From: "Aneesh Kumar K. V" <aneesh.kumar@linux.vnet.ibm.com>
To: Jeff Layton <jlayton@redhat.com>
Cc: sfrench@us.ibm.com, ffilz@us.ibm.com, agruen@suse.de,
adilger@sun.com, sandeen@redhat.com, tytso@mit.edu,
bfields@citi.umich.edu, linux-fsdevel@vger.kernel.org,
nfsv4@linux-nfs.org, linux-ext4@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH -V4 07/11] vfs: Make acl_permission_check() work for richacls
Date: Sat, 25 Sep 2010 00:25:51 +0530 [thread overview]
Message-ID: <m3y6ar9djc.fsf@linux.vnet.ibm.com> (raw)
In-Reply-To: <20100924115049.47b1217b@tlielax.poochiereds.net>
On Fri, 24 Sep 2010 11:50:49 -0400, Jeff Layton <jlayton@redhat.com> wrote:
> On Fri, 24 Sep 2010 18:18:10 +0530
> "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com> wrote:
>
> > From: Andreas Gruenbacher <agruen@suse.de>
> >
> > Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
> > Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> > ---
> > fs/namei.c | 6 ++++++
> > 1 files changed, 6 insertions(+), 0 deletions(-)
> >
> > diff --git a/fs/namei.c b/fs/namei.c
> > index 855b360..b0b8a71 100644
> > --- a/fs/namei.c
> > +++ b/fs/namei.c
> > @@ -174,6 +174,12 @@ static int acl_permission_check(struct inode *inode, int mask,
> > {
> > umode_t mode = inode->i_mode;
> >
> > + if (IS_RICHACL(inode)) {
> > + int error = check_acl(inode, mask);
> > + if (error != -EAGAIN)
> > + return error;
> > + }
> > +
> > if (current_fsuid() == inode->i_uid)
> > mode >>= 6;
> > else {
>
> This may just be my own ignorance of ACL semantics and unfamiliarity
> with the ACL code in general. It seems a bit unusual though...
>
> Just to be clear...this patch implies that with richacls you can deny
> or grant access to the owner of the file even if the mode bits say
> otherwise. With POSIX acls, this seems to be the other way around.
>
> Hmm....guess I should read the spec...
>
To be POSIX compatible we need to ensure that additional file access
control mechanisms may only further restrict the access permissions defined
by the file permission bits. So with rich acl, similar to POSIX ACL,
we use file mask as an upper bound of the acess permission
allowed. Unlike POSIX ACL where the 'owner' and 'other' ACL entry access
mask is kept in sync with mode bits, rich acl include a file mask even
for 'owner' and 'everyone' entries.
The patch that gives more details about the permission check algo can be
found at
http://git.kernel.org/?p=linux/kernel/git/agruen/linux-2.6-richacl.git;a=commitdiff;h=442c675aeac85cfc893a2ec600f7fb3da3951177;hp=02456437cf280838a50ef00d7b4df2e7179fe6b2
-aneesh
next prev parent reply other threads:[~2010-09-24 18:56 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-24 12:48 [PATCH -V4 00/11] New ACL format for better NFSv4 acl interoperability Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 01/11] vfs: Indicate that the permission functions take all the MAY_* flags Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 02/11] vfs: Pass all mask flags down to iop->check_acl Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 03/11] vfs: Add a comment to inode_permission() Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 04/11] vfs: Add generic IS_ACL() test for acl support Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 05/11] vfs: Add IS_RICHACL() test for richacl support Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 06/11] vfs: Optimize out IS_RICHACL() if CONFIG_FS_RICHACL is not defined Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 07/11] vfs: Make acl_permission_check() work for richacls Aneesh Kumar K.V
2010-09-24 15:50 ` Jeff Layton
2010-09-24 18:55 ` Aneesh Kumar K. V [this message]
2010-09-27 13:03 ` Andreas Gruenbacher
2010-09-24 12:48 ` [PATCH -V4 08/11] vfs: Add new file and directory create permission flags Aneesh Kumar K.V
2010-09-24 15:54 ` Jeff Layton
2010-09-24 19:16 ` Aneesh Kumar K. V
2010-09-24 19:23 ` Jeff Layton
2010-09-27 13:14 ` Andreas Gruenbacher
2011-01-02 23:21 ` Ted Ts'o
2011-01-03 5:20 ` Andreas Dilger
2011-01-03 5:59 ` Andreas Dilger
2011-01-03 14:20 ` Aneesh Kumar K. V
2010-09-24 12:48 ` [PATCH -V4 09/11] vfs: Add delete child and delete self " Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 10/11] vfs: Make the inode passed to inode_change_ok non-const Aneesh Kumar K.V
2010-09-24 12:48 ` [PATCH -V4 11/11] vfs: Add permission flags for setting file attributes Aneesh Kumar K.V
2010-10-12 0:24 ` [PATCH -V4 00/11] New ACL format for better NFSv4 acl interoperability J. Bruce Fields
2010-10-12 7:17 ` Aneesh Kumar K. V
2010-10-12 15:35 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3y6ar9djc.fsf@linux.vnet.ibm.com \
--to=aneesh.kumar@linux.vnet.ibm.com \
--cc=adilger@sun.com \
--cc=agruen@suse.de \
--cc=bfields@citi.umich.edu \
--cc=ffilz@us.ibm.com \
--cc=jlayton@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nfsv4@linux-nfs.org \
--cc=sandeen@redhat.com \
--cc=sfrench@us.ibm.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).