search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[PATCH] knfsd: nfsd4: simplify nfsv4->posix translation
[linux-2.6/lfs.git] / fs / nfsd / nfs4acl.c
blob6c52658e9a2669bf4213246a11f46b7d0fa6dc5c
1 /*
2 * fs/nfs4acl/acl.c
3 *
4 * Common NFSv4 ACL handling code.
5 *
6 * Copyright (c) 2002, 2003 The Regents of the University of Michigan.
7 * All rights reserved.
8 *
9 * Marius Aamodt Eriksen <marius@umich.edu>
10 * Jeff Sedlak <jsedlak@umich.edu>
11 * J. Bruce Fields <bfields@umich.edu>
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 *
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 * 3. Neither the name of the University nor the names of its
23 * contributors may be used to endorse or promote products derived
24 * from this software without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
28 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
29 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
33 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
34 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
35 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
36 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 */
38
39 #include <linux/string.h>
40 #include <linux/slab.h>
41 #include <linux/list.h>
42 #include <linux/types.h>
43 #include <linux/fs.h>
44 #include <linux/module.h>
45 #include <linux/nfs_fs.h>
46 #include <linux/posix_acl.h>
47 #include <linux/nfs4.h>
48 #include <linux/nfs4_acl.h>
49
50
51 /* mode bit translations: */
52 #define NFS4_READ_MODE (NFS4_ACE_READ_DATA)
53 #define NFS4_WRITE_MODE (NFS4_ACE_WRITE_DATA | NFS4_ACE_APPEND_DATA)
54 #define NFS4_EXECUTE_MODE NFS4_ACE_EXECUTE
55 #define NFS4_ANYONE_MODE (NFS4_ACE_READ_ATTRIBUTES | NFS4_ACE_READ_ACL | NFS4_ACE_SYNCHRONIZE)
56 #define NFS4_OWNER_MODE (NFS4_ACE_WRITE_ATTRIBUTES | NFS4_ACE_WRITE_ACL)
57
58 /* We don't support these bits; insist they be neither allowed nor denied */
59 #define NFS4_MASK_UNSUPP (NFS4_ACE_DELETE | NFS4_ACE_WRITE_OWNER \
60 | NFS4_ACE_READ_NAMED_ATTRS | NFS4_ACE_WRITE_NAMED_ATTRS)
61
62 /* flags used to simulate posix default ACLs */
63 #define NFS4_INHERITANCE_FLAGS (NFS4_ACE_FILE_INHERIT_ACE \
64 | NFS4_ACE_DIRECTORY_INHERIT_ACE)
65
66 #define NFS4_SUPPORTED_FLAGS (NFS4_INHERITANCE_FLAGS \
67 | NFS4_ACE_INHERIT_ONLY_ACE \
68 | NFS4_ACE_IDENTIFIER_GROUP)
69
70 #define MASK_EQUAL(mask1, mask2) \
71 ( ((mask1) & NFS4_ACE_MASK_ALL) == ((mask2) & NFS4_ACE_MASK_ALL) )
72
73 static u32
74 mask_from_posix(unsigned short perm, unsigned int flags)
75 {
76 int mask = NFS4_ANYONE_MODE;
77
78 if (flags & NFS4_ACL_OWNER)
79 mask |= NFS4_OWNER_MODE;
80 if (perm & ACL_READ)
81 mask |= NFS4_READ_MODE;
82 if (perm & ACL_WRITE)
83 mask |= NFS4_WRITE_MODE;
84 if ((perm & ACL_WRITE) && (flags & NFS4_ACL_DIR))
85 mask |= NFS4_ACE_DELETE_CHILD;
86 if (perm & ACL_EXECUTE)
87 mask |= NFS4_EXECUTE_MODE;
88 return mask;
89 }
90
91 static u32
92 deny_mask(u32 allow_mask, unsigned int flags)
93 {
