Commit 272ce1b4 authored by Eric Sandeen's avatar Eric Sandeen Committed by Nathan Scott

[XFS] Avoid creating attrs for acls which can be stored in

the standard permission bits, and remove existing attrs
if acls are reduced to standard permissions.

SGI Modid: 2.5.x-xfs:slinx:130256a
parent 6df53d41
...@@ -33,7 +33,7 @@ ...@@ -33,7 +33,7 @@
#include <xfs.h> #include <xfs.h>
#include <linux/posix_acl_xattr.h> #include <linux/posix_acl_xattr.h>
STATIC int xfs_acl_setmode(vnode_t *, xfs_acl_t *); STATIC int xfs_acl_setmode(vnode_t *, xfs_acl_t *, int *);
STATIC void xfs_acl_filter_mode(mode_t, xfs_acl_t *); STATIC void xfs_acl_filter_mode(mode_t, xfs_acl_t *);
STATIC void xfs_acl_get_endian(xfs_acl_t *); STATIC void xfs_acl_get_endian(xfs_acl_t *);
STATIC int xfs_acl_access(uid_t, gid_t, xfs_acl_t *, mode_t, cred_t *); STATIC int xfs_acl_access(uid_t, gid_t, xfs_acl_t *, mode_t, cred_t *);
...@@ -279,6 +279,7 @@ xfs_acl_vset( ...@@ -279,6 +279,7 @@ xfs_acl_vset(
posix_acl_xattr_header *ext_acl = acl; posix_acl_xattr_header *ext_acl = acl;
xfs_acl_t *xfs_acl; xfs_acl_t *xfs_acl;
int error; int error;
int basicperms = 0; /* more than std unix perms? */
if (!acl) if (!acl)
return -EINVAL; return -EINVAL;
...@@ -303,8 +304,21 @@ xfs_acl_vset( ...@@ -303,8 +304,21 @@ xfs_acl_vset(
/* Incoming ACL exists, set file mode based on its value */ /* Incoming ACL exists, set file mode based on its value */
if (kind == _ACL_TYPE_ACCESS) if (kind == _ACL_TYPE_ACCESS)
xfs_acl_setmode(vp, xfs_acl); xfs_acl_setmode(vp, xfs_acl, &basicperms);
/*
* If we have more than std unix permissions, set up the actual attr.
* Otherwise, delete any existing attr. This prevents us from
* having actual attrs for permissions that can be stored in the
* standard permission bits.
*/
if (!basicperms) {
xfs_acl_set_attr(vp, xfs_acl, kind, &error); xfs_acl_set_attr(vp, xfs_acl, kind, &error);
} else {
xfs_acl_vremove(vp, _ACL_TYPE_ACCESS);
}
out: out:
VN_RELE(vp); VN_RELE(vp);
_ACL_FREE(xfs_acl); _ACL_FREE(xfs_acl);
...@@ -679,6 +693,7 @@ xfs_acl_inherit( ...@@ -679,6 +693,7 @@ xfs_acl_inherit(
{ {
xfs_acl_t *cacl; xfs_acl_t *cacl;
int error = 0; int error = 0;
int basicperms = 0;
/* /*
* If the parent does not have a default ACL, or it's an * If the parent does not have a default ACL, or it's an
...@@ -702,7 +717,7 @@ xfs_acl_inherit( ...@@ -702,7 +717,7 @@ xfs_acl_inherit(
memcpy(cacl, pdaclp, sizeof(xfs_acl_t)); memcpy(cacl, pdaclp, sizeof(xfs_acl_t));
xfs_acl_filter_mode(vap->va_mode, cacl); xfs_acl_filter_mode(vap->va_mode, cacl);
xfs_acl_setmode(vp, cacl); xfs_acl_setmode(vp, cacl, &basicperms);
/* /*
* Set the Default and Access ACL on the file. The mode is already * Set the Default and Access ACL on the file. The mode is already
...@@ -713,7 +728,7 @@ xfs_acl_inherit( ...@@ -713,7 +728,7 @@ xfs_acl_inherit(
*/ */
if (vp->v_type == VDIR) if (vp->v_type == VDIR)
xfs_acl_set_attr(vp, pdaclp, _ACL_TYPE_DEFAULT, &error); xfs_acl_set_attr(vp, pdaclp, _ACL_TYPE_DEFAULT, &error);
if (!error) if (!error && !basicperms)
xfs_acl_set_attr(vp, cacl, _ACL_TYPE_ACCESS, &error); xfs_acl_set_attr(vp, cacl, _ACL_TYPE_ACCESS, &error);
_ACL_FREE(cacl); _ACL_FREE(cacl);
return error; return error;
...@@ -729,13 +744,16 @@ xfs_acl_inherit( ...@@ -729,13 +744,16 @@ xfs_acl_inherit(
STATIC int STATIC int
xfs_acl_setmode( xfs_acl_setmode(
vnode_t *vp, vnode_t *vp,
xfs_acl_t *acl) xfs_acl_t *acl,
int *basicperms)
{ {
vattr_t va; vattr_t va;
xfs_acl_entry_t *ap; xfs_acl_entry_t *ap;
xfs_acl_entry_t *gap = NULL; xfs_acl_entry_t *gap = NULL;
int i, error, nomask = 1; int i, error, nomask = 1;
*basicperms = 1;
if (acl->acl_cnt == XFS_ACL_NOT_PRESENT) if (acl->acl_cnt == XFS_ACL_NOT_PRESENT)
return 0; return 0;
...@@ -759,14 +777,16 @@ xfs_acl_setmode( ...@@ -759,14 +777,16 @@ xfs_acl_setmode(
case ACL_GROUP_OBJ: case ACL_GROUP_OBJ:
gap = ap; gap = ap;
break; break;
case ACL_MASK: case ACL_MASK: /* more than just standard modes */
nomask = 0; nomask = 0;
va.va_mode |= ap->ae_perm << 3; va.va_mode |= ap->ae_perm << 3;
*basicperms = 0;
break; break;
case ACL_OTHER: case ACL_OTHER:
va.va_mode |= ap->ae_perm; va.va_mode |= ap->ae_perm;
break; break;
default: default: /* more than just standard modes */
*basicperms = 0;
break; break;
} }
ap++; ap++;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment