nfs: use generic posix ACL infrastructure for v3 Posix ACLs

This causes a small behaviour change in that we don't bother to set ACLs on file creation if the mode bit can express the access permissions fully, and thus behaving identical to local filesystems. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Christoph Hellwig <hch@infradead.org> 2013-12-20 08:16:53 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> 2014-01-26 08:26:20 -0500
commit: 013cdf1088d7235da9477a2375654921d9b9ba9f (patch)
tree: 56a89d0a58282c517f6c5a8e68e3d341184e40d1 /fs/nfs/nfs3proc.c
parent: e01580bf9e4d0e3bbaead44bd46cdbfe61957732 (diff)
1 files changed, 52 insertions, 24 deletions
diff --git a/fs/nfs/nfs3proc.c b/fs/nfs/nfs3proc.c
index 01b6f6a49d16..d2255d705421 100644
--- a/fs/nfs/nfs3proc.c
+++ b/fs/nfs/nfs3proc.c
@@ -317,8 +317,8 @@ static int
 nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
                 int flags)
 {
+        struct posix_acl *default_acl, *acl;
        struct nfs3_createdata *data;
-        umode_t mode = sattr->ia_mode;
        int status = -ENOMEM;
        dprintk("NFS call  create %pd\n", dentry);
@@ -340,7 +340,9 @@ nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
                data->arg.create.verifier[1] = cpu_to_be32(current->pid);
        }
-        sattr->ia_mode &= ~current_umask();
+        status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
+        if (status)
+                goto out;
        for (;;) {
                status = nfs3_do_create(dir, dentry, data);
@@ -366,7 +368,7 @@ nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
        }
        if (status != 0)
-                goto out;
+                goto out_release_acls;
        /* When we created the file with exclusive semantics, make
         * sure we set the attributes afterwards. */
@@ -385,9 +387,14 @@ nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
                nfs_post_op_update_inode(dentry->d_inode, data->res.fattr);
                dprintk("NFS reply setattr (post-create): %d\n", status);
                if (status != 0)
-                        goto out;
+                        goto out_release_acls;
        }
-        status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);
+        status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
+out_release_acls:
+        posix_acl_release(acl);
+        posix_acl_release(default_acl);
 out:
        nfs3_free_createdata(data);
        dprintk("NFS reply create: %d\n", status);
@@ -572,18 +579,20 @@ out:
 static int
 nfs3_proc_mkdir(struct inode *dir, struct dentry *dentry, struct iattr *sattr)
 {
+        struct posix_acl *default_acl, *acl;
        struct nfs3_createdata *data;
-        umode_t mode = sattr->ia_mode;
        int status = -ENOMEM;
        dprintk("NFS call  mkdir %pd\n", dentry);
-        sattr->ia_mode &= ~current_umask();
        data = nfs3_alloc_createdata();
        if (data == NULL)
                goto out;
+        status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
+        if (status)
+                goto out;
        data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKDIR];
        data->arg.mkdir.fh = NFS_FH(dir);
        data->arg.mkdir.name = dentry->d_name.name;
@@ -592,9 +601,13 @@ nfs3_proc_mkdir(struct inode *dir, struct dentry *dentry, struct iattr *sattr)
        status = nfs3_do_create(dir, dentry, data);
        if (status != 0)
-                goto out;
+                goto out_release_acls;
-        status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);
+        status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
+out_release_acls:
+        posix_acl_release(acl);
+        posix_acl_release(default_acl);
 out:
        nfs3_free_createdata(data);
        dprintk("NFS reply mkdir: %d\n", status);
@@ -691,19 +704,21 @@ static int
 nfs3_proc_mknod(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
                dev_t rdev)