94 u32 ret = ~allow_mask & ~NFS4_MASK_UNSUPP;
95 if (!(flags & NFS4_ACL_DIR))
96 ret &= ~NFS4_ACE_DELETE_CHILD;
97 return ret;
98 }
99
100 /* XXX: modify functions to return NFS errors; they're only ever
101 * used by nfs code, after all.... */
102
103 /* We only map from NFSv4 to POSIX ACLs when setting ACLs, when we err on the
104 * side of being more restrictive, so the mode bit mapping below is
105 * pessimistic. An optimistic version would be needed to handle DENY's,
106 * but we espect to coalesce all ALLOWs and DENYs before mapping to mode
107 * bits. */
108
109 static void
110 low_mode_from_nfs4(u32 perm, unsigned short *mode, unsigned int flags)
111 {
112 u32 write_mode = NFS4_WRITE_MODE;
113
114 if (flags & NFS4_ACL_DIR)
115 write_mode |= NFS4_ACE_DELETE_CHILD;
116 *mode = 0;
117 if ((perm & NFS4_READ_MODE) == NFS4_READ_MODE)
118 *mode |= ACL_READ;
119 if ((perm & write_mode) == write_mode)
120 *mode |= ACL_WRITE;
121 if ((perm & NFS4_EXECUTE_MODE) == NFS4_EXECUTE_MODE)
122 *mode |= ACL_EXECUTE;
123 }
124
125 struct ace_container {
126 struct nfs4_ace *ace;
127 struct list_head ace_l;
128 };
129
130 static short ace2type(struct nfs4_ace *);
131 static int _posix_to_nfsv4_one(struct posix_acl *, struct nfs4_acl *, unsigned int);
132 int nfs4_acl_add_ace(struct nfs4_acl *, u32, u32, u32, int, uid_t);
133
134 struct nfs4_acl *
135 nfs4_acl_posix_to_nfsv4(struct posix_acl *pacl, struct posix_acl *dpacl,
136 unsigned int flags)
137 {
138 struct nfs4_acl *acl;
139 int error = -EINVAL;
140
141 if ((pacl != NULL &&
142 (posix_acl_valid(pacl) < 0 || pacl->a_count == 0)) ||
143 (dpacl != NULL &&
144 (posix_acl_valid(dpacl) < 0 || dpacl->a_count == 0)))
145 goto out_err;
146
147 acl = nfs4_acl_new();
148 if (acl == NULL) {
149 error = -ENOMEM;
150 goto out_err;
151 }
152
153 if (pacl != NULL) {
154 error = _posix_to_nfsv4_one(pacl, acl,
155 flags & ~NFS4_ACL_TYPE_DEFAULT);
156 if (error < 0)
157 goto out_acl;
158 }
159
160 if (dpacl != NULL) {
161 error = _posix_to_nfsv4_one(dpacl, acl,
162 flags | NFS4_ACL_TYPE_DEFAULT);
163 if (error < 0)
164 goto out_acl;
165 }
166
167 return acl;
168
169 out_acl:
170 nfs4_acl_free(acl);
171 out_err:
172 acl = ERR_PTR(error);
173
174 return acl;
175 }
176
177 static int
178 nfs4_acl_add_pair(struct nfs4_acl *acl, int eflag, u32 mask, int whotype,
179 uid_t owner, unsigned int flags)
180 {
181 int error;
182
183 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE,
184 eflag, mask, whotype, owner);
185 if (error < 0)
186 return error;
187 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
188 eflag, deny_mask(mask, flags), whotype, owner);
189 return error;
190 }
191
192 /* We assume the acl has been verified with posix_acl_valid. */
193 static int
194 _posix_to_nfsv4_one(struct posix_acl *pacl, struct nfs4_acl *acl,
195 unsigned int flags)
196 {
197 struct posix_acl_entry *pa, *pe, *group_owner_entry;
198 int error = -EINVAL;
199 u32 mask, mask_mask;
200 int eflag = ((flags & NFS4_ACL_TYPE_DEFAULT) ?
