From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
To: sfrench@us.ibm.com, ffilz@us.ibm.com, agruen@suse.de,
adilger@sun.com, sandeen@redhat.com, tytso@mit.edu,
staubach@redhat.com, bfields@citi.umich.edu, jlayton@redhat.com
Cc: aneesh.kumar@linux.vnet.ibm.com, linux-fsdevel@vger.kernel.org,
nfsv4@linux-nfs.org, linux-ext4@vger.kernel.org
Subject: [PATCH 06/23] vfs: Implement those parts of Automatic Inheritance (AI) which are safe under POSIX
Date: Mon, 1 Feb 2010 11:04:48 +0530 [thread overview]
Message-ID: <1265002505-8387-7-git-send-email-aneesh.kumar@linux.vnet.ibm.com> (raw)
In-Reply-To: <1265002505-8387-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com>
From: Andreas Gruenbacher <agruen@suse.de>
If AI is disabled for a directory (ACL4_AUTO_INHERIT
not set), nothing changes. If AI is enabled for a directory, the
create-time inheritance algorithm changes as follows:
* All inherited ACEs will have the ACE4_INHERITED_ACE flag set.
* The create mode is applied to the ACL (by setting the file masks),
which means that the ACL must no longer be subject to AI permission
propagation, and so the ACL4_PROTECTED is set.
By itelf, this is relatively useless because it will not allow
permissions to propagate, but AI aware applications can clear the
ACL4_PROTECTED flag when they know what they are doing, and this will
enable AI permission propagation.
It would be nice if AI aware applications could indicate this fact to
the kernel so that the kernel can avoid setting the ACL4_PROTECTED flag
in the first place, but there is no such user-space interface at this
point.
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
---
fs/richacl_base.c | 12 ++++++++++--
include/linux/richacl.h | 26 +++++++++++++++++++++++---
2 files changed, 33 insertions(+), 5 deletions(-)
diff --git a/fs/richacl_base.c b/fs/richacl_base.c
index de99340..e75f713 100644
--- a/fs/richacl_base.c
+++ b/fs/richacl_base.c
@@ -150,7 +150,8 @@ richacl_chmod(struct richacl *acl, mode_t mode)
if (acl->a_owner_mask == owner_mask &&
acl->a_group_mask == group_mask &&
- acl->a_other_mask == other_mask)
+ acl->a_other_mask == other_mask &&
+ (!richacl_is_auto_inherit(acl) || richacl_is_protected(acl)))
return acl;
clone = richacl_clone(acl);
@@ -161,6 +162,8 @@ richacl_chmod(struct richacl *acl, mode_t mode)
clone->a_owner_mask = owner_mask;
clone->a_group_mask = group_mask;
clone->a_other_mask = other_mask;
+ if (richacl_is_auto_inherit(clone))
+ clone->a_flags |= ACL4_PROTECTED;
if (richacl_write_through(&clone)) {
richacl_put(clone);
@@ -561,7 +564,12 @@ richacl_inherit(const struct richacl *dir_acl, mode_t mode)
return ERR_PTR(-ENOMEM);
}
- acl->a_flags = (dir_acl->a_flags & ACL4_WRITE_THROUGH);
+ acl->a_flags = (dir_acl->a_flags & ~ACL4_PROTECTED);
+ if (richacl_is_auto_inherit(acl)) {
+ richacl_for_each_entry(ace, acl)
+ ace->e_flags |= ACE4_INHERITED_ACE;
+ acl->a_flags |= ACL4_PROTECTED;
+ }
return acl;
}
diff --git a/include/linux/richacl.h b/include/linux/richacl.h
index c56f152..f9089dc 100644
--- a/include/linux/richacl.h
+++ b/include/linux/richacl.h
@@ -33,10 +33,16 @@ struct richacl {
_ace--)
/* a_flags values */
+#define ACL4_AUTO_INHERIT 0x01
+#define ACL4_PROTECTED 0x02
+#define ACL4_DEFAULTED 0x04
#define ACL4_WRITE_THROUGH 0x40
-#define ACL4_VALID_FLAGS \
- ACL4_WRITE_THROUGH
+#define ACL4_VALID_FLAGS ( \
+ ACL4_AUTO_INHERIT | \
+ ACL4_PROTECTED | \
+ ACL4_DEFAULTED | \
+ ACL4_WRITE_THROUGH)
/* e_type values */
#define ACE4_ACCESS_ALLOWED_ACE_TYPE 0x0000
@@ -52,6 +58,7 @@ struct richacl {
/*#define ACE4_SUCCESSFUL_ACCESS_ACE_FLAG 0x0010*/
/*#define ACE4_FAILED_ACCESS_ACE_FLAG 0x0020*/
#define ACE4_IDENTIFIER_GROUP 0x0040
+#define ACE4_INHERITED_ACE 0x0080
/* in-memory representation only */
#define ACE4_SPECIAL_WHO 0x4000
@@ -60,7 +67,8 @@ struct richacl {
ACE4_DIRECTORY_INHERIT_ACE | \
ACE4_NO_PROPAGATE_INHERIT_ACE | \
ACE4_INHERIT_ONLY_ACE | \
- ACE4_IDENTIFIER_GROUP)
+ ACE4_IDENTIFIER_GROUP | \
+ ACE4_INHERITED_ACE)
/* e_mask bitflags */
#define ACE4_READ_DATA 0x00000001