 {
+        struct posix_acl *default_acl, *acl;
        struct nfs3_createdata *data;
-        umode_t mode = sattr->ia_mode;
        int status = -ENOMEM;
        dprintk("NFS call  mknod %pd %u:%u\n", dentry,
                        MAJOR(rdev), MINOR(rdev));
-        sattr->ia_mode &= ~current_umask();
        data = nfs3_alloc_createdata();
        if (data == NULL)
                goto out;
+        status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
+        if (status)
+                goto out;
        data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKNOD];
        data->arg.mknod.fh = NFS_FH(dir);
        data->arg.mknod.name = dentry->d_name.name;
@@ -731,8 +746,13 @@ nfs3_proc_mknod(struct inode *dir, struct dentry *dentry, struct iattr *sattr,
        status = nfs3_do_create(dir, dentry, data);
        if (status != 0)
-                goto out;
+                goto out_release_acls;
-        status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);
+        status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
+out_release_acls:
+        posix_acl_release(acl);
+        posix_acl_release(default_acl);
 out:
        nfs3_free_createdata(data);
        dprintk("NFS reply mknod: %d\n", status);
@@ -904,20 +924,28 @@ static const struct inode_operations nfs3_dir_inode_operations = {
        .permission     = nfs_permission,
        .getattr        = nfs_getattr,
        .setattr        = nfs_setattr,
-        .listxattr      = nfs3_listxattr,
+        .listxattr      = generic_listxattr,
-        .getxattr       = nfs3_getxattr,
+        .getxattr       = generic_getxattr,
-        .setxattr       = nfs3_setxattr,
+        .setxattr       = generic_setxattr,
-        .removexattr    = nfs3_removexattr,
+        .removexattr    = generic_removexattr,
+#ifdef CONFIG_NFS_V3_ACL
+        .get_acl        = nfs3_get_acl,
+        .set_acl        = nfs3_set_acl,
+#endif
 };
 static const struct inode_operations nfs3_file_inode_operations = {
        .permission     = nfs_permission,
        .getattr        = nfs_getattr,
        .setattr        = nfs_setattr,
-        .listxattr      = nfs3_listxattr,
+        .listxattr      = generic_listxattr,
-        .getxattr       = nfs3_getxattr,
+        .getxattr       = generic_getxattr,
-        .setxattr       = nfs3_setxattr,
+        .setxattr       = generic_setxattr,
-        .removexattr    = nfs3_removexattr,
+        .removexattr    = generic_removexattr,
+#ifdef CONFIG_NFS_V3_ACL
+        .get_acl        = nfs3_get_acl,
+        .set_acl        = nfs3_set_acl,
+#endif
 };
 const struct nfs_rpc_ops nfs_v3_clientops = {
@@ -965,7 +993,7 @@ const struct nfs_rpc_ops nfs_v3_clientops = {
        .commit_rpc_prepare = nfs3_proc_commit_rpc_prepare,
        .commit_done    = nfs3_commit_done,
        .lock           = nfs3_proc_lock,
-        .clear_acl_cache = nfs3_forget_cached_acls,
+        .clear_acl_cache = forget_all_cached_acls,
        .close_context  = nfs_close_context,
        .have_delegation = nfs3_have_delegation,
        .return_delegation = nfs3_return_delegation,
author	Christoph Hellwig <hch@infradead.org>	2013-12-20 08:16:53 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	2014-01-26 08:26:20 -0500
commit	013cdf1088d7235da9477a2375654921d9b9ba9f (patch)
tree	56a89d0a58282c517f6c5a8e68e3d341184e40d1 /fs/nfs/nfs3proc.c
parent	e01580bf9e4d0e3bbaead44bd46cdbfe61957732 (diff)

diff --git a/fs/nfs/nfs3proc.c b/fs/nfs/nfs3proc.c index 01b6f6a49d16..d2255d705421 100644 --- a/fs/nfs/nfs3proc.c +++ b/fs/nfs/nfs3proc.c
@@ -317,8 +317,8 @@ static int
317	nfs3_proc_create(struct inode dir, struct dentry dentry, struct iattr *sattr,	317	nfs3_proc_create(struct inode dir, struct dentry dentry, struct iattr *sattr,
318	int flags)	318	int flags)
319	{	319	{
		320	struct posix_acl default_acl, acl;
320	struct nfs3_createdata *data;	321	struct nfs3_createdata *data;
321	umode_t mode = sattr->ia_mode;
