[PATCH v3 00/13] Add NFSv4.2 POSIX ACL support

[Chuck Lever <cel@kernel.org>]

From: Chuck Lever <chuck.lever@oracle.com>

The Internet draft "POSIX Draft ACL support for Network File
System Version 4, Minor Version 2":

  https://datatracker.ietf.org/doc/draft-ietf-nfsv4-posix-acls/

defines an extension to NFSv4.2 that enables POSIX draft ACLs
to be retrieved and set directly, without the lossy
NFSv4->POSIX draft mapping algorithm. The extension adds four
new attributes to the protocol.

This patch series implements the server side of this extension
for knfsd. The mechanism is analogous to the NFS_ACL sideband
protocol used with NFSv2/3, enabling POSIX draft ACLs to be
manipulated directly by getfacl(1) and setfacl(1).

The current implementation does not support "per file" scope,
where individual file objects store either an NFSv4 ACL or a
POSIX draft ACL. Instead, the implementation assumes POSIX
draft ACLs apply to an entire file system when support for
POSIX draft ACLs is indicated.

Based on the nfsd-testing branch from:

  https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git

Changes since v2:
- Remove NFS_MAX_ACL_ENTRIES check
- Clear POSIX ACL fattr4 bits when CONFIG_NFSD_V4_POSIX_ACLS is N
- Add xdrgen support for '%' pass-through
- Update the .x based on Rick's -01 draft

Changes since v1:
- Fold the patches with fixes into the first 8 patches
- Ensure the series is bisect-able
- Add CONFIG_NFSD_V4_POSIX_ACLS -- this feature is experimental
- Set "SUPPATTR" bits only at the end of series
- Use xdrgen, where practical, instead of hand-coded XDR
- Refactor SETATTR/CREATE to integrate better with existing APIs


Chuck Lever (4):
  xdrgen: Implement pass-through lines in specifications
  NFSD: Add a Kconfig setting to enable support for NFSv4 POSIX ACLs
  Add RPC language definition of NFSv4 POSIX ACL extension
  NFSD: Add POSIX ACL file attributes to SUPPATTR bitmasks

Rick Macklem (9):
  NFSD: Add nfsd4_encode_fattr4_acl_trueform
  NFSD: Add nfsd4_encode_fattr4_acl_trueform_scope
  NFSD: Add nfsd4_encode_fattr4_posix_default_acl
  NFSD: Add nfsd4_encode_fattr4_posix_access_acl
  NFSD: Do not allow NFSv4 (N)VERIFY to check POSIX ACL attributes
  NFSD: Refactor nfsd_setattr()'s ACL error reporting
  NFSD: Add support for XDR decoding POSIX draft ACLs
  NFSD: Add support for POSIX draft ACLs for file creation
  NFSD: Add POSIX draft ACL support to the NFSv4 SETATTR operation

 Documentation/sunrpc/xdr/nfs4_1.x             |  61 +++
 fs/nfsd/Kconfig                               |  19 +
 fs/nfsd/acl.h                                 |   1 +
 fs/nfsd/nfs4acl.c                             |  17 +-
 fs/nfsd/nfs4proc.c                            |  99 ++++-
 fs/nfsd/nfs4xdr.c                             | 347 +++++++++++++++++-
 fs/nfsd/nfs4xdr_gen.c                         | 248 ++++++++++++-
 fs/nfsd/nfs4xdr_gen.h                         |  12 +-
 fs/nfsd/nfsd.h                                |  24 +-
 fs/nfsd/vfs.c                                 |  34 +-
 fs/nfsd/vfs.h                                 |   3 +-
 fs/nfsd/xdr4.h                                |   6 +
 include/linux/nfs4.h                          |   4 +
 include/linux/sunrpc/xdrgen/nfs4_1.h          | 106 +++++-
 tools/net/sunrpc/xdrgen/README                |   2 -
 .../net/sunrpc/xdrgen/generators/passthru.py  |  26 ++
 tools/net/sunrpc/xdrgen/grammars/xdr.lark     |   6 +-
 .../net/sunrpc/xdrgen/subcmds/declarations.py |   4 +-
 .../net/sunrpc/xdrgen/subcmds/definitions.py  |   5 +-
 tools/net/sunrpc/xdrgen/subcmds/source.py     |  24 +-
 .../xdrgen/templates/C/passthru/definition.j2 |   3 +
 .../xdrgen/templates/C/passthru/source.j2     |   3 +
 tools/net/sunrpc/xdrgen/xdr_ast.py            |  39 +-
 23 files changed, 1037 insertions(+), 56 deletions(-)
 create mode 100644 tools/net/sunrpc/xdrgen/generators/passthru.py
 create mode 100644 tools/net/sunrpc/xdrgen/templates/C/passthru/definition.j2
 create mode 100644 tools/net/sunrpc/xdrgen/templates/C/passthru/source.j2

-- 
2.52.0