From: "bfields@fieldses.org" <bfields@fieldses.org>
To: Trond Myklebust <trondmy@hammerspace.com>
Cc: "guy@vastdata.com" <guy@vastdata.com>,
"schumakeranna@gmail.com" <schumakeranna@gmail.com>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH] nfs: we don't support removing system.nfs4_acl
Date: Wed, 3 Feb 2021 15:07:56 -0500 [thread overview]
Message-ID: <20210203200756.GA30996@fieldses.org> (raw)
In-Reply-To: <20210131215843.GA9273@fieldses.org>
On Sun, Jan 31, 2021 at 04:58:43PM -0500, bfields@fieldses.org wrote:
> On Sun, Jan 31, 2021 at 08:41:37PM +0000, Trond Myklebust wrote:
> > On Thu, 2021-01-28 at 21:50 -0500, bfields@fieldses.org wrote:
> > > On Thu, Jan 28, 2021 at 09:35:27PM -0500, bfields@fieldses.org wrote:
> > > > Note that this patch doesn't prevent an application from setting a
> > > > zero-length ACL. The xattr format is XDR with the first four bytes
> > > > representing the number of ACEs, so you'd set a zero-length ACL by
> > > > passing down a 4-byte all-zero buffer as the new value of the
> > > > system.nfs4_acl xattr.
> > > >
> > > > A zero-length NULL buffer is what's used to implement removexattr:
> > > >
> > > > int
> > > > __vfs_removexattr(struct dentry *dentry, const char *name)
> > > > {
> > > > ...
> > > > return handler->set(handler, dentry, inode, name, NULL, 0,
> > > > XATTR_REPLACE);
> > > > }
> > > >
> > > > That's the case this patch covers.
> > >
> > > So, I should have said in the changelog, apologies--the behavior
> > > without
> > > this patch is that when it gets a removexattr, the client sends a
> > > SETATTR with a bitmap claiming there's an ACL attribute, but a
> > > zero-length attribute value list, and the server (correctly) returns
> > > BADXDR.
> > >
> >
> > I don't see anything in the spec that prohibits a zero length array
> > size for nfs41_aces<> or states that should return NFS4ERR_BADXDR. Why
> > shouldn't we allow that?
>
> Again: I agree. And we do allow that, both before and after this patch.
>
> There's a difference between a SETATTR with a zero-length body and a
> SETATTR with a body containing a zero-length ACL. The former is bad
> protocol, the latter is, I agree, fine.
Are we on the same page now? Or should I update the changelog and
resend?
--b.
next prev parent reply other threads:[~2021-02-03 20:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-28 22:36 [PATCH] nfs: we don't support removing system.nfs4_acl J. Bruce Fields
[not found] ` <95e5f9e4-76d4-08c4-ece3-35a10c06073b@vastdata.com>
2021-01-29 1:37 ` Trond Myklebust
2021-01-29 2:35 ` bfields
2021-01-29 2:50 ` bfields
2021-01-31 20:41 ` Trond Myklebust
2021-01-31 21:58 ` bfields
2021-02-03 20:07 ` bfields [this message]
2021-02-08 19:31 ` Trond Myklebust
2021-02-08 22:08 ` bfields
2021-02-11 18:54 ` bfields
2021-03-04 2:30 ` Murphy Zhou
2021-03-12 15:43 ` Anna Schumaker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210203200756.GA30996@fieldses.org \
--to=bfields@fieldses.org \
--cc=guy@vastdata.com \
--cc=linux-nfs@vger.kernel.org \
--cc=schumakeranna@gmail.com \
--cc=trondmy@hammerspace.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox