From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
To: Andreas Gruenbacher <agruen@kernel.org>
Cc: "J. Bruce Fields" <bfields@fieldses.org>,
Christoph Hellwig <hch@infradead.org>,
akpm@linux-foundation.org, viro@zeniv.linux.org.uk,
dhowells@redhat.com, linux-fsdevel@vger.kernel.org,
linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH -V7 21/26] richacl: xattr mapping functions
Date: Fri, 21 Oct 2011 18:42:50 +0530 [thread overview]
Message-ID: <871uu65vzh.fsf@linux.vnet.ibm.com> (raw)
In-Reply-To: <1319194331.5930.9.camel@schurl.linbit>
On Fri, 21 Oct 2011 12:52:10 +0200, Andreas Gruenbacher <agruen@kernel.org> wrote:
> On Fri, 2011-10-21 at 15:10 +0530, Aneesh Kumar K.V wrote:
> > How about the below change. This will require richacl tools change
> > also.
>
> > I made the e_flags 32 bit to make sure we don't take the space
> > needed NFSv4 ACL related flags.
>
> But struct richace_xattr has a hole now.
>
> There's ample of space left in the 16-bit field; I don't think there is
> a need to extend it. If the need should ever arise, we can still define
> a new version of the xattr format. Also, this change creates a hole in
> struct richace_xattr; we can't do that.
>
> > +#define ACE4_SPECIAL_WHO 0x80000000
> > +#define ACE4_UNIXID_WHO 0x40000000
>
> Can the ACE4_UNIXID_WHO flag please be removed again? It isn't needed,
> it just creates a mess.
>
Updated one below
diff --git a/fs/richacl_base.c b/fs/richacl_base.c
index 9a57039..fcc37d6 100644
--- a/fs/richacl_base.c
+++ b/fs/richacl_base.c
@@ -20,19 +20,6 @@
MODULE_LICENSE("GPL");
-/*
- * Special e_who identifiers: ACEs which have ACE4_SPECIAL_WHO set in
- * ace->e_flags use these constants in ace->u.e_who.
- *
- * For efficiency, we compare pointers instead of comparing strings.
- */
-const char richace_owner_who[] = "OWNER@";
-EXPORT_SYMBOL_GPL(richace_owner_who);
-const char richace_group_who[] = "GROUP@";
-EXPORT_SYMBOL_GPL(richace_group_who);
-const char richace_everyone_who[] = "EVERYONE@";
-EXPORT_SYMBOL_GPL(richace_everyone_who);
-
/**
* richacl_alloc - allocate a richacl
* @count: number of entries
@@ -194,38 +181,11 @@ richace_is_same_identifier(const struct richace *a, const struct richace *b)
#define WHO_FLAGS (ACE4_SPECIAL_WHO | ACE4_IDENTIFIER_GROUP)
if ((a->e_flags & WHO_FLAGS) != (b->e_flags & WHO_FLAGS))
return 0;
- if (a->e_flags & ACE4_SPECIAL_WHO)
- return a->u.e_who == b->u.e_who;
- else
- return a->u.e_id == b->u.e_id;
+ return a->e_id == b->e_id;
#undef WHO_FLAGS
}
/**
- * richacl_set_who - set a special who value
- * @ace: acl entry
- * @who: who value to use
- */
-int
-richace_set_who(struct richace *ace, const char *who)
-{
- if (!strcmp(who, richace_owner_who))
- who = richace_owner_who;
- else if (!strcmp(who, richace_group_who))
- who = richace_group_who;
- else if (!strcmp(who, richace_everyone_who))
- who = richace_everyone_who;
- else
- return -EINVAL;
-
- ace->u.e_who = who;
- ace->e_flags |= ACE4_SPECIAL_WHO;
- ace->e_flags &= ~ACE4_IDENTIFIER_GROUP;
- return 0;
-}
-EXPORT_SYMBOL_GPL(richace_set_who);
-
-/**
* richacl_allowed_to_who - mask flags allowed to a specific who value
*
* Computes the mask values allowed to a specific who value, taking
@@ -446,10 +406,10 @@ richacl_permission(struct inode *inode, const struct richacl *acl,
continue;
} else if (richace_is_unix_id(ace)) {
if (ace->e_flags & ACE4_IDENTIFIER_GROUP) {
