[06/23] vfs: Implement those parts of Automatic Inheritance (AI) which are safe under POSIX

diff --git a/fs/richacl_base.c b/fs/richacl_base.c
index de99340..e75f713 100644
--- a/fs/richacl_base.c
+++ b/fs/richacl_base.c
@@ -150,7 +150,8 @@  richacl_chmod(struct richacl *acl, mode_t mode)
 
 	if (acl->a_owner_mask == owner_mask &&
 	    acl->a_group_mask == group_mask &&
-	    acl->a_other_mask == other_mask)
+	    acl->a_other_mask == other_mask &&
+	    (!richacl_is_auto_inherit(acl) || richacl_is_protected(acl)))
 		return acl;
 
 	clone = richacl_clone(acl);
@@ -161,6 +162,8 @@  richacl_chmod(struct richacl *acl, mode_t mode)
 	clone->a_owner_mask = owner_mask;
 	clone->a_group_mask = group_mask;
 	clone->a_other_mask = other_mask;
+	if (richacl_is_auto_inherit(clone))
+		clone->a_flags |= ACL4_PROTECTED;
 
 	if (richacl_write_through(&clone)) {
 		richacl_put(clone);
@@ -561,7 +564,12 @@  richacl_inherit(const struct richacl *dir_acl, mode_t mode)
 		return ERR_PTR(-ENOMEM);
 	}
 
-	acl->a_flags = (dir_acl->a_flags & ACL4_WRITE_THROUGH);
+	acl->a_flags = (dir_acl->a_flags & ~ACL4_PROTECTED);
+	if (richacl_is_auto_inherit(acl)) {
+		richacl_for_each_entry(ace, acl)
+			ace->e_flags |= ACE4_INHERITED_ACE;
+		acl->a_flags |= ACL4_PROTECTED;
+	}
 
 	return acl;
 }
diff --git a/include/linux/richacl.h b/include/linux/richacl.h
index c56f152..f9089dc 100644
--- a/include/linux/richacl.h
+++ b/include/linux/richacl.h
@@ -33,10 +33,16 @@  struct richacl {
 	     _ace--)
 
 /* a_flags values */
+#define ACL4_AUTO_INHERIT		0x01
+#define ACL4_PROTECTED			0x02
+#define ACL4_DEFAULTED			0x04
 #define ACL4_WRITE_THROUGH		0x40
 
-#define ACL4_VALID_FLAGS \
-	ACL4_WRITE_THROUGH
+#define ACL4_VALID_FLAGS ( \
+	ACL4_AUTO_INHERIT | \
+	ACL4_PROTECTED | \
+	ACL4_DEFAULTED | \
+	ACL4_WRITE_THROUGH)
 
 /* e_type values */
 #define ACE4_ACCESS_ALLOWED_ACE_TYPE	0x0000
@@ -52,6 +58,7 @@  struct richacl {
 /*#define ACE4_SUCCESSFUL_ACCESS_ACE_FLAG	0x0010*/
 /*#define ACE4_FAILED_ACCESS_ACE_FLAG	0x0020*/
 #define ACE4_IDENTIFIER_GROUP		0x0040
+#define ACE4_INHERITED_ACE		0x0080
 /* in-memory representation only */
 #define ACE4_SPECIAL_WHO		0x4000
 
@@ -60,7 +67,8 @@  struct richacl {
 	ACE4_DIRECTORY_INHERIT_ACE | \
 	ACE4_NO_PROPAGATE_INHERIT_ACE | \
 	ACE4_INHERIT_ONLY_ACE | \
-	ACE4_IDENTIFIER_GROUP)
+	ACE4_IDENTIFIER_GROUP | \
+	ACE4_INHERITED_ACE)
 
 /* e_mask bitflags */
 #define ACE4_READ_DATA			0x00000001
@@ -137,6 +145,18 @@  extern const char richace_group_who[];
 extern const char richace_everyone_who[];
 
 static inline int
+richacl_is_auto_inherit(const struct richacl *acl)
+{
+	return acl->a_flags & ACL4_AUTO_INHERIT;
+}
+
+static inline int
+richacl_is_protected(const struct richacl *acl)
+{
+	return acl->a_flags & ACL4_PROTECTED;
+}
+
+static inline int
 richace_is_owner(const struct richace *ace)
 {
 	return (ace->e_flags & ACE4_SPECIAL_WHO) &&