aGUgb3duZXIuCj4gKyAqLwo+ICt2
b2lkIHJpY2hhY2xfY29tcHV0ZV9tYXhfbWFza3Moc3RydWN0IHJpY2hhY2wgKmFjbCkKPiArewo+
ICsJdW5zaWduZWQgaW50IGdtYXNrID0gfjA7Cj4gKwlzdHJ1Y3QgcmljaGFjZSAqYWNlOwo+ICsK
PiArCS8qCj4gKwnCoCogQGdtYXNrIGNvbnRhaW5zIGFsbCBwZXJtaXNzaW9ucyB3aGljaCB0aGUg
Z3JvdXAgY2xhc3MgaXMgZXZlcgo+ICsJwqAqIGFsbG93ZWQuwqDCoFdlIHVzZSBpdCB0byBhdm9p
ZCBhZGRpbmcgcGVybWlzc2lvbnMgdG8gdGhlIGdyb3VwIG1hc2sKPiArCcKgKiBmcm9tIGV2ZXJ5
b25lQCBhbGxvdyBhY2VzIHdoaWNoIHRoZSBncm91cCBjbGFzcyBpcyBhbHdheXMgZGVuaWVkCj4g
KwnCoCogdGhyb3VnaCBvdGhlciBhY2VzLsKgwqBGb3IgZXhhbXBsZSwgdGhlIGZvbGxvd2luZyBh
Y2wgd291bGQgb3RoZXJ3aXNlCj4gKwnCoCogcmVzdWx0IGluIGEgZ3JvdXAgbWFzayBvZiBydzoK
PiArCcKgKgo+ICsJwqAqCWdyb3VwQDp3OjpkZW55Cj4gKwnCoCoJZXZlcnlvbmVAOnJ3OjphbGxv
dwo+ICsJwqAqCj4gKwnCoCogQXZvaWQgY29tcHV0aW5nIEBnbWFzayBmb3IgYWNscyB3aGljaCBk
byBub3QgaW5jbHVkZSBhbnkgZ3JvdXAgY2xhc3MKPiArCcKgKiBkZW55IGFjZXM6IGluIHN1Y2gg
YWNscywgdGhlIGdyb3VwIGNsYXNzIGlzIG5ldmVyIGRlbmllZCBhbnkKPiArCcKgKiBwZXJtaXNz
aW9ucyBmcm9tIGV2ZXJ5b25lQCBhbGxvdyBhY2VzLCBhbmQgdGhlIGdyb3VwIGNsYXNzIGNhbm5v
dAo+ICsJwqAqIGhhdmUgZmV3ZXIgcGVybWlzc2lvbnMgdGhhbiB0aGUgb3RoZXIgY2xhc3MuCj4g
KwnCoCovCj4gKwo+ICtyZXN0YXJ0Ogo+ICsJYWNsLT5hX293bmVyX21hc2sgPSAwOwo+ICsJYWNs
LT5hX2dyb3VwX21hc2sgPSAwOwo+ICsJYWNsLT5hX290aGVyX21hc2sgPSAwOwo+ICsKPiArCXJp
Y2hhY2xfZm9yX2VhY2hfZW50cnlfcmV2ZXJzZShhY2UsIGFjbCkgewo+ICsJCWlmIChyaWNoYWNl
X2lzX2luaGVyaXRfb25seShhY2UpKQo+ICsJCQljb250aW51ZTsKPiArCj4gKwkJaWYgKHJpY2hh
Y2VfaXNfb3duZXIoYWNlKSkgewo+ICsJCQlpZiAocmljaGFjZV9pc19hbGxvdyhhY2UpKQo+ICsJ
CQkJYWNsLT5hX293bmVyX21hc2sgfD0gYWNlLT5lX21hc2s7Cj4gKwkJCWVsc2UgaWYgKHJpY2hh
Y2VfaXNfZGVueShhY2UpKQo+ICsJCQkJYWNsLT5hX293bmVyX21hc2sgJj0gfmFjZS0+ZV9tYXNr
Owo+ICsJCX0gZWxzZSBpZiAocmljaGFjZV9pc19ldmVyeW9uZShhY2UpKSB7Cj4gKwkJCWlmIChy
aWNoYWNlX2lzX2FsbG93KGFjZSkpIHsKPiArCQkJCWFjbC0+YV9vd25lcl9tYXNrIHw9IGFjZS0+
ZV9tYXNrOwo+ICsJCQkJYWNsLT5hX2dyb3VwX21hc2sgfD0gYWNlLT5lX21hc2sgJiBnbWFzazsK
