From patchwork Wed Feb 23 13:52:00 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Aneesh Kumar K.V" X-Patchwork-Id: 584771 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p1NDwxwk027742 for ; Wed, 23 Feb 2011 13:59:00 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932167Ab1BWNx6 (ORCPT ); Wed, 23 Feb 2011 08:53:58 -0500 Received: from e28smtp02.in.ibm.com ([122.248.162.2]:33157 "EHLO e28smtp02.in.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932162Ab1BWNx4 (ORCPT ); Wed, 23 Feb 2011 08:53:56 -0500 Received: from d28relay01.in.ibm.com (d28relay01.in.ibm.com [9.184.220.58]) by e28smtp02.in.ibm.com (8.14.4/8.13.1) with ESMTP id p1NDrf1