Commit 4a639a72 authored by Rick Macklem's avatar Rick Macklem Committed by Chuck Lever
Browse files

NFSD: Add nfsd4_encode_fattr4_acl_trueform 



Mapping between NFSv4 ACLs and POSIX ACLs is semantically imprecise:
a client that sets an NFSv4 ACL and reads it back may see a different
ACL than it wrote. The proposed NFSv4 POSIX ACL extension introduces
the FATTR4_ACL_TRUEFORM attribute, which reports whether a file
object stores its access control permissions using NFSv4 ACLs or
POSIX ACLs.

A client aware of this extension can avoid lossy translation by
requesting and setting ACLs in their native format.

When NFSD is built with CONFIG_NFSD_V4_POSIX_ACLS, report
ACL_MODEL_POSIX_DRAFT for file objects on file systems with the
SB_POSIXACL flag set, and ACL_MODEL_NONE otherwise. Linux file
systems do not store NFSv4 ACLs natively, so ACL_MODEL_NFS4 is never
reported.

Signed-off-by: default avatarRick Macklem <rmacklem@uoguelph.ca>
Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
parent 91dc464f

fs/nfsd/nfs4xdr.c

+26 −0
Original line number Diff line number Diff line
@@ -3470,6 +3470,22 @@ static __be32 nfsd4_encode_fattr4_open_arguments(struct xdr_stream *xdr, 
	return nfs_ok;

}



#ifdef CONFIG_NFSD_V4_POSIX_ACLS



static __be32 nfsd4_encode_fattr4_acl_trueform(struct xdr_stream *xdr,

					       const struct nfsd4_fattr_args *args)

{

	aclmodel4 trueform = ACL_MODEL_NONE;



	if (IS_POSIXACL(d_inode(args->dentry)))

		trueform = ACL_MODEL_POSIX_DRAFT;

	if (!xdrgen_encode_aclmodel4(xdr, trueform))

		return nfserr_resource;

	return nfs_ok;

}



#endif /* CONFIG_NFSD_V4_POSIX_ACLS */



static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = {

	[FATTR4_SUPPORTED_ATTRS]	= nfsd4_encode_fattr4_supported_attrs,

	[FATTR4_TYPE]			= nfsd4_encode_fattr4_type,
@@ -3573,6 +3589,16 @@ static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = { 
	[FATTR4_TIME_DELEG_ACCESS]	= nfsd4_encode_fattr4__inval,

	[FATTR4_TIME_DELEG_MODIFY]	= nfsd4_encode_fattr4__inval,

	[FATTR4_OPEN_ARGUMENTS]		= nfsd4_encode_fattr4_open_arguments,



	/* Reserved */

	[87]				= nfsd4_encode_fattr4__inval,

	[88]				= nfsd4_encode_fattr4__inval,



#ifdef CONFIG_NFSD_V4_POSIX_ACLS

	[FATTR4_ACL_TRUEFORM]		= nfsd4_encode_fattr4_acl_trueform,

#else

	[FATTR4_ACL_TRUEFORM]		= nfsd4_encode_fattr4__noop,

#endif

};



/*