[PATCH 0/4] Richacl support

[PATCH 0/4] Richacl support

[Andreas Gruenbacher]

Here are my xfsprogs changes for adding richacl support.

The richacl on-disk format should be the same across all filesystems, so it
makes sense to share the verification code.  I've added code for that to
librichacl.  To avoid an additional runtime dependency for xfs_repair,
librichacl is linked statically.

The changes are available in git form here:

  https://github.com/andreas-gruenbacher/xfsprogs-dev richacl

Thanks,
Andreas

Andreas Gruenbacher (4):
  libxfs: Add the richacl incompatible feature flag
  mkfs.xfs: Add support for the richacl feature flag
  xfs_repair: Improve warning for invalid attributes
  xfs_repair: Validate richacl attributes

 configure.ac         | 22 +++++++++++++++++++++
 include/builddefs.in |  5 +++++
 libxfs/xfs_format.h  |  4 +++-
 man/man8/mkfs.xfs.8  |  9 +++++++++
 mkfs/xfs_mkfs.c      | 20 +++++++++++++++++--
 po/de.po             | 18 +++--------------
 po/pl.po             | 14 +++----------
 repair/Makefile      |  2 +-
 repair/attr_repair.c | 55 +++++++++++++++++++++++++++++++++++++++++-----------
 9 files changed, 108 insertions(+), 41 deletions(-)

-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

[PATCH 1/4] libxfs: Add the richacl incompatible feature flag

[Andreas Gruenbacher]

From: Andreas Gruenbacher <andreas.gruenbacher@gmail.com>

This feature flag enables richacls instead of POSIX ACLs on the entire
fileystem.

Signed-off-by: Andreas Gruenbacher <andreas.gruenbacher@gmail.com>
---
 libxfs/xfs_format.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libxfs/xfs_format.h b/libxfs/xfs_format.h
index 946bcd1..087d44e 100644
--- a/libxfs/xfs_format.h
+++ b/libxfs/xfs_format.h
@@ -469,11 +469,13 @@ xfs_sb_has_ro_compat_feature(
 #define XFS_SB_FEAT_INCOMPAT_FTYPE	(1 << 0)	/* filetype in dirent */
 #define XFS_SB_FEAT_INCOMPAT_SPINODES	(1 << 1)	/* sparse inode chunks */
 #define XFS_SB_FEAT_INCOMPAT_META_UUID	(1 << 2)	/* metadata UUID */
+#define XFS_SB_FEAT_INCOMPAT_RICHACL	(1 << 3)	/* richacls */
 
 #define XFS_SB_FEAT_INCOMPAT_ALL \
 		(XFS_SB_FEAT_INCOMPAT_FTYPE|	\
 		 XFS_SB_FEAT_INCOMPAT_SPINODES|	\
-		 XFS_SB_FEAT_INCOMPAT_META_UUID)
+		 XFS_SB_FEAT_INCOMPAT_META_UUID| \
+		 XFS_SB_FEAT_INCOMPAT_RICHACL)
 
 #define XFS_SB_FEAT_INCOMPAT_UNKNOWN	~XFS_SB_FEAT_INCOMPAT_ALL
 static inline bool
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

[PATCH 2/4] mkfs.xfs: Add support for the richacl feature flag

[Andreas Gruenbacher]

From: Andreas Gruenbacher <andreas.gruenbacher@gmail.com>

Add option "mkfs.xfs -m richacl={0|1}" for explicitly enabling or disabling
richacl support.  The feature flag is disabled by default.

