This series consolidates the various cut'n'pasted Posix ACL implementations
into a single common one based on the ->get_acl method Linus added a while
ago and a new ->set_acl counterpart.
This 1600 lines of code and provides a single place to implement various
nasty little gems of the semantics.
Unfortunately the 9p code is still left out - it implements the ACLs
in two very weird ways, one using the common code but on the client only,
and one pasing things straight through to the server. We could easily
convert it to the new code on the write side if ->set_acl took a dentry,
but there's no cance to do that on the ->get_acl side. Ideas how to
handle it welcome.
After that we'd be ready to never go into the fs for the ACL attributes
and branch straight to the ACL code below the syscall, repairing the
old API braindamage of overloading ACLs onto the xattrs.
Btw, I'd be almost tempted to do that for all system.* attrs. Besides
Posix ACLs we only have CIFS and NFSv4 ACL variants, weird advice crap
in f2fs, and the magic mushroom proto name on sockets.
On Thu, Dec 05, 2013 at 06:57:14PM +0100, Andreas Gruenbacher wrote:
> I see that get_acl and set_acl are being defined in some but not all symlink inode operations (for example, btrfs them while ext4 does not), and that posix_acl_xattr_set() doesn't check if set_acl is defined. Symlinks cannot have ACLs, so set_acl should either never be defined for symlinks (and a NULL check is then needed in posix_acl_xattr_set()), or it is defined in all inode operations, and S_ISNLNK() check is needed in posix_acl_xattr_set(). That latter check should probably be added in any case to be on the safe side.
Yes, we should add the check. We also in general should not have
set_acl/get_acl on links and I'll look over it.
> Patch 6 also declares posix_acl_prepare() but this function is never introduced; this must be a leftover from a previous version.
Indeed.
Thanks for the review!
Christoph,
nice work, and a pretty diffstat.
I see that get_acl and set_acl are being defined in some but not all symlink inode operations (for example, btrfs them while ext4 does not), and that posix_acl_xattr_set() doesn't check if set_acl is defined. Symlinks cannot have ACLs, so set_acl should either never be defined for symlinks (and a NULL check is then needed in posix_acl_xattr_set()), or it is defined in all inode operations, and S_ISNLNK() check is needed in posix_acl_xattr_set(). That latter check should probably be added in any case to be on the safe side.
Test case:
setfattr -h -n system.posix_acl_access \
-v 0sAgAAAAEABgD/////AgAGABMEAAAEAAYA/////xAABgD/////IAAEAP////8= \
symlink
Patch 6 also declares posix_acl_prepare() but this function is never introduced; this must be a leftover from a previous version.
Thanks,
Andreas