- if (!in_group_p(ace->u.e_id))
+ if (!in_group_p(ace->e_id))
continue;
} else {
- if (current_fsuid() != ace->u.e_id)
+ if (current_fsuid() != ace->e_id)
continue;
}
} else
diff --git a/fs/richacl_xattr.c b/fs/richacl_xattr.c
index 02a7986..31e33b5 100644
--- a/fs/richacl_xattr.c
+++ b/fs/richacl_xattr.c
@@ -58,19 +58,14 @@ richacl_from_xattr(const void *value, size_t size)
goto fail_einval;
richacl_for_each_entry(ace, acl) {
- const char *who = (void *)(xattr_ace + 1), *end;
- ssize_t used = (void *)who - value;
- if (used > size)
- goto fail_einval;
- end = memchr(who, 0, size - used);
- if (!end)
+ if (((void *)xattr_ace + sizeof(*xattr_ace)) > (value + size))
goto fail_einval;
- ace->e_type = le16_to_cpu(xattr_ace->e_type);
+ ace->e_type = le16_to_cpu(xattr_ace->e_type);
ace->e_flags = le16_to_cpu(xattr_ace->e_flags);
- ace->e_mask = le32_to_cpu(xattr_ace->e_mask);
- ace->u.e_id = le32_to_cpu(xattr_ace->e_id);
+ ace->e_mask = le32_to_cpu(xattr_ace->e_mask);
+ ace->e_id = le32_to_cpu(xattr_ace->e_id);
if (ace->e_flags & ~ACE4_VALID_FLAGS)
goto fail_einval;
@@ -78,13 +73,7 @@ richacl_from_xattr(const void *value, size_t size)
(ace->e_mask & ~ACE4_VALID_MASK))
goto fail_einval;
- if (who == end) {
- if (ace->u.e_id == -1)
- goto fail_einval; /* uid/gid needed */
- } else if (richace_set_who(ace, who))
- goto fail_einval;
-
- xattr_ace = (void *)who + ALIGN(end - who + 1, 4);
+ xattr_ace++;
}
return acl;
@@ -102,13 +91,8 @@ size_t
richacl_xattr_size(const struct richacl *acl)
{
size_t size = sizeof(struct richacl_xattr);
- const struct richace *ace;
- richacl_for_each_entry(ace, acl) {
- size += sizeof(struct richace_xattr) +
- (richace_is_unix_id(ace) ? 4 :
- ALIGN(strlen(ace->u.e_who) + 1, 4));
- }
+ size += sizeof(struct richace_xattr) * acl->a_count;
return size;
}
EXPORT_SYMBOL_GPL(richacl_xattr_size);
@@ -139,18 +123,8 @@ richacl_to_xattr(const struct richacl *acl, void *buffer)
xattr_ace->e_flags = cpu_to_le16(ace->e_flags &
ACE4_VALID_FLAGS);
xattr_ace->e_mask = cpu_to_le32(ace->e_mask);
- if (richace_is_unix_id(ace)) {
- xattr_ace->e_id = cpu_to_le32(ace->u.e_id);
- memset(xattr_ace->e_who, 0, 4);
- xattr_ace = (void *)xattr_ace->e_who + 4;
- } else {
- int sz = ALIGN(strlen(ace->u.e_who) + 1, 4);
-
- xattr_ace->e_id = cpu_to_le32(-1);
- memset(xattr_ace->e_who + sz - 4, 0, 4);
- strcpy(xattr_ace->e_who, ace->u.e_who);
- xattr_ace = (void *)xattr_ace->e_who + sz;
- }
+ xattr_ace->e_id = cpu_to_le32(ace->e_id);
+ xattr_ace++;
}
}
EXPORT_SYMBOL_GPL(richacl_to_xattr);
diff --git a/include/linux/richacl.h b/include/linux/richacl.h
index 4af6d22..3fc6be2 100644
--- a/include/linux/richacl.h
+++ b/include/linux/richacl.h
@@ -17,14 +17,15 @@
#define __RICHACL_H
#include <linux/slab.h>
+#define ACE_OWNER_ID 130
+#define ACE_GROUP_ID 131
+#define ACE_EVERYONE_ID 110
+
struct richace {
unsigned short e_type;
unsigned short e_flags;
unsigned int e_mask;
- union {
- unsigned int e_id;
- const char *e_who;
- } u;
+ unsigned int e_id;
};
struct richacl {
@@ -74,7 +75,7 @@ struct richacl {
/*#define ACE4_FAILED_ACCESS_ACE_FLAG 0x0020*/
#define ACE4_IDENTIFIER_GROUP 0x0040
#define ACE4_INHERITED_ACE 0x0080
-/* in-memory representation only */
+/* richacl specific flag values */
#define ACE4_SPECIAL_WHO 0x4000
#define ACE4_VALID_FLAGS ( \
@@ -83,7 +84,9 @@ struct richacl {
ACE4_NO_PROPAGATE_INHERIT_ACE | \
