Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp1224948lqp; Fri, 22 Mar 2024 08:48:45 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWw8C8qK1ueW1DKxdAMHo1Fft2k3aZBmX5CxDQQGCY5xIZ/SXJeudf6vahPVaaxlZXYB/2RxShFCOMOTo2+Mg8CjZUZWfjbRwQU+qj6Kw== X-Google-Smtp-Source: AGHT+IHvWPY+2EztdKKbvXT0HcbGypmBYsdZc4LjKJNYRGLEHzIeqbWC1/Q/vQRCzeME5nXwDyCw X-Received: by 2002:a50:cd4d:0:b0:567:3ed0:47ec with SMTP id d13-20020a50cd4d000000b005673ed047ecmr2118438edj.23.1711122525830; Fri, 22 Mar 2024 08:48:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711122525; cv=pass; d=google.com; s=arc-20160816; b=uDNwhQhN+ZzZFZ9U3Pdiat9/c7hNGO0W2ybaE74B14JqfFD7o0Rjl1zjjGrhvOecLL Ap7M3sCaQ/K4JUp291xyqSJp1yPi5v94pTOhKJDnnfNkKaGUKLyvGvoVdN98qUKWLPCr 33CLoDGs9dJzMUY5WHSGk0R26w/9FQymjKYTo5H857+nr343lIJB+iHR0x6He6HoamaB KaiS3cecs/546zssoFnBR+ipAKB7HTuc6uXf3OBMdxwWnFuhUkJJmmOmoQYRPHb92HaN 9wjDn/37RpYYZf6iYGLud690mRzfz/l/fhUDtHIdStCmtgV4EsN8qJCLJk7nEBlYfsf8 XFCQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from; bh=0KXEo1/iFNxOAaXOCouGXRoMt8PSJy4UXMkS9HQ9UNs=; fh=1xzdCevvnfLOvZcaUAUwD/PlXBYI+9rUJSnP5t+NW80=; b=ABWdMKe7x4hKgvZ/S70/ItltUIY3uPovyD0bCIq2n/ZNrtGJOxBceQr8KN3meQtlLY +P5IHMvr+1RWYvU5zgC7tvX19MNmUO6e9az/LnaGJ3HcODbzuVQOBKJfdWHJKfGqxpn0 MKxRSt53bTDjVdKKI6THc6BfQK4EwXm61Mbwee3UymjUXOUnGb+R3W9nXEtxNdA07zlV 31MeYWHHaZPXlG3wFwyo10GCrfpcGrRvkbtXpcNhraSyg1CYMCNQUC/WEoOzxTUJa6bW mNPqaovMe6FTYRWKaRvb1SYs1pSzTq/yVrj5uOnVyLlUsXd5bBw+OPRWBO4F+iXaY844 aFeg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=huawei.com dmarc=pass fromdomain=huawei.com); spf=pass (google.com: domain of linux-kernel+bounces-111721-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-111721-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id b16-20020a0564021f1000b00568525cde5csi1009495edb.254.2024.03.22.08.48.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Mar 2024 08:48:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-111721-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=huawei.com dmarc=pass fromdomain=huawei.com); spf=pass (google.com: domain of linux-kernel+bounces-111721-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-111721-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 8EF6A1F21A8E for ; Fri, 22 Mar 2024 15:48:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DBE6957312; Fri, 22 Mar 2024 15:48:26 +0000 (UTC) Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [45.249.212.190]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F0F5F53E22; Fri, 22 Mar 2024 15:48:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=45.249.212.190 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711122506; cv=none; b=cg/I3QCTDEPWljStwfkCKCh/+ZdCrJQKhYBXNGqSG3CSdHuPyUWQBGIbx9HgmsJTQ8WZ3E4UJDq8pYWgA2BEp1IdrtBl39bQMB5yTNNKwkTfn8gSDz8vAvOAWUL+DlBNCC31rmCVBs19U25HLsx+t4qHNMOIGms0OGB8mOuWe9U= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711122506; c=relaxed/simple; bh=PcH5O9HaXNQY4ldJrDzDDEHScOC3/WH3B6Sy6SM+he4=; h=From:To:CC:Subject:Date:Message-ID:MIME-Version:Content-Type; b=iqKINQ72BQkTk4CjE/cygTR/XkTnxhr2X7Sh6ZIlNPUmdkK1xzAqA/6wTChiq8HVl5qdTQ+FlObvjNgUMf76Hvc2EwOUQK1FLo5vS0ahPHYP9KR7Bwq7eHjUjWO4PyfN2WAXxuOKbrfxpVgsr3Z4A7eQpADmu+KMVOFEDEJ2XNA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=huawei.com; spf=pass smtp.mailfrom=huawei.com; arc=none smtp.client-ip=45.249.212.190 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=huawei.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=huawei.com Received: from mail.maildlp.com (unknown [172.19.163.17]) by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4V1RWh0CDWz1xsCK; Fri, 22 Mar 2024 23:46:24 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id 420001A0172; Fri, 22 Mar 2024 23:48:19 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Fri, 22 Mar 2024 23:48:18 +0800 From: Li Zetao To: , , , , CC: , , , Subject: [RFC PATCH v2 0/5] ubifs: Support POSIX Access Control Lists (ACLs) Date: Fri, 22 Mar 2024 23:48:07 +0800 Message-ID: <20240322154812.215369-1-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To kwepemd500012.china.huawei.com (7.221.188.25) Hi, This patchset is base on [1] and [2], adding implementation of ACLs for ubifs. Implement ACLs features based on POSIX to solve some difficulties that require fine-grained access control. At the same time, it is also to facilitate cross-file system migration. In order to simplify the implementation, only v2 version POSIX ACLs are implemented, eliminating the need for in-memory and on-flash format conversion. And no need to implement security xattr handler in ubifs. Some testcases have been tested and passed: * generic testcases (modified version) for acl group in xfstest[3], they are generic/026/053/077/099/105/237/307/318/319/375/389/444/449/529/697. * tacl_xattr.sh (modified version) in LTP[4]. [1]: https://lore.kernel.org/linux-mtd/1441962597-13543-1-git-send-email-shengyong1@huawei.com/ [2]: https://lore.kernel.org/linux-mtd/1476046382-19185-1-git-send-email-pascal.eberhard@gmail.com/ [3]: https://kernel.googlesource.com/pub/scm/fs/xfs/xfstests-dev/+/refs/heads/master/tests/generic/ [4]: https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/fs/acl/tacl_xattr.sh Changelog: v1 -> v2: * Adjust patch order. * Modify ubifs_xattr_remove to an external function to remove the * xattr of ACL. * Fix handling of updating file mode via ACL. v1: https://lore.kernel.org/all/20240319161646.2153867-1-lizetao1@huawei.com/ Li Zetao (5): ubifs: Add ACLs config option ubifs: Implement POSIX Access Control Lists (ACLs) ubifs: Initialize or update ACLs for inode ubifs: Support accessing ACLs through inode_operations ubifs: Introduce ACLs mount options Documentation/filesystems/ubifs.rst | 4 + fs/ubifs/Kconfig | 14 ++ fs/ubifs/Makefile | 1 + fs/ubifs/acl.c | 192 ++++++++++++++++++++++++++++ fs/ubifs/dir.c | 22 ++++ fs/ubifs/file.c | 6 + fs/ubifs/super.c | 41 ++++++ fs/ubifs/ubifs.h | 16 +++ fs/ubifs/xattr.c | 3 +- 9 files changed, 297 insertions(+), 2 deletions(-) create mode 100644 fs/ubifs/acl.c -- 2.34.1