Signed-off-by: Andreas Gruenbacher <andreas.gruenbacher@gmail.com>
---
 man/man8/mkfs.xfs.8 |  9 +++++++++
 mkfs/xfs_mkfs.c     | 20 ++++++++++++++++++--
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/man/man8/mkfs.xfs.8 b/man/man8/mkfs.xfs.8
index e98b94d..99ef6a6 100644
--- a/man/man8/mkfs.xfs.8
+++ b/man/man8/mkfs.xfs.8
@@ -173,6 +173,15 @@ is used, the free inode btree feature is not supported and is disabled.
 .BI uuid= value
 Use the given value as the filesystem UUID for the newly created filesystem.
 The default is to generate a random UUID.
+.BI richacl= value
+This option is used to create a filesystem with support for Rich Access Control
+Lists (richacls). The value is either 0 to disable the feature, or 1 to enable
+richacls. Filesystems with richacl support require richacl support in the
+kernel to be mounted.
+.IP
+By default,
+.B mkfs.xfs
+will disable richacls.
 .RE
 .TP
 .BI \-d " data_section_options"
diff --git a/mkfs/xfs_mkfs.c b/mkfs/xfs_mkfs.c
index 7cba41a..300333f 100644
--- a/mkfs/xfs_mkfs.c
+++ b/mkfs/xfs_mkfs.c
@@ -185,6 +185,8 @@ char	*mopts[] = {
 	"finobt",
 #define M_UUID		2
 	"uuid",
+#define M_RICHACL	3
+	"richacl",
 	NULL
 };
 
@@ -983,6 +985,7 @@ main(
 	int			crcs_enabled;
 	int			finobt;
 	bool			finobtflag;
+	int			richacls_enabled;
 	int			spinodes;
 
 	platform_uuid_generate(&uuid);
@@ -1021,6 +1024,7 @@ main(
 	crcs_enabled = 1;
 	finobt = 1;
 	finobtflag = false;
+	richacls_enabled = 0;
 	spinodes = 0;
 	memset(&fsx, 0, sizeof(fsx));
 
@@ -1532,6 +1536,14 @@ main(
 					if (platform_uuid_parse(value, &uuid))
 						illegal(optarg, "m uuid");
 					break;
+				case M_RICHACL:
+					if (!value || *value == '\0')
+						reqval('m', mopts, M_RICHACL);
+					c = atoi(value);
+					if (c < 0 || c > 1)
+						illegal(value, "m richacl");
+					richacls_enabled = c;
+					break;
 				default:
 					unknown('m', value);
 				}
@@ -2562,11 +2574,15 @@ _("size %s specified for log subvolume is too large, maximum is %lld blocks\n"),
 		dirftype = 1;
 	}
 
+	if (richacls_enabled) {
+		sbp->sb_features_incompat |= XFS_SB_FEAT_INCOMPAT_RICHACL;
+	}
+
 	if (!qflag || Nflag) {
 		printf(_(
 		   "meta-data=%-22s isize=%-6d agcount=%lld, agsize=%lld blks\n"
 		   "         =%-22s sectsz=%-5u attr=%u, projid32bit=%u\n"
-		   "         =%-22s crc=%-8u finobt=%u, sparse=%u\n"
+		   "         =%-22s crc=%-8u finobt=%u, richacl=%d, sparse=%u\n"
 		   "data     =%-22s bsize=%-6u blocks=%llu, imaxpct=%u\n"
 		   "         =%-22s sunit=%-6u swidth=%u blks\n"
 		   "naming   =version %-14u bsize=%-6u ascii-ci=%d ftype=%d\n"
@@ -2575,7 +2591,7 @@ _("size %s specified for log subvolume is too large, maximum is %lld blocks\n"),
 		   "realtime =%-22s extsz=%-6d blocks=%lld, rtextents=%lld\n"),
 			dfile, isize, (long long)agcount, (long long)agsize,
 			"", sectorsize, attrversion, !projid16bit,
-			"", crcs_enabled, finobt, spinodes,
+			"", crcs_enabled, finobt, richacls_enabled, spinodes,
 			"", blocksize, (long long)dblocks, imaxpct,
 			"", dsunit, dswidth,
 			dirversion, dirblocksize, nci, dirftype,
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

[PATCH 3/4] xfs_repair: Improve warning for invalid attributes

[Andreas Gruenbacher]

Include the attribute name in the warning as a printf parameter instead of
hardcoding it for three different cases.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 po/de.po             | 18 +++---------------
 po/pl.po             | 14 +++-----------
 repair/attr_repair.c | 16 +++++-----------
 3 files changed, 11 insertions(+), 37 deletions(-)

diff --git a/po/de.po b/po/de.po
index fc62525..e605c22 100644
--- a/po/de.po
+++ b/po/de.po
@@ -13543,21 +13543,9 @@ msgstr ""
 msgid "done\n"
 msgstr "erledigt\n"
 