ACE4_INHERIT_ONLY_ACE | \
ACE4_IDENTIFIER_GROUP | \
- ACE4_INHERITED_ACE)
+ ACE4_INHERITED_ACE | \
+ ACE4_SPECIAL_WHO)
+
/* e_mask bitflags */
#define ACE4_READ_DATA 0x00000001
@@ -254,14 +257,6 @@ richacl_is_protected(const struct richacl *acl)
return acl->a_flags & ACL4_PROTECTED;
}
-/*
- * Special e_who identifiers: we use these pointer values in comparisons
- * instead of doing a strcmp.
- */
-extern const char richace_owner_who[];
-extern const char richace_group_who[];
-extern const char richace_everyone_who[];
-
/**
* richace_is_owner - check if @ace is an OWNER@ entry
*/
@@ -269,7 +264,7 @@ static inline int
richace_is_owner(const struct richace *ace)
{
return (ace->e_flags & ACE4_SPECIAL_WHO) &&
- ace->u.e_who == richace_owner_who;
+ ace->e_id == ACE_OWNER_ID;
}
/**
@@ -279,7 +274,7 @@ static inline int
richace_is_group(const struct richace *ace)
{
return (ace->e_flags & ACE4_SPECIAL_WHO) &&
- ace->u.e_who == richace_group_who;
+ ace->e_id == ACE_GROUP_ID;
}
/**
@@ -289,7 +284,7 @@ static inline int
richace_is_everyone(const struct richace *ace)
{
return (ace->e_flags & ACE4_SPECIAL_WHO) &&
- ace->u.e_who == richace_everyone_who;
+ ace->e_id == ACE_EVERYONE_ID;
}
/**
@@ -357,7 +352,6 @@ richace_is_deny(const struct richace *ace)
extern struct richacl *richacl_alloc(int);
extern int richace_is_same_identifier(const struct richace *,
const struct richace *);
-extern int richace_set_who(struct richace *, const char *);
extern int richacl_masks_to_mode(const struct richacl *);
extern unsigned int richacl_mode_to_mask(mode_t);
extern unsigned int richacl_want_to_mask(unsigned int);
diff --git a/include/linux/richacl_xattr.h b/include/linux/richacl_xattr.h
index f79ec12..792abcc 100644
--- a/include/linux/richacl_xattr.h
+++ b/include/linux/richacl_xattr.h
@@ -25,7 +25,6 @@ struct richace_xattr {
__le16 e_flags;
__le32 e_mask;
__le32 e_id;
- char e_who[0];
};
struct richacl_xattr {
next prev parent reply other threads:[~2011-10-21 13:12 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-18 15:32 [PATCH -V7 00/26] New ACL format for better NFSv4 acl interoperability Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 02/26] vfs: Add hex format for MAY_* flag values Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 03/26] vfs: Pass all mask flags down to iop->check_acl Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 04/26] vfs: Add a comment to inode_permission() Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 05/26] vfs: Add generic IS_ACL() test for acl support Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 06/26] vfs: Add IS_RICHACL() test for richacl support Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 07/26] vfs: Optimize out IS_RICHACL() if CONFIG_FS_RICHACL is not defined Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 08/26] vfs: Add new file and directory create permission flags Aneesh Kumar K.V
2011-10-19 16:42 ` J. Bruce Fields
[not found] ` <20111019164216.GC30864-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2011-10-20 5:20 ` Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 09/26] vfs: Add delete child and delete self " Aneesh Kumar K.V
2011-10-19 22:09 ` J. Bruce Fields
[not found] ` <20111019220915.GA1874-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2011-10-20 7:35 ` Aneesh Kumar K.V
2011-10-20 8:11 ` J. Bruce Fields
