From patchwork Tue Jul 20 09:31:07 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Aneesh Kumar K.V" X-Patchwork-Id: 59290 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 15CA8B6EF2 for ; Tue, 20 Jul 2010 19:31:40 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758543Ab0GTJbT (ORCPT ); Tue, 20 Jul 2010 05:31:19 -0400 Received: from e23smtp05.au.ibm.com ([202.81.31.147]:57017 "EHLO e23smtp05.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758491Ab0GTJbS (ORCPT ); Tue, 20 Jul 2010 05:31:18 -0400 Received: from d23relay03.au.ibm.com (d23relay03.au.ibm.com [202.81.31.245]) by e23smtp05.au.ibm.com (8.14.4/8.13.1) with ESMTP id o6K9R0TE029057; Tue, 20 Jul 2010 19:27:00 +1000 Received: from d23av04.au.ibm.com (d23av04.au.ibm.com [9.190.235.139]) by d23relay03.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id o6K9VGj71704144; Tue, 20 Jul 2010 19:31:16 +1000 Received: from d23av04.au.ibm.com (loopback [127.0.0.1]) by d23av04.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id o6K9VEWX004929; Tue, 20 Jul 2010 19:31:16 +1000 Received: from skywalker.linux.vnet.ibm.com (skywalker.in.ibm.com [9.124.35.57]) by d23av04.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id o6K9V8MR004859; Tue, 20 Jul 2010 19:31:09 +1000 From: "Aneesh Kumar K. V" To: Andreas Gruenbacher Cc: sfrench@us.ibm.com, ffilz@us.ibm.com, adilger@sun.com, sandeen@redhat.com, tytso@mit.edu, staubach@redhat.com, bfields@citi.umich.edu, jlayton@redhat.com, linux-fsdevel@vger.kernel.org, nfsv4@linux-nfs.org, linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH -V2 00/16] New ACL format for better NFSv4 acl interoperability In-Reply-To: <201007192119.50868.agruen@suse.de> References: <1278096227-16784-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> <201007192119.50868.agruen@suse.de> User-Agent: Notmuch/0.3.1-58-g6607fd6 (http://notmuchmail.org) Emacs/24.0.50.1 (i686-pc-linux-gnu) Date: Tue, 20 Jul 2010 15:01:07 +0530 Message-ID: MIME-Version: 1.0 Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Mon, 19 Jul 2010 21:19:50 +0200, Andreas Gruenbacher wrote: > Aneesh, > > here is a patch on top of the richacl-upstream queue. > > So far, we were assuming that acls are always masked, and the file masks > could be set so that they would not mask any permissions. This is fine > for permission checking, but richacl_apply_masks() didn't recognize when > the file masks were set to mask nothing, and was still transforming such > acls unnecessarily. This could lead to correct but surprising results. > > Instead of using a flag here we could check if the file masks are set to > "ineffective" values, but that would require the same computation as > richacl_compute_max_masks(), which can be a slow on large acls. It is a > lot easier to instead remember if the file masks are "effective". > > (We still need to compute the file masks in nfsd where no file masks are > supplied so that the file permission bits will be set to a reasonable > value. user space will always pass valid file masks in, so we are covered > in that side.) We need to update ACL4_VALID_FLAGS to now consider ACL4_MASKED as a valid flag. This is also needed for userspace. On a related note, should we move ACL4_MASKED and ACL4_POSIX_MAPPED to be the higher bits ? That would make sure we will be able to accomodate new flag value NFSv4 define. Something like -aneesh --- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/linux/richacl.h b/include/linux/richacl.h index 929cc32..ff3c12b 100644 --- a/include/linux/richacl.h +++ b/include/linux/richacl.h @@ -50,16 +50,17 @@ struct richacl { /* a_flags values */ #define ACL4_AUTO_INHERIT 0x01 #define ACL4_PROTECTED 0x02 -/*#define ACL4_DEFAULTED 0x04*/ -#define ACL4_MASKED 0x08 -#define ACL4_POSIX_MAPPED 0x10 +#define ACL4_DEFAULTED 0x04 +/* flag value defined by Richacl */ +#define ACL4_MASKED 0x40 +#define ACL4_POSIX_MAPPED 0x80 #define ACL4_VALID_FLAGS ( \ ACL4_AUTO_INHERIT | \ ACL4_PROTECTED | \ + ACL4_MASKED | \ ACL4_POSIX_MAPPED) - /* e_type values */ #define ACE4_ACCESS_ALLOWED_ACE_TYPE 0x0000 #define ACE4_ACCESS_DENIED_ACE_TYPE 0x0001