-#: .././repair/attr_repair.c:106
-msgid ""
-"entry contains illegal value in attribute named SGI_ACL_FILE or "
-"SGI_ACL_DEFAULT\n"
-msgstr ""
-"Eintrag enthält unerlaubten Wert im Attribut mit Namen SGI_ACL_FILE\n"
-"oder SGI_ACL_DEFAULT\n"
-
-#: .././repair/attr_repair.c:128
-msgid "entry contains illegal value in attribute named SGI_MAC_LABEL\n"
-msgstr "Eintrag enthält unerlaubten Wert im Attribut mit Namen SGI_MAC_LABEL\n"
-
-#: .././repair/attr_repair.c:134
-msgid "entry contains illegal value in attribute named SGI_CAP_FILE\n"
-msgstr "Eintrag enthält unerlaubten Wert im Attribut mit Namen SGI_CAP_FILE\n"
+#: .././repair/attr_repair.c:200
+msgid "entry contains illegal value in attribute named %.*s\n"
+msgstr "Eintrag enthält unerlaubten Wert im Attribut mit Namen %.*s\n"
 
 #: .././repair/attr_repair.c:173
 #, c-format
diff --git a/po/pl.po b/po/pl.po
index a950f77..46402f6 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -9078,17 +9078,9 @@ msgstr ""
 msgid "No memory for ACL check!\n"
 msgstr "Brak pamięci na sprawdzenie ACL!\n"
 
-#: .././repair/attr_repair.c:763
-msgid "entry contains illegal value in attribute named SGI_ACL_FILE or SGI_ACL_DEFAULT\n"
-msgstr "wpis zawiera niedozwoloną wartość w atrybucie SGI_ACL_FILE lub SGI_ACL_DEFAULT\n"
-
-#: .././repair/attr_repair.c:789
-msgid "entry contains illegal value in attribute named SGI_MAC_LABEL\n"
-msgstr "wpis zawiera niedozwoloną wartość w atrybucie SGI_MAC_LABEL\n"
-
-#: .././repair/attr_repair.c:795
-msgid "entry contains illegal value in attribute named SGI_CAP_FILE\n"
-msgstr "wpis zawiera niedozwoloną wartość w atrybucie SGI_CAP_FILE\n"
+#: .././repair/attr_repair.c:200
+msgid "entry contains illegal value in attribute named %.*s\n"
+msgstr "wpis zawiera niedozwoloną wartość w atrybucie %.*s\n"
 
 #: .././repair/attr_repair.c:835
 #, c-format
diff --git a/repair/attr_repair.c b/repair/attr_repair.c
index da2800d..e03f360 100644
--- a/repair/attr_repair.c
+++ b/repair/attr_repair.c
@@ -166,12 +166,8 @@ valuecheck(
 		} else
 			valuep = value;
 
-		if (xfs_acl_valid(mp, valuep) != 0) {
+		if (xfs_acl_valid(mp, valuep) != 0)
 			clearit = 1;
-			do_warn(
-	_("entry contains illegal value in attribute named SGI_ACL_FILE "
-	  "or SGI_ACL_DEFAULT\n"));
-		}
 
 		if (valuep != value)
 			free(valuep);
@@ -194,17 +190,15 @@ valuecheck(
 			 * else clearit = 1;
 			 */
 			clearit = 1;
-			do_warn(
-	_("entry contains illegal value in attribute named SGI_MAC_LABEL\n"));
 		}
 	} else if (strncmp(namevalue, SGI_CAP_FILE, SGI_CAP_FILE_SIZE) == 0) {
-		if ( valuelen != sizeof(xfs_cap_set_t)) {
+		if ( valuelen != sizeof(xfs_cap_set_t))
 			clearit = 1;
-			do_warn(
-	_("entry contains illegal value in attribute named SGI_CAP_FILE\n"));
-		}
 	}
 
+	if (clearit)
+		do_warn(_("entry contains illegal value in attribute named %.*s\n"),
+			namelen, namevalue);
 	return(clearit);
 }
 