322	int status = -ENOMEM;	322	int status = -ENOMEM;
323		323
324	dprintk("NFS call create %pd\n", dentry);	324	dprintk("NFS call create %pd\n", dentry);
@@ -340,7 +340,9 @@ nfs3_proc_create(struct inode dir, struct dentry dentry, struct iattr *sattr,
340	data->arg.create.verifier[1] = cpu_to_be32(current->pid);	340	data->arg.create.verifier[1] = cpu_to_be32(current->pid);
341	}	341	}
342		342
343	sattr->ia_mode &= ~current_umask();	343	status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
		344	if (status)
		345	goto out;
344		346
345	for (;;) {	347	for (;;) {
346	status = nfs3_do_create(dir, dentry, data);	348	status = nfs3_do_create(dir, dentry, data);
@@ -366,7 +368,7 @@ nfs3_proc_create(struct inode dir, struct dentry dentry, struct iattr *sattr,
366	}	368	}
367		369
368	if (status != 0)	370	if (status != 0)
369	goto out;	371	goto out_release_acls;
370		372
371	/* When we created the file with exclusive semantics, make	373	/* When we created the file with exclusive semantics, make
372	* sure we set the attributes afterwards. */	374	* sure we set the attributes afterwards. */
@@ -385,9 +387,14 @@ nfs3_proc_create(struct inode dir, struct dentry dentry, struct iattr *sattr,
385	nfs_post_op_update_inode(dentry->d_inode, data->res.fattr);	387	nfs_post_op_update_inode(dentry->d_inode, data->res.fattr);
386	dprintk("NFS reply setattr (post-create): %d\n", status);	388	dprintk("NFS reply setattr (post-create): %d\n", status);
387	if (status != 0)	389	if (status != 0)
388	goto out;	390	goto out_release_acls;
389	}	391	}
390	status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);	392
		393	status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
		394
		395	out_release_acls:
		396	posix_acl_release(acl);
		397	posix_acl_release(default_acl);
391	out:	398	out:
392	nfs3_free_createdata(data);	399	nfs3_free_createdata(data);
393	dprintk("NFS reply create: %d\n", status);	400	dprintk("NFS reply create: %d\n", status);
@@ -572,18 +579,20 @@ out:
572	static int	579	static int
573	nfs3_proc_mkdir(struct inode dir, struct dentry dentry, struct iattr *sattr)	580	nfs3_proc_mkdir(struct inode dir, struct dentry dentry, struct iattr *sattr)
574	{	581	{
		582	struct posix_acl default_acl, acl;
575	struct nfs3_createdata *data;	583	struct nfs3_createdata *data;
576	umode_t mode = sattr->ia_mode;
577	int status = -ENOMEM;	584	int status = -ENOMEM;
578		585
579	dprintk("NFS call mkdir %pd\n", dentry);	586	dprintk("NFS call mkdir %pd\n", dentry);
580		587
581	sattr->ia_mode &= ~current_umask();
582
583	data = nfs3_alloc_createdata();	588	data = nfs3_alloc_createdata();
584	if (data == NULL)	589	if (data == NULL)
585	goto out;	590	goto out;
586		591
		592	status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
		593	if (status)
		594	goto out;
		595
587	data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKDIR];	596	data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKDIR];
588	data->arg.mkdir.fh = NFS_FH(dir);	597	data->arg.mkdir.fh = NFS_FH(dir);
589	data->arg.mkdir.name = dentry->d_name.name;	598	data->arg.mkdir.name = dentry->d_name.name;
@@ -592,9 +601,13 @@ nfs3_proc_mkdir(struct inode dir, struct dentry dentry, struct iattr *sattr)
592		601
593	status = nfs3_do_create(dir, dentry, data);	602	status = nfs3_do_create(dir, dentry, data);
594	if (status != 0)	603	if (status != 0)
595	goto out;	604	goto out_release_acls;
596		605
597	status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);	606	status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
		607
		608	out_release_acls:
		609	posix_acl_release(acl);
		610	posix_acl_release(default_acl);
598	out:	611	out:
599	nfs3_free_createdata(data);	612	nfs3_free_createdata(data);
600	dprintk("NFS reply mkdir: %d\n", status);	613	dprintk("NFS reply mkdir: %d\n", status);
@@ -691,19 +704,21 @@ static int
691	nfs3_proc_mknod(struct inode dir, struct dentry dentry, struct iattr *sattr,	704	nfs3_proc_mknod(struct inode dir, struct dentry dentry, struct iattr *sattr,