201 NFS4_INHERITANCE_FLAGS : 0);
202
203 BUG_ON(pacl->a_count < 3);
204 pe = pacl->a_entries + pacl->a_count;
205 pa = pe - 2; /* if mask entry exists, it's second from the last. */
206 if (pa->e_tag == ACL_MASK)
207 mask_mask = deny_mask(mask_from_posix(pa->e_perm, flags), flags);
208 else
209 mask_mask = 0;
210
211 pa = pacl->a_entries;
212 BUG_ON(pa->e_tag != ACL_USER_OBJ);
213 mask = mask_from_posix(pa->e_perm, flags | NFS4_ACL_OWNER);
214 error = nfs4_acl_add_pair(acl, eflag, mask, NFS4_ACL_WHO_OWNER, 0, flags);
215 if (error < 0)
216 goto out;
217 pa++;
218
219 while (pa->e_tag == ACL_USER) {
220 mask = mask_from_posix(pa->e_perm, flags);
221 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
222 eflag, mask_mask, NFS4_ACL_WHO_NAMED, pa->e_id);
223 if (error < 0)
224 goto out;
225
226
227 error = nfs4_acl_add_pair(acl, eflag, mask,
228 NFS4_ACL_WHO_NAMED, pa->e_id, flags);
229 if (error < 0)
230 goto out;
231 pa++;
232 }
233
234 /* In the case of groups, we apply allow ACEs first, then deny ACEs,
235 * since a user can be in more than one group. */
236
237 /* allow ACEs */
238
239 if (pacl->a_count > 3) {
240 BUG_ON(pa->e_tag != ACL_GROUP_OBJ);
241 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
242 NFS4_ACE_IDENTIFIER_GROUP | eflag, mask_mask,
243 NFS4_ACL_WHO_GROUP, 0);
244 if (error < 0)
245 goto out;
246 }
247 group_owner_entry = pa;
248 mask = mask_from_posix(pa->e_perm, flags);
249 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE,
250 NFS4_ACE_IDENTIFIER_GROUP | eflag, mask,
251 NFS4_ACL_WHO_GROUP, 0);
252 if (error < 0)
253 goto out;
254 pa++;
255
256 while (pa->e_tag == ACL_GROUP) {
257 mask = mask_from_posix(pa->e_perm, flags);
258 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
259 NFS4_ACE_IDENTIFIER_GROUP | eflag, mask_mask,
260 NFS4_ACL_WHO_NAMED, pa->e_id);
261 if (error < 0)
262 goto out;
263
264 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE,
265 NFS4_ACE_IDENTIFIER_GROUP | eflag, mask,
266 NFS4_ACL_WHO_NAMED, pa->e_id);
267 if (error < 0)
268 goto out;
269 pa++;
270 }
271
272 /* deny ACEs */
273
274 pa = group_owner_entry;
275 mask = mask_from_posix(pa->e_perm, flags);
276 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
277 NFS4_ACE_IDENTIFIER_GROUP | eflag,
278 deny_mask(mask, flags), NFS4_ACL_WHO_GROUP, 0);
279 if (error < 0)
280 goto out;
281 pa++;
282 while (pa->e_tag == ACL_GROUP) {
283 mask = mask_from_posix(pa->e_perm, flags);
284 error = nfs4_acl_add_ace(acl, NFS4_ACE_ACCESS_DENIED_ACE_TYPE,
285 NFS4_ACE_IDENTIFIER_GROUP | eflag,
286 deny_mask(mask, flags), NFS4_ACL_WHO_NAMED, pa->e_id);
287 if (error < 0)
288 goto out;
289 pa++;
290 }
291
292 if (pa->e_tag == ACL_MASK)
293 pa++;
294 BUG_ON(pa->e_tag != ACL_OTHER);
295 mask = mask_from_posix(pa->e_perm, flags);
296 error = nfs4_acl_add_pair(acl, eflag, mask, NFS4_ACL_WHO_EVERYONE, 0, flags);
297
298 out:
299 return error;
300 }
301
302 static void
303 sort_pacl_range(struct posix_acl *pacl, int start, int end) {
304 int sorted = 0, i;
305 struct posix_acl_entry tmp;
306
307 /* We just do a bubble sort; easy to do in place, and we're not
308 * expecting acl's to be long enough to justify anything more. */
309 while (!sorted) {
310 sorted = 1;
311 for (i = start; i < end; i++) {
312 if (pacl->a_entries[i].e_id
313 > pacl->a_entries[i+1].e_id) {
