From 414fdcd7a53baf8748fd882d40718ffd6b6f5365 Mon Sep 17 00:00:00 2001 From: Aneesh Kumar K.V Date: Tue, 8 Dec 2009 13:42:22 +0530 Subject: [PATCH 16/24] vfs: Add new MS_ACL and MS_RICHACL flag ADD MS_ACL and MS_RICHACL flag which can be used to indicate whether richacl is enabled or not. This will help nfsd to use the right acl mapping when storing NFSv4 ACL to disk Signed-off-by: Aneesh Kumar K.V --- fs/namei.c | 9 ++++++--- include/linux/fs.h | 9 +++++++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index 8fc1b29..35e31d0 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -453,6 +453,9 @@ static int exec_permission_lite(struct inode *inode) goto ok; return ret; } + /* + * Do the basic POSIX ACL permission checks. + */ ret = acl_permission_check(inode, MAY_EXEC, inode->i_op->check_acl); if (!ret) goto ok; @@ -1636,7 +1639,7 @@ static int __open_namei_create(struct nameidata *nd, struct path *path, int error; struct dentry *dir = nd->path.dentry; - if (!IS_POSIXACL(dir->d_inode)) + if (!IS_ACL(dir->d_inode)) mode &= ~current_umask(); error = security_path_mknod(&nd->path, path->dentry, mode, 0); if (error) @@ -2071,7 +2074,7 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, error = PTR_ERR(dentry); goto out_unlock; } - if (!IS_POSIXACL(nd.path.dentry->d_inode)) + if (!IS_ACL(nd.path.dentry->d_inode)) mode &= ~current_umask(); error = may_mknod(mode); if (error) @@ -2149,7 +2152,7 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) if (IS_ERR(dentry)) goto out_unlock; - if (!IS_POSIXACL(nd.path.dentry->d_inode)) + if (!IS_ACL(nd.path.dentry->d_inode)) mode &= ~current_umask(); error = mnt_want_write(nd.path.mnt); if (error) diff --git a/include/linux/fs.h b/include/linux/fs.h index 4570090..0d3b41a 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -196,7 +196,7 @@ struct inodes_stat_t { #define MS_VERBOSE 32768 /* War is peace. Verbosity is silence. MS_VERBOSE is deprecated. */ #define MS_SILENT 32768 -#define MS_POSIXACL (1<<16) /* VFS does not apply the umask */ +#define MS_ACL (1<<16) /* VFS does not apply the umask */ #define MS_UNBINDABLE (1<<17) /* change to unbindable */ #define MS_PRIVATE (1<<18) /* change to private */ #define MS_SLAVE (1<<19) /* change to slave */ @@ -205,6 +205,8 @@ struct inodes_stat_t { #define MS_KERNMOUNT (1<<22) /* this is a kern_mount call */ #define MS_I_VERSION (1<<23) /* Update inode I_version field */ #define MS_STRICTATIME (1<<24) /* Always perform atime updates */ +#define MS_POSIXACL (MS_ACL | 1<<25)/* Default ACL is POSIX ACL */ +#define MS_RICHACL (MS_ACL | 1<<26)/* VFS uses richacl to check access */ #define MS_ACTIVE (1<<30) #define MS_NOUSER (1<<31) @@ -246,6 +248,7 @@ struct inodes_stat_t { * flags, so these have to be checked separately. -- rmk@arm.uk.linux.org */ #define __IS_FLG(inode,flg) ((inode)->i_sb->s_flags & (flg)) +#define __IS_EXFLG(inode,flg) (((inode)->i_sb->s_flags & (flg)) == (flg)) #define IS_RDONLY(inode) ((inode)->i_sb->s_flags & MS_RDONLY) #define IS_SYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS) || \ @@ -259,7 +262,9 @@ struct inodes_stat_t { #define IS_NOQUOTA(inode) ((inode)->i_flags & S_NOQUOTA) #define IS_APPEND(inode) ((inode)->i_flags & S_APPEND) #define IS_IMMUTABLE(inode) ((inode)->i_flags & S_IMMUTABLE) -#define IS_POSIXACL(inode) __IS_FLG(inode, MS_POSIXACL) +#define IS_ACL(inode) __IS_FLG(inode, MS_ACL) +#define IS_POSIXACL(inode) __IS_EXFLG(inode, MS_POSIXACL) +#define IS_RICHACL(inode) __IS_EXFLG(inode, MS_RICHACL) #define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD) #define IS_NOCMTIME(inode) ((inode)->i_flags & S_NOCMTIME) -- 1.6.5.2.74.g610f9