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

[PATCH 4/4] xfs_repair: Validate richacl attributes

[Andreas Gruenbacher]

When we have the <sys/richacl.h> header and a working copy of librichacl.a (the
static version of the richacl library), use that to validate richacl attribute
values.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 configure.ac         | 22 ++++++++++++++++++++++
 include/builddefs.in |  5 +++++
 repair/Makefile      |  2 +-
 repair/attr_repair.c | 41 ++++++++++++++++++++++++++++++++++++++++-
 4 files changed, 68 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 7b57521..2584ea2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -101,6 +101,28 @@ AC_PACKAGE_GLOBALS(xfsprogs)
 AC_PACKAGE_UTILITIES(xfsprogs)
 AC_MULTILIB($enable_lib64)
 
+have_richacl=no
+librichacl=
+AC_CHECK_HEADERS([sys/richacl.h])
+if test "$ac_cv_header_sys_richacl_h" = yes; then
+    AC_CHECK_HEADERS([linux/xattr.h])
+    saved_LIBS=$LIBS
+    librichacl=-l:librichacl.a
+    LIBS="$LIBS $librichacl"
+    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
+	#include <sys/richacl.h>
+    ],[
+	int valid = richacl_valid((struct richacl *)0);
+    ])], [
+	have_richacl=yes
+    ], [
+	librichacl=
+    ])
+    LIBS=$saved_LIBS
+fi
+AC_SUBST([have_richacl])
+AC_SUBST([librichacl])
+
 AC_PACKAGE_NEED_AIO_H
 AC_PACKAGE_NEED_LIO_LISTIO
 
diff --git a/include/builddefs.in b/include/builddefs.in
index c1797fd..b64e027 100644
--- a/include/builddefs.in
+++ b/include/builddefs.in
@@ -34,6 +34,7 @@ LIBTERMCAP = @libtermcap@
 LIBEDITLINE = @libeditline@
 LIBREADLINE = @libreadline@
 LIBBLKID = @libblkid@
+LIBRICHACL = @librichacl@
 LIBXFS = $(TOPDIR)/libxfs/libxfs.la
 LIBXCMD = $(TOPDIR)/libxcmd/libxcmd.la
 LIBXLOG = $(TOPDIR)/libxlog/libxlog.la
@@ -108,6 +109,7 @@ HAVE_MNTENT = @have_mntent@
 HAVE_FLS = @have_fls@
 HAVE_FSETXATTR = @have_fsetxattr@
 HAVE_MREMAP = @have_mremap@
+HAVE_RICHACL = @have_richacl@
 
 GCCFLAGS = -funsigned-char -fno-strict-aliasing -Wall 
 #	   -Wbitwise -Wno-transparent-union -Wno-old-initializer -Wno-decl
@@ -147,6 +149,9 @@ endif
 ifeq ($(ENABLE_BLKID),yes)
 PCFLAGS+= -DENABLE_BLKID
 endif
+ifeq ($(HAVE_RICHACL),yes)
+PCFLAGS += -DHAVE_RICHACL
+endif
 
 
 GCFLAGS = $(OPTIMIZER) $(DEBUG) \
diff --git a/repair/Makefile b/repair/Makefile
index 251722b..032f453 100644
--- a/repair/Makefile
+++ b/repair/Makefile
@@ -20,7 +20,7 @@ CFILES = agheader.c attr_repair.c avl.c avl64.c bmap.c btree.c \
 	progress.c prefetch.c rt.c sb.c scan.c threads.c \
 	versions.c xfs_repair.c
 
-LLDLIBS = $(LIBXFS) $(LIBXLOG) $(LIBUUID) $(LIBRT) $(LIBPTHREAD)
+LLDLIBS = $(LIBXFS) $(LIBXLOG) $(LIBUUID) $(LIBRT) $(LIBPTHREAD) $(LIBRICHACL)
 LTDEPENDENCIES = $(LIBXFS) $(LIBXLOG)
 LLDFLAGS = -static-libtool-libs
 
diff --git a/repair/attr_repair.c b/repair/attr_repair.c
index e03f360..e7f03a8 100644
--- a/repair/attr_repair.c
+++ b/repair/attr_repair.c
@@ -26,6 +26,17 @@
 #include "dir2.h"
 #include "da_util.h"
 