314 sorted = 0;
315 tmp = pacl->a_entries[i];
316 pacl->a_entries[i] = pacl->a_entries[i+1];
317 pacl->a_entries[i+1] = tmp;
318 }
319 }
320 }
321 }
322
323 static void
324 sort_pacl(struct posix_acl *pacl)
325 {
326 /* posix_acl_valid requires that users and groups be in order
327 * by uid/gid. */
328 int i, j;
329
330 if (pacl->a_count <= 4)
331 return; /* no users or groups */
332 i = 1;
333 while (pacl->a_entries[i].e_tag == ACL_USER)
334 i++;
335 sort_pacl_range(pacl, 1, i-1);
336
337 BUG_ON(pacl->a_entries[i].e_tag != ACL_GROUP_OBJ);
338 j = i++;
339 while (pacl->a_entries[j].e_tag == ACL_GROUP)
340 j++;
341 sort_pacl_range(pacl, i, j-1);
342 return;
343 }
344
345 /*
346 * While processing the NFSv4 ACE, this maintains bitmasks representing
347 * which permission bits have been allowed and which denied to a given
348 * entity: */
349 struct posix_ace_state {
350 u32 allow;
351 u32 deny;
352 };
353
354 struct posix_user_ace_state {
355 uid_t uid;
356 struct posix_ace_state perms;
357 };
358
359 struct posix_ace_state_array {
360 int n;
361 struct posix_user_ace_state aces[];
362 };
363
364 /*
365 * While processing the NFSv4 ACE, this maintains the partial permissions
366 * calculated so far: */
367
368 struct posix_acl_state {
369 struct posix_ace_state owner;
370 struct posix_ace_state group;
371 struct posix_ace_state other;
372 struct posix_ace_state everyone;
373 struct posix_ace_state mask; /* Deny unused in this case */
374 struct posix_ace_state_array *users;
375 struct posix_ace_state_array *groups;
376 };
377
378 static int
379 init_state(struct posix_acl_state *state, int cnt)
380 {
381 int alloc;
382
383 memset(state, 0, sizeof(struct posix_acl_state));
384 /*
385 * In the worst case, each individual acl could be for a distinct
386 * named user or group, but we don't no which, so we allocate
387 * enough space for either:
388 */
389 alloc = sizeof(struct posix_ace_state_array)
390 + cnt*sizeof(struct posix_ace_state);
391 state->users = kzalloc(alloc, GFP_KERNEL);
392 if (!state->users)
393 return -ENOMEM;
394 state->groups = kzalloc(alloc, GFP_KERNEL);
395 if (!state->groups) {
396 kfree(state->users);
397 return -ENOMEM;
398 }
399 return 0;
400 }
401
402 static void
403 free_state(struct posix_acl_state *state) {
404 kfree(state->users);
405 kfree(state->groups);
406 }
407
408 static inline void add_to_mask(struct posix_acl_state *state, struct posix_ace_state *astate)
409 {
410 state->mask.allow |= astate->allow;
411 }
412
413 /*
414 * Certain bits (SYNCHRONIZE, DELETE, WRITE_OWNER, READ/WRITE_NAMED_ATTRS,
415 * READ_ATTRIBUTES, READ_ACL) are currently unenforceable and don't translate
416 * to traditional read/write/execute permissions.
417 *
418 * It's problematic to reject acls that use certain mode bits, because it
419 * places the burden on users to learn the rules about which bits one
420 * particular server sets, without giving the user a lot of help--we return an
421 * error that could mean any number of different things. To make matters
422 * worse, the problematic bits might be introduced by some application that's
423 * automatically mapping from some other acl model.
424 *
425 * So wherever possible we accept anything, possibly erring on the side of
426 * denying more permissions than necessary.