692	dev_t rdev)	705	dev_t rdev)
693	{	706	{
		707	struct posix_acl default_acl, acl;
694	struct nfs3_createdata *data;	708	struct nfs3_createdata *data;
695	umode_t mode = sattr->ia_mode;
696	int status = -ENOMEM;	709	int status = -ENOMEM;
697		710
698	dprintk("NFS call mknod %pd %u:%u\n", dentry,	711	dprintk("NFS call mknod %pd %u:%u\n", dentry,
699	MAJOR(rdev), MINOR(rdev));	712	MAJOR(rdev), MINOR(rdev));
700		713
701	sattr->ia_mode &= ~current_umask();
702
703	data = nfs3_alloc_createdata();	714	data = nfs3_alloc_createdata();
704	if (data == NULL)	715	if (data == NULL)
705	goto out;	716	goto out;
706		717
		718	status = posix_acl_create(dir, &sattr->ia_mode, &default_acl, &acl);
		719	if (status)
		720	goto out;
		721
707	data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKNOD];	722	data->msg.rpc_proc = &nfs3_procedures[NFS3PROC_MKNOD];
708	data->arg.mknod.fh = NFS_FH(dir);	723	data->arg.mknod.fh = NFS_FH(dir);
709	data->arg.mknod.name = dentry->d_name.name;	724	data->arg.mknod.name = dentry->d_name.name;
@@ -731,8 +746,13 @@ nfs3_proc_mknod(struct inode dir, struct dentry dentry, struct iattr *sattr,
731		746
732	status = nfs3_do_create(dir, dentry, data);	747	status = nfs3_do_create(dir, dentry, data);
733	if (status != 0)	748	if (status != 0)
734	goto out;	749	goto out_release_acls;
735	status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode);	750
		751	status = nfs3_proc_setacls(dentry->d_inode, acl, default_acl);
		752
		753	out_release_acls:
		754	posix_acl_release(acl);
		755	posix_acl_release(default_acl);
736	out:	756	out:
737	nfs3_free_createdata(data);	757	nfs3_free_createdata(data);
738	dprintk("NFS reply mknod: %d\n", status);	758	dprintk("NFS reply mknod: %d\n", status);
@@ -904,20 +924,28 @@ static const struct inode_operations nfs3_dir_inode_operations = {
904	.permission = nfs_permission,	924	.permission = nfs_permission,
905	.getattr = nfs_getattr,	925	.getattr = nfs_getattr,
906	.setattr = nfs_setattr,	926	.setattr = nfs_setattr,
907	.listxattr = nfs3_listxattr,	927	.listxattr = generic_listxattr,
908	.getxattr = nfs3_getxattr,	928	.getxattr = generic_getxattr,
909	.setxattr = nfs3_setxattr,	929	.setxattr = generic_setxattr,
910	.removexattr = nfs3_removexattr,	930	.removexattr = generic_removexattr,
		931	#ifdef CONFIG_NFS_V3_ACL
		932	.get_acl = nfs3_get_acl,
		933	.set_acl = nfs3_set_acl,
		934	#endif
911	};	935	};
912		936
913	static const struct inode_operations nfs3_file_inode_operations = {	937	static const struct inode_operations nfs3_file_inode_operations = {
914	.permission = nfs_permission,	938	.permission = nfs_permission,
915	.getattr = nfs_getattr,	939	.getattr = nfs_getattr,
916	.setattr = nfs_setattr,	940	.setattr = nfs_setattr,
917	.listxattr = nfs3_listxattr,	941	.listxattr = generic_listxattr,
918	.getxattr = nfs3_getxattr,	942	.getxattr = generic_getxattr,
919	.setxattr = nfs3_setxattr,	943	.setxattr = generic_setxattr,
920	.removexattr = nfs3_removexattr,	944	.removexattr = generic_removexattr,
		945	#ifdef CONFIG_NFS_V3_ACL
		946	.get_acl = nfs3_get_acl,
		947	.set_acl = nfs3_set_acl,
		948	#endif
921	};	949	};
922		950
923	const struct nfs_rpc_ops nfs_v3_clientops = {	951	const struct nfs_rpc_ops nfs_v3_clientops = {
@@ -965,7 +993,7 @@ const struct nfs_rpc_ops nfs_v3_clientops = {
965	.commit_rpc_prepare = nfs3_proc_commit_rpc_prepare,	993	.commit_rpc_prepare = nfs3_proc_commit_rpc_prepare,
966	.commit_done = nfs3_commit_done,	994	.commit_done = nfs3_commit_done,
967	.lock = nfs3_proc_lock,	995	.lock = nfs3_proc_lock,
968	.clear_acl_cache = nfs3_forget_cached_acls,	996	.clear_acl_cache = forget_all_cached_acls,
969	.close_context = nfs_close_context,	997	.close_context = nfs_close_context,
970	.have_delegation = nfs3_have_delegation,	998	.have_delegation = nfs3_have_delegation,
971	.return_delegation = nfs3_return_delegation,	999	.return_delegation = nfs3_return_delegation,