+#ifdef HAVE_RICHACL
+# if HAVE_LINUX_XATTR_H
+#  include <linux/xattr.h>
+# endif
+# ifndef XATTR_RICHACL
+#  define XATTR_RICHACL "richacl"
+# endif
+
+# include <sys/richacl.h>
+#endif
+
 static int xfs_acl_valid(struct xfs_mount *mp, struct xfs_acl *daclp);
 static int xfs_mac_valid(xfs_mac_label_t *lp);
 
@@ -195,6 +206,35 @@ valuecheck(
 		if ( valuelen != sizeof(xfs_cap_set_t))
 			clearit = 1;
 	}
+#if HAVE_RICHACL
+	else if (namelen == strlen(XATTR_RICHACL) &&
+		 strncmp(namevalue, XATTR_RICHACL, strlen(XATTR_RICHACL)) == 0) {
+		struct richacl *acl;
+
+		if (value == NULL) {
+			valuep = malloc(valuelen);
+			if (!valuep)
+				do_error(_("No memory for ACL check!\n"));
+			memcpy(valuep, namevalue + namelen, valuelen);
+		} else
+			valuep = value;
+
+		acl = richacl_from_xattr(valuep, valuelen);
+		if (!acl) {
+			if (errno == ENOMEM)
+				do_error(_("No memory for ACL check!\n"));
+			else
+				clearit = 1;
+		} else {
+			if (richacl_valid(acl) != 0)
+				clearit = 1;
+			richacl_free(acl);
+		}
+
+		if (valuep != value)
+			free(valuep);
+	}
+#endif
 
 	if (clearit)
 		do_warn(_("entry contains illegal value in attribute named %.*s\n"),
@@ -202,7 +242,6 @@ valuecheck(
 	return(clearit);
 }
 
-
 /*
  * this routine validates the attributes in shortform format.
  * a non-zero return repair value means certain attributes are bogus
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

Re: [PATCH 4/4] xfs_repair: Validate richacl attributes

[Dave Chinner]