427 *
428 * However we do reject *explicit* DENY's of a few bits representing
429 * permissions we could never deny:
430 */
431
432 static inline int check_deny(u32 mask, int isowner)
433 {
434 if (mask & (NFS4_ACE_READ_ATTRIBUTES | NFS4_ACE_READ_ACL))
435 return -EINVAL;
436 if (!isowner)
437 return 0;
438 if (mask & (NFS4_ACE_WRITE_ATTRIBUTES | NFS4_ACE_WRITE_ACL))
439 return -EINVAL;
440 return 0;
441 }
442
443 static struct posix_acl *
444 posix_state_to_acl(struct posix_acl_state *state, unsigned int flags)
445 {
446 struct posix_acl_entry *pace;
447 struct posix_acl *pacl;
448 int nace;
449 int i, error = 0;
450
451 nace = 4 + state->users->n + state->groups->n;
452 pacl = posix_acl_alloc(nace, GFP_KERNEL);
453 if (!pacl)
454 return ERR_PTR(-ENOMEM);
455
456 pace = pacl->a_entries;
457 pace->e_tag = ACL_USER_OBJ;
458 error = check_deny(state->owner.deny, 1);
459 if (error)
460 goto out_err;
461 low_mode_from_nfs4(state->owner.allow, &pace->e_perm, flags);
462 pace->e_id = ACL_UNDEFINED_ID;
463
464 for (i=0; i < state->users->n; i++) {
465 pace++;
466 pace->e_tag = ACL_USER;
467 error = check_deny(state->users->aces[i].perms.deny, 0);
468 if (error)
469 goto out_err;
470 low_mode_from_nfs4(state->users->aces[i].perms.allow,
471 &pace->e_perm, flags);
472 pace->e_id = state->users->aces[i].uid;
473 add_to_mask(state, &state->users->aces[i].perms);
474 }
475
476 pace++;
477 pace->e_tag = ACL_GROUP_OBJ;
478 error = check_deny(state->group.deny, 0);
479 if (error)
480 goto out_err;
481 low_mode_from_nfs4(state->group.allow, &pace->e_perm, flags);
482 pace->e_id = ACL_UNDEFINED_ID;
483 add_to_mask(state, &state->group);
484
485 for (i=0; i < state->groups->n; i++) {
486 pace++;
487 pace->e_tag = ACL_GROUP;
488 error = check_deny(state->groups->aces[i].perms.deny, 0);
489 if (error)
490 goto out_err;
491 low_mode_from_nfs4(state->groups->aces[i].perms.allow,
492 &pace->e_perm, flags);
493 pace->e_id = state->groups->aces[i].uid;
494 add_to_mask(state, &state->groups->aces[i].perms);
495 }
496
497 pace++;
498 pace->e_tag = ACL_MASK;
499 low_mode_from_nfs4(state->mask.allow, &pace->e_perm, flags);
500 pace->e_id = ACL_UNDEFINED_ID;
501
502 pace++;
503 pace->e_tag = ACL_OTHER;
504 error = check_deny(state->other.deny, 0);
505 if (error)
506 goto out_err;
507 low_mode_from_nfs4(state->other.allow, &pace->e_perm, flags);
508 pace->e_id = ACL_UNDEFINED_ID;
509
510 return pacl;
511 out_err:
512 posix_acl_release(pacl);
513 return ERR_PTR(error);
514 }
515
516 static inline void allow_bits(struct posix_ace_state *astate, u32 mask)
517 {
518 /* Allow all bits in the mask not already denied: */
519 astate->allow |= mask & ~astate->deny;
520 }
521
522 static inline void deny_bits(struct posix_ace_state *astate, u32 mask)
523 {
524 /* Deny all bits in the mask not already allowed: */
525 astate->deny |= mask & ~astate->allow;
526 }
527
528 static int find_uid(struct posix_acl_state *state, struct posix_ace_state_array *a, uid_t uid)
529 {
530 int i;
531
532 for (i = 0; i < a->n; i++)
533 if (a->aces[i].uid == uid)
534 return i;
535 /* Not found: */
536 a->n++;
537 a->aces[i].uid = uid;
538 a->aces[i].perms.allow = state->everyone.allow;
539 a->aces[i].perms.deny = state->everyone.deny;
540
541 return i;
542 }
543
544 static void deny_bits_array(struct posix_ace_state_array *a, u32 mask)
545 {
546 int i;
547
548 for (i=0; i < a->n; i++)
549 deny_bits(&a->aces[i].perms, mask);
550 }
551
552 static void allow_bits_array(struct posix_ace_state_array *a, u32 mask)
553 {
554 int i;
555
556 for (i=0; i < a->n; i++)
557 allow_bits(&a->aces[i].perms, mask);
558 }
559
560 static void process_one_v4_ace(struct posix_acl_state *state,
561 struct nfs4_ace *ace)
562 {
563 u32 mask = ace->access_mask;
564 int i;
565
566 switch (ace2type(ace)) {
567 case ACL_USER_OBJ:
568 if (ace->type == NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE) {