2011-10-18 15:32 ` [PATCH -V7 12/26] vfs: Make acl_permission_check() work for richacls Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 13/26] richacl: In-memory representation and helper functions Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 14/26] richacl: Permission mapping functions Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 15/26] richacl: Compute maximum file masks from an acl Aneesh Kumar K.V
[not found] ` <1318951981-5508-1-git-send-email-aneesh.kumar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2011-10-18 15:32 ` [PATCH -V7 01/26] vfs: Indicate that the permission functions take all the MAY_* flags Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 10/26] vfs: Make the inode passed to inode_change_ok non-const Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 11/26] vfs: Add permission flags for setting file attributes Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 16/26] richacl: Update the file masks in chmod() Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 21/26] richacl: xattr mapping functions Aneesh Kumar K.V
2011-10-19 22:20 ` J. Bruce Fields
2011-10-20 8:30 ` Aneesh Kumar K.V
2011-10-20 9:14 ` J. Bruce Fields
2011-10-20 9:19 ` Christoph Hellwig
[not found] ` <20111020091946.GA23773-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2011-10-20 10:25 ` J. Bruce Fields
[not found] ` <20111020102538.GG5444-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2011-10-20 23:46 ` Andreas Gruenbacher
2011-10-21 0:45 ` J. Bruce Fields
[not found] ` <1319154390.2270.52.camel-AB3ohll6rUCZ4toXJV50QQ@public.gmane.org>
2011-10-21 9:40 ` Aneesh Kumar K.V
2011-10-21 10:52 ` Andreas Gruenbacher
2011-10-21 13:12 ` Aneesh Kumar K.V [this message]
2011-10-21 23:58 ` Andreas Gruenbacher
2011-10-20 11:02 ` Aneesh Kumar K.V
[not found] ` <87aa8w53kj.fsf-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2011-10-20 17:49 ` J. Bruce Fields
2011-10-20 19:49 ` Andreas Dilger
2011-11-19 9:35 ` Eric W. Biederman
2011-11-19 9:28 ` Eric W. Biederman
2011-11-21 13:35 ` J. Bruce Fields
2011-10-18 15:32 ` [PATCH -V7 17/26] richacl: Permission check algorithm Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 18/26] richacl: Create-time inheritance Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 19/26] richacl: Check if an acl is equivalent to a file mode Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 20/26] richacl: Automatic Inheritance Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 22/26] vfs: Cache richacl in struct inode Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 23/26] vfs: Add richacl permission check Aneesh Kumar K.V
2011-10-18 15:32 ` [PATCH -V7 24/26] ext4: Use IS_POSIXACL() to check for POSIX ACL support Aneesh Kumar K.V
2011-10-18 15:33 ` [PATCH -V7 25/26] ext4: Implement rich acl for ext4 Aneesh Kumar K.V
2011-10-18 18:41 ` Andreas Dilger
2011-10-19 5:43 ` Aneesh Kumar K.V
2011-10-18 15:33 ` [PATCH -V7 26/26] ext4: Add Ext4 compat richacl feature flag Aneesh Kumar K.V
2011-10-18 16:17 ` [PATCH -V7 00/26] New ACL format for better NFSv4 acl interoperability Shea Levy
2011-10-19 5:54 ` Aneesh Kumar K.V
2011-10-19 22:21 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871uu65vzh.fsf@linux.vnet.ibm.com \
--to=aneesh.kumar@linux.vnet.ibm.com \
--cc=agruen@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=dhowells@redhat.com \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).