PiArCQkJCWFjbC0+YV9vdGhlcl9tYXNrIHw9IGFjZS0+ZV9tYXNrOwo+ICsJCQl9IGVsc2UgaWYg
KHJpY2hhY2VfaXNfZGVueShhY2UpKSB7Cj4gKwkJCQlhY2wtPmFfb3duZXJfbWFzayAmPSB+YWNl
LT5lX21hc2s7Cj4gKwkJCQlhY2wtPmFfZ3JvdXBfbWFzayAmPSB+YWNlLT5lX21hc2s7Cj4gKwkJ
CQlhY2wtPmFfb3RoZXJfbWFzayAmPSB+YWNlLT5lX21hc2s7Cj4gKwkJCX0KPiArCQl9IGVsc2Ug
ewo+ICsJCQlpZiAocmljaGFjZV9pc19hbGxvdyhhY2UpKSB7Cj4gKwkJCQlhY2wtPmFfb3duZXJf
bWFzayB8PSBhY2UtPmVfbWFzayAmIGdtYXNrOwo+ICsJCQkJYWNsLT5hX2dyb3VwX21hc2sgfD0g
YWNlLT5lX21hc2sgJiBnbWFzazsKPiArCQkJfSBlbHNlIGlmIChyaWNoYWNlX2lzX2RlbnkoYWNl
KSAmJiBnbWFzayA9PSB+MCkgewo+ICsJCQkJZ21hc2sgPSByaWNoYWNsX2dyb3VwX2NsYXNzX2Fs
bG93ZWQoYWNsKTsKPiArCQkJCWlmIChsaWtlbHkoZ21hc2sgIT0gfjApKQo+ICsJCQkJCS8qIHNo
b3VsZCBhbHdheXMgYmUgdHJ1ZSAqLwo+ICsJCQkJCWdvdG8gcmVzdGFydDsKPiArCQkJfQo+ICsJ
CX0KPiArCX0KPiArCj4gKwlhY2wtPmFfZmxhZ3MgJj0gfihSSUNIQUNMX1dSSVRFX1RIUk9VR0gg
fCBSSUNIQUNMX01BU0tFRCk7Cj4gK30KPiArRVhQT1JUX1NZTUJPTF9HUEwocmljaGFjbF9jb21w
dXRlX21heF9tYXNrcyk7Cj4gZGlmZiAtLWdpdCBhL2luY2x1ZGUvbGludXgvcmljaGFjbC5oIGIv
aW5jbHVkZS9saW51eC9yaWNoYWNsLmgKPiBpbmRleCA5MTAyZWYwLi4zNTU5YjJjIDEwMDY0NAo+
IC0tLSBhL2luY2x1ZGUvbGludXgvcmljaGFjbC5oCj4gKysrIGIvaW5jbHVkZS9saW51eC9yaWNo
YWNsLmgKPiBAQCAtMTc4LDUgKzE3OCw2IEBAIGV4dGVybiB2b2lkIHJpY2hhY2VfY29weShzdHJ1
Y3QgcmljaGFjZSAqLCBjb25zdCBzdHJ1Y3QgcmljaGFjZSAqKTsKPiDCoGV4dGVybiBpbnQgcmlj
aGFjbF9tYXNrc190b19tb2RlKGNvbnN0IHN0cnVjdCByaWNoYWNsICopOwo+IMKgZXh0ZXJuIHVu
c2lnbmVkIGludCByaWNoYWNsX21vZGVfdG9fbWFzayh1bW9kZV90KTsKPiDCoGV4dGVybiB1bnNp
Z25lZCBpbnQgcmljaGFjbF93YW50X3RvX21hc2sodW5zaWduZWQgaW50KTsKPiArZXh0ZXJuIHZv
aWQgcmljaGFjbF9jb21wdXRlX21heF9tYXNrcyhzdHJ1Y3QgcmljaGFjbCAqKTsKPiDCoAo+IMKg
I2VuZGlmIC8qIF9fUklDSEFDTF9IICovCgpSZXZpZXdlZC1ieTogSmVmZiBMYXl0b24gPGpsYXl0
b25AcmVkaGF0LmNvbT4KCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fCnhmcyBtYWlsaW5nIGxpc3QKeGZzQG9zcy5zZ2kuY29tCmh0dHA6Ly9vc3Muc2dpLmNv
bS9tYWlsbWFuL2xpc3RpbmZvL3hmcwo=