On Fri, Oct 23, 2015 at 09:17:08PM +0200, Andreas Gruenbacher wrote:
> When we have the <sys/richacl.h> header and a working copy of librichacl.a (the
> static version of the richacl library), use that to validate richacl attribute
> values.
> 
> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
> ---
>  configure.ac         | 22 ++++++++++++++++++++++
>  include/builddefs.in |  5 +++++
>  repair/Makefile      |  2 +-
>  repair/attr_repair.c | 41 ++++++++++++++++++++++++++++++++++++++++-
>  4 files changed, 68 insertions(+), 2 deletions(-)
> 
> diff --git a/configure.ac b/configure.ac
> index 7b57521..2584ea2 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -101,6 +101,28 @@ AC_PACKAGE_GLOBALS(xfsprogs)
>  AC_PACKAGE_UTILITIES(xfsprogs)
>  AC_MULTILIB($enable_lib64)
>  
> +have_richacl=no
> +librichacl=
> +AC_CHECK_HEADERS([sys/richacl.h])
> +if test "$ac_cv_header_sys_richacl_h" = yes; then
> +    AC_CHECK_HEADERS([linux/xattr.h])
> +    saved_LIBS=$LIBS
> +    librichacl=-l:librichacl.a
> +    LIBS="$LIBS $librichacl"
> +    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
> +	#include <sys/richacl.h>
> +    ],[
> +	int valid = richacl_valid((struct richacl *)0);
> +    ])], [
> +	have_richacl=yes
> +    ], [
> +	librichacl=
> +    ])
> +    LIBS=$saved_LIBS
> +fi
> +AC_SUBST([have_richacl])
> +AC_SUBST([librichacl])
> +
>  AC_PACKAGE_NEED_AIO_H
>  AC_PACKAGE_NEED_LIO_LISTIO
>  
> diff --git a/include/builddefs.in b/include/builddefs.in
> index c1797fd..b64e027 100644
> --- a/include/builddefs.in
> +++ b/include/builddefs.in
> @@ -34,6 +34,7 @@ LIBTERMCAP = @libtermcap@
>  LIBEDITLINE = @libeditline@
>  LIBREADLINE = @libreadline@
>  LIBBLKID = @libblkid@
> +LIBRICHACL = @librichacl@
>  LIBXFS = $(TOPDIR)/libxfs/libxfs.la
>  LIBXCMD = $(TOPDIR)/libxcmd/libxcmd.la
>  LIBXLOG = $(TOPDIR)/libxlog/libxlog.la
> @@ -108,6 +109,7 @@ HAVE_MNTENT = @have_mntent@
>  HAVE_FLS = @have_fls@
>  HAVE_FSETXATTR = @have_fsetxattr@
>  HAVE_MREMAP = @have_mremap@
> +HAVE_RICHACL = @have_richacl@
>  
>  GCCFLAGS = -funsigned-char -fno-strict-aliasing -Wall 
>  #	   -Wbitwise -Wno-transparent-union -Wno-old-initializer -Wno-decl
> @@ -147,6 +149,9 @@ endif
>  ifeq ($(ENABLE_BLKID),yes)
>  PCFLAGS+= -DENABLE_BLKID
>  endif
> +ifeq ($(HAVE_RICHACL),yes)
> +PCFLAGS += -DHAVE_RICHACL
> +endif
>  
>  
>  GCFLAGS = $(OPTIMIZER) $(DEBUG) \
> diff --git a/repair/Makefile b/repair/Makefile
> index 251722b..032f453 100644
> --- a/repair/Makefile
> +++ b/repair/Makefile
> @@ -20,7 +20,7 @@ CFILES = agheader.c attr_repair.c avl.c avl64.c bmap.c btree.c \
>  	progress.c prefetch.c rt.c sb.c scan.c threads.c \
>  	versions.c xfs_repair.c
>  
> -LLDLIBS = $(LIBXFS) $(LIBXLOG) $(LIBUUID) $(LIBRT) $(LIBPTHREAD)
> +LLDLIBS = $(LIBXFS) $(LIBXLOG) $(LIBUUID) $(LIBRT) $(LIBPTHREAD) $(LIBRICHACL)
>  LTDEPENDENCIES = $(LIBXFS) $(LIBXLOG)
>  LLDFLAGS = -static-libtool-libs
>  
> diff --git a/repair/attr_repair.c b/repair/attr_repair.c
> index e03f360..e7f03a8 100644
> --- a/repair/attr_repair.c
> +++ b/repair/attr_repair.c
> @@ -26,6 +26,17 @@
>  #include "dir2.h"
>  #include "da_util.h"
>  
> +#ifdef HAVE_RICHACL
> +# if HAVE_LINUX_XATTR_H
> +#  include <linux/xattr.h>
> +# endif
> +# ifndef XATTR_RICHACL
> +#  define XATTR_RICHACL "richacl"
> +# endif
> +
> +# include <sys/richacl.h>
> +#endif
> +
>  static int xfs_acl_valid(struct xfs_mount *mp, struct xfs_acl *daclp);
>  static int xfs_mac_valid(xfs_mac_label_t *lp);
>  
> @@ -195,6 +206,35 @@ valuecheck(
>  		if ( valuelen != sizeof(xfs_cap_set_t))
>  			clearit = 1;
>  	}
> +#if HAVE_RICHACL
> +	else if (namelen == strlen(XATTR_RICHACL) &&
> +		 strncmp(namevalue, XATTR_RICHACL, strlen(XATTR_RICHACL)) == 0) {
> +		struct richacl *acl;
> +
> +		if (value == NULL) {
> +			valuep = malloc(valuelen);
> +			if (!valuep)
> +				do_error(_("No memory for ACL check!\n"));
> +			memcpy(valuep, namevalue + namelen, valuelen);
> +		} else
> +			valuep = value;
> +
> +		acl = richacl_from_xattr(valuep, valuelen);
> +		if (!acl) {
> +			if (errno == ENOMEM)
> +				do_error(_("No memory for ACL check!\n"));
> +			else
> +				clearit = 1;
> +		} else {
> +			if (richacl_valid(acl) != 0)
> +				clearit = 1;
> +			richacl_free(acl);
> +		}
> +
> +		if (valuep != value)
> +			free(valuep);
> +	}
> +#endif

This also needs to check that the richacl feature bit is set
apprpriately for the type of ACL that is found. i.e. if we find a
posix ACL on a richacl enabled filesystem (or vice versa), that's
indicative of a kernel bug and we need to take action on it..