@@ -137,6 +145,18 @@ extern const char richace_group_who[];
extern const char richace_everyone_who[];
static inline int
+richacl_is_auto_inherit(const struct richacl *acl)
+{
+ return acl->a_flags & ACL4_AUTO_INHERIT;
+}
+
+static inline int
+richacl_is_protected(const struct richacl *acl)
+{
+ return acl->a_flags & ACL4_PROTECTED;
+}
+
+static inline int
richace_is_owner(const struct richace *ace)
{
return (ace->e_flags & ACE4_SPECIAL_WHO) &&
--
1.7.0.rc0.48.gdace5
next prev parent reply other threads:[~2010-02-01 5:35 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-01 5:34 [RFC PATCH] New ACL format for better NFSv4 acl interoperability Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 01/23] vfs: VFS hooks for per-filesystem permission models Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 02/23] vfs: Check for create permission during rename Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 03/23] vfs: rich ACL in-memory representation and manipulation Aneesh Kumar K.V
2010-02-01 7:28 ` Brad Boyer
2010-02-01 18:02 ` Aneesh Kumar K. V
2010-02-01 23:06 ` J. Bruce Fields
2010-02-01 23:21 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 04/23] richacl: Add write retention and retention hold access mask Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 05/23] ext4: Implement rich acl for ext4 Aneesh Kumar K.V
2010-02-01 5:34 ` Aneesh Kumar K.V [this message]
2010-02-01 5:34 ` [PATCH 07/23] vfs: Add Posix acl to rich acl mapping helpers Aneesh Kumar K.V
2010-02-01 23:18 ` J. Bruce Fields
2010-02-02 5:22 ` Aneesh Kumar K. V
2010-02-01 5:34 ` [PATCH 08/23] vfs: Add a flag to denote posix mapped richacl Aneesh Kumar K.V
2010-02-01 23:18 ` J. Bruce Fields
2010-02-02 5:33 ` Aneesh Kumar K. V
2010-02-02 15:18 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 09/23] ext4: Add posix acl to rich acl mapping Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 10/23] richacl: Add separate file and dir acl masks Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 11/23] richacl: Move the xattr representation to little-endian format Aneesh Kumar K.V
2010-02-01 23:34 ` J. Bruce Fields
2010-02-02 5:35 ` Aneesh Kumar K. V
2010-02-01 5:34 ` [PATCH 12/23] richacl: Use directory specific mask values for operation on directories Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 13/23] richacl: Follow nfs4 acl delete definition Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 14/23] richacl: Disable automatic inheritance with posix mapped acls Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 15/23] richacl: Delete posix acl if present on richacl set Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 16/23] ext4: Update richacl incompat flag value Aneesh Kumar K.V
2010-02-01 23:41 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 17/23] vfs: Add new MS_ACL and MS_RICHACL flag Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 18/23] richacl: Add helper function for creating richacl from mode values Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 19/23] fs: Use the correct MS_*ACL flags in file system code Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 20/23] nfsd: Apply NFSv4acl to posix acl mapping only if MS_POSIXACL is set Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 21/23] richacl: Add helpers for NFSv4 acl to richacl conversion Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 22/23] nfsd: Add support for reading rich acl from file system Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 23/23] nfsd: Add support for saving richacl Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1265002505-8387-7-git-send-email-aneesh.kumar@linux.vnet.ibm.com \
--to=aneesh.kumar@linux.vnet.ibm.com \
--cc=adilger@sun.com \
--cc=agruen@suse.de \
--cc=bfields@citi.umich.edu \
--cc=ffilz@us.ibm.com \
--cc=jlayton@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=nfsv4@linux-nfs.org \
--cc=sandeen@redhat.com \
--cc=sfrench@us.ibm.com \
--cc=staubach@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).