Trond,
On Tue, Nov 3, 2015 at 5:25 PM, Trond Myklebust
wrote:
> On Tue, Nov 3, 2015 at 10:17 AM, Andreas Gruenbacher
> wrote:
>> When encoding large, variable-length objects such as acls into xdr_bufs,
>> it is easier to allocate buffer
Hook the richacl permission checking function into the vfs.
Signed-off-by: Andreas Gruenbacher
---
fs/namei.c | 51 +--
fs/posix_acl.c | 6 +++---
2 files changed, 52 insertions(+), 5 deletions(-)
diff --git a/fs/namei.c
Add richacl xattr handler implementing the xattr operations based on the
get_richacl and set_richacl inode operations.
Signed-off-by: Andreas Gruenbacher
---
fs/richacl_xattr.c| 78 +++
include/linux/richacl_xattr.h | 2
These operations are similar to the get_acl and set_acl operations for
POSIX ACLs. The distinction between access and default ACLs doesn't exist
for richacls.
Signed-off-by: Andreas Gruenbacher
---
include/linux/fs.h | 2 ++
1 file changed, 2 insertions(+)
diff --git
Normally, deleting a file requires MAY_WRITE access to the parent
directory. With richacls, a file may be deleted with MAY_DELETE_CHILD access
to the parent directory or with MAY_DELETE_SELF access to the file.
To support that, pass the MAY_DELETE_CHILD mask flag to inode_permission()
when
We will need to call iop->permission and iop->get_acl from
inode_change_ok() for additional permission checks, and both take a
non-const inode.
Signed-off-by: Andreas Gruenbacher
Reviewed-by: J. Bruce Fields
---
fs/attr.c | 2 +-
Richacls support permissions that allow to take ownership of a file,
change the file permissions, and set the file timestamps. Support that
by introducing new permission mask flags and by checking for those mask
flags in inode_change_ok().
Signed-off-by: Andreas Gruenbacher
ACLs are considered equivalent to file modes if they only consist of
owner@, group@, and everyone@ entries, the owner@ permissions do not
depend on whether the owner is a member in the owning group, and no
inheritance flags are set. This test is used to avoid storing richacls
if the acl can be
Doing a chmod() sets the file mode, which includes the file permission
bits. When a file has a richacl, the permissions that the richacl
grants need to be limited to what the new file permission bits allow.
This is done by setting the file masks in the richacl to what the file
permission bits
Cache richacls in struct inode so that this doesn't have to be done
individually in each filesystem. This is similar to POSIX ACLs.
Signed-off-by: Andreas Gruenbacher
---
fs/inode.c | 11 +--
fs/posix_acl.c | 2 +-
fs/richacl_inode.c | 77
Richacls distinguish between creating non-directories and directories. To
support that, add an isdir parameter to may_create(). When checking
inode_permission() for create permission, pass in an additional
MAY_CREATE_FILE or MAY_CREATE_DIR mask flag.
To allow checking for delete *and* create
acl_by_type(inode, type) returns a pointer to either inode->i_acl or
inode->i_default_acl depending on type. This is useful in
fs/posix_acl.c, but should never have been visible outside that file.
Signed-off-by: Andreas Gruenbacher
---
fs/posix_acl.c| 3 +--
POSIX ACLs and richacls are both objects allocated by kmalloc() with a
reference count which are freed by kfree_rcu(). An inode can either
cache an access and a default POSIX ACL, or a richacl (richacls do not
have default acls). To allow an inode to cache either of the two kinds
of acls,
Compute upper bound owner, group, and other file masks with as few
permissions as possible without denying any permissions that the NFSv4
acl in a richacl grants.
This algorithm is used when a file inherits an acl at create time and
when an acl is set via a mechanism that does not provide file
The vfs does not apply the umask for file systems that support acls. The
test used for this used to be called IS_POSIXACL(). Switch to a new
IS_ACL() test to check for either posix acls or richacls instead. Add a new
MS_RICHACL flag and IS_RICHACL() test for richacls alone. The IS_POSIXACL()
test
Here is another update to the richacl patch queue. This posting contains
the patches ready to be merged; the patches later in the queue still need
some more review.
Changes since the last posting (http://lwn.net/Articles/662881/):
* Functions {get,put}_base_acl renamed to base_acl_{get,put}.
When a new file is created, it can inherit an acl from its parent
directory; this is similar to how default acls work in POSIX (draft)
ACLs.
As with POSIX ACLs, if a file inherits an acl from its parent directory,
the intersection between the create mode and the permissions granted by
the
Automatic Inheritance (AI) allows changes to the acl of a directory to
propagate down to children.
This is mostly implemented in user space: when a process changes the
permissions of a directory and Automatic Inheritance is enabled for that
directory, the process must propagate those changes to
A richacl consists of an NFSv4 acl and an owner, group, and other mask.
These three masks correspond to the owner, group, and other file
permission bits, but they contain NFSv4 permissions instead of POSIX
permissions.
Each entry in the NFSv4 acl applies to the file owner (OWNER@), the
owning
We need to map from POSIX permissions to NFSv4 permissions when a
chmod() is done, from NFSv4 permissions to POSIX permissions when an acl
is set (which implicitly sets the file permission bits), and from the
MAY_READ/MAY_WRITE/MAY_EXEC/MAY_APPEND flags to NFSv4 permissions when
doing an access
On Thu, Nov 5, 2015 at 6:07 AM, Andreas Gruenbacher wrote:
> Trond,
>
> On Tue, Nov 3, 2015 at 5:25 PM, Trond Myklebust
> wrote:
>> On Tue, Nov 3, 2015 at 10:17 AM, Andreas Gruenbacher
>> wrote:
>>> When encoding large,
Hi,
I've been working on solving this bug [1] for some time now. You can
find some of my research notes here [2]. I was recently able to
finally make it work.
The patch is based on Shirish's patch (available at [1]) to which I've
made the following modification:
- create disconnected root when
22 matches
Mail list logo