569 allow_bits(&state->owner, mask);
570 } else {
571 deny_bits(&state->owner, mask);
572 }
573 break;
574 case ACL_USER:
575 i = find_uid(state, state->users, ace->who);
576 if (ace->type == NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE) {
577 allow_bits(&state->users->aces[i].perms, mask);
578 } else {
579 deny_bits(&state->users->aces[i].perms, mask);
580 mask = state->users->aces[i].perms.deny;
581 deny_bits(&state->owner, mask);
582 }
583 break;
584 case ACL_GROUP_OBJ:
585 if (ace->type == NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE) {
586 allow_bits(&state->group, mask);
587 } else {
588 deny_bits(&state->group, mask);
589 mask = state->group.deny;
590 deny_bits(&state->owner, mask);
591 deny_bits(&state->everyone, mask);
592 deny_bits_array(state->users, mask);
593 deny_bits_array(state->groups, mask);
594 }
595 break;
596 case ACL_GROUP:
597 i = find_uid(state, state->groups, ace->who);
598 if (ace->type == NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE) {
599 allow_bits(&state->groups->aces[i].perms, mask);
600 } else {
601 deny_bits(&state->groups->aces[i].perms, mask);
602 mask = state->groups->aces[i].perms.deny;
603 deny_bits(&state->owner, mask);
604 deny_bits(&state->group, mask);
605 deny_bits(&state->everyone, mask);
606 deny_bits_array(state->users, mask);
607 deny_bits_array(state->groups, mask);
608 }
609 break;
610 case ACL_OTHER:
611 if (ace->type == NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE) {
612 allow_bits(&state->owner, mask);
613 allow_bits(&state->group, mask);
614 allow_bits(&state->other, mask);
615 allow_bits(&state->everyone, mask);
616 allow_bits_array(state->users, mask);
617 allow_bits_array(state->groups, mask);
618 } else {
619 deny_bits(&state->owner, mask);
620 deny_bits(&state->group, mask);
621 deny_bits(&state->other, mask);
622 deny_bits(&state->everyone, mask);
623 deny_bits_array(state->users, mask);
624 deny_bits_array(state->groups, mask);
625 }
626 }
627 }
628
629 int nfs4_acl_nfsv4_to_posix(struct nfs4_acl *acl, struct posix_acl **pacl,
630 struct posix_acl **dpacl, unsigned int flags)
631 {
632 struct posix_acl_state effective_acl_state, default_acl_state;
633 struct nfs4_ace *ace;
634 int ret;
635
636 ret = init_state(&effective_acl_state, acl->naces);
637 if (ret)
638 return ret;
639 ret = init_state(&default_acl_state, acl->naces);
640 if (ret)
641 goto out_estate;
642 ret = -EINVAL;
643 list_for_each_entry(ace, &acl->ace_head, l_ace) {
644 if (ace->type != NFS4_ACE_ACCESS_ALLOWED_ACE_TYPE &&
645 ace->type != NFS4_ACE_ACCESS_DENIED_ACE_TYPE)
646 goto out_dstate;
647 if (ace->flag & ~NFS4_SUPPORTED_FLAGS)
648 goto out_dstate;
649 if ((ace->flag & NFS4_INHERITANCE_FLAGS) == 0) {
650 process_one_v4_ace(&effective_acl_state, ace);
651 continue;
652 }
653 if (!(flags & NFS4_ACL_DIR))
654 goto out_dstate;
655 /*
656 * Note that when only one of FILE_INHERIT or DIRECTORY_INHERIT
657 * is set, we're effectively turning on the other. That's OK,
658 * according to rfc 3530.
659 */
660 process_one_v4_ace(&default_acl_state, ace);
661
662 if (!(ace->flag & NFS4_ACE_INHERIT_ONLY_ACE))
663 process_one_v4_ace(&effective_acl_state, ace);
664 }
665 *pacl = posix_state_to_acl(&effective_acl_state, flags);
666 if (IS_ERR(*pacl)) {
667 ret = PTR_ERR(*pacl);
668 goto out_dstate;
669 }
670 *dpacl = posix_state_to_acl(&default_acl_state, flags);
671 if (IS_ERR(*dpacl)) {
672 ret = PTR_ERR(*dpacl);
673 posix_acl_release(*pacl);
674 goto out_dstate;
675 }
676 sort_pacl(*pacl);
677 sort_pacl(*dpacl);
678 ret = 0;
679 out_dstate:
680 free_state(&default_acl_state);
681 out_estate:
682 free_state(&effective_acl_state);
683 return ret;
684 }
685
686 static short
687 ace2type(struct nfs4_ace *ace)
688 {
689 switch (ace->whotype) {
690 case NFS4_ACL_WHO_NAMED:
691 return (ace->flag & NFS4_ACE_IDENTIFIER_GROUP ?
692 ACL_GROUP : ACL_USER);
693 case NFS4_ACL_WHO_OWNER:
694 return ACL_USER_OBJ;
695 case NFS4_ACL_WHO_GROUP:
696 return ACL_GROUP_OBJ;
697 case NFS4_ACL_WHO_EVERYONE:
698 return ACL_OTHER;
699 }
700 BUG();
701 return -1;
702 }
703
704 EXPORT_SYMBOL(nfs4_acl_posix_to_nfsv4);
705 EXPORT_SYMBOL(nfs4_acl_nfsv4_to_posix);
706
707 struct nfs4_acl *
708 nfs4_acl_new(void)
709 {
710 struct nfs4_acl *acl;
711
712 if ((acl = kmalloc(sizeof(*acl), GFP_KERNEL)) == NULL)
713 return NULL;
714
715 acl->naces = 0;
716 INIT_LIST_HEAD(&acl->ace_head);
717
718 return acl;
719 }
720
721 void
722 nfs4_acl_free(struct nfs4_acl *acl)
723 {
724 struct list_head *h;
725 struct nfs4_ace *ace;
726
727 if (!acl)
728 return;
729
730 while (!list_empty(&acl->ace_head)) {
731 h = acl->ace_head.next;
732 list_del(h);
733 ace = list_entry(h, struct nfs4_ace, l_ace);
734 kfree(ace);
735 }
736
737 kfree(acl);
738
739 return;
740 }
741
742 int
743 nfs4_acl_add_ace(struct nfs4_acl *acl, u32 type, u32 flag, u32 access_mask,
744 int whotype, uid_t who)
745 {
746 struct nfs4_ace *ace;
747
748 if ((ace = kmalloc(sizeof(*ace), GFP_KERNEL)) == NULL)
749 return -ENOMEM;
750
751 ace->type = type;
752 ace->flag = flag;
753 ace->access_mask = access_mask;
754 ace->whotype = whotype;
755 ace->who = who;
756
757 list_add_tail(&ace->l_ace, &acl->ace_head);
758 acl->naces++;
759
760 return 0;
761 }
762
763 static struct {
764 char *string;
765 int stringlen;
766 int type;
767 } s2t_map[] = {
768 {
769 .string = "OWNER@",
770 .stringlen = sizeof("OWNER@") - 1,
771 .type = NFS4_ACL_WHO_OWNER,
772 },
773 {
774 .string = "GROUP@",
775 .stringlen = sizeof("GROUP@") - 1,
776 .type = NFS4_ACL_WHO_GROUP,
777 },
778 {
779 .string = "EVERYONE@",
780 .stringlen = sizeof("EVERYONE@") - 1,
781 .type = NFS4_ACL_WHO_EVERYONE,
782 },
783 };
784
785 int
786 nfs4_acl_get_whotype(char *p, u32 len)
787 {
788 int i;
789
790 for (i = 0; i < ARRAY_SIZE(s2t_map); i++) {
791 if (s2t_map[i].stringlen == len &&
792 0 == memcmp(s2t_map[i].string, p, len))
793 return s2t_map[i].type;
794 }
795 return NFS4_ACL_WHO_NAMED;
796 }
797
798 int
799 nfs4_acl_write_who(int who, char *p)
800 {
801 int i;
802
803 for (i = 0; i < ARRAY_SIZE(s2t_map); i++) {
804 if (s2t_map[i].type == who) {
805 memcpy(p, s2t_map[i].string, s2t_map[i].stringlen);
806 return s2t_map[i].stringlen;
807 }
808 }
809 BUG();
810 return -1;
811 }
812
813 EXPORT_SYMBOL(nfs4_acl_new);
814 EXPORT_SYMBOL(nfs4_acl_free);
815 EXPORT_SYMBOL(nfs4_acl_add_ace);
816 EXPORT_SYMBOL(nfs4_acl_get_whotype);
817 EXPORT_SYMBOL(nfs4_acl_write_who);
Log-structured file system for Linux