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

Re: [PATCH 4/4] xfs_repair: Validate richacl attributes

[Andreas Gruenbacher]

On Mon, Oct 26, 2015 at 11:55 PM, Dave Chinner <david@fromorbit.com> wrote:
> This also needs to check that the richacl feature bit is set
> apprpriately for the type of ACL that is found.

Ah, yes.

Thanks,
Andreas

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

[PATCH] xfs_repair: Check for invalid ACL types

[Andreas Gruenbacher]

Filesystems with the richacl feature are not supposed to contain POSIX
ACLs, and filesystems without the richacl feature are not supposed to
contain richacls.  Fix by removing unexpected attributes.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 repair/attr_repair.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/repair/attr_repair.c b/repair/attr_repair.c
index e7f03a8..8ded369 100644
--- a/repair/attr_repair.c
+++ b/repair/attr_repair.c
@@ -160,6 +160,8 @@ valuecheck(
 	int		namelen,
 	int		valuelen)
 {
+	const bool feature_richacl = xfs_sb_has_incompat_feature(&mp->m_sb,
+		XFS_SB_FEAT_INCOMPAT_RICHACL);
 	/* for proper alignment issues, get the structs and memmove the values */
 	xfs_mac_label_t macl;
 	void *valuep;
@@ -169,6 +171,13 @@ valuecheck(
 	     strncmp(namevalue, SGI_ACL_FILE, SGI_ACL_FILE_SIZE) == 0) ||
 	    (namelen == SGI_ACL_DEFAULT_SIZE &&
 	     strncmp(namevalue, SGI_ACL_DEFAULT, SGI_ACL_DEFAULT_SIZE) == 0)) {
+		if (feature_richacl) {
+			do_warn(_("filesystem feature %s set "
+				  "but attribute %.*s exists\n"),
+				"richacl", namelen, namevalue);
+			return 1;
+		}
+
 		if (value == NULL) {
 			valuep = malloc(valuelen);
 			if (!valuep)
@@ -211,6 +220,13 @@ valuecheck(
 		 strncmp(namevalue, XATTR_RICHACL, strlen(XATTR_RICHACL)) == 0) {
 		struct richacl *acl;
 
+		if (!feature_richacl) {
+			do_warn(_("filesystem feature %s not set "
+				  "but attribute %.*s exists\n"),
+				"richacl", namelen, namevalue);
+			return 1;
+		}
+
 		if (value == NULL) {
 			valuep = malloc(valuelen);
 			if (!valuep)
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

Re: [PATCH] xfs_repair: Check for invalid ACL types

[Andreas Gruenbacher]

Here's a follow-up patch to test a filesystem for richacl support.

--

Subject: xfs_db: Report when richacls are supported

When the richacl incompatible filesystem feature is set, include the
word RICHACL in the output of "xfs_db [-r] -c version".

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 db/sb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/db/sb.c b/db/sb.c
index 17d446c..ff6c1f8 100644
--- a/db/sb.c
+++ b/db/sb.c
@@ -690,6 +690,8 @@ version_string(
 		strcat(s, ",FTYPE");
 	if (xfs_sb_version_hasfinobt(sbp))
 		strcat(s, ",FINOBT");
+	if (xfs_sb_has_incompat_feature(sbp, XFS_SB_FEAT_INCOMPAT_RICHACL))
+		strcat(s, ",RICHACL");
 	if (xfs_sb_version_hassparseinodes(sbp))
 		strcat(s, ",SPARSE_INODES");
 	if (xfs_sb_version_hasmetauuid(sbp))
-- 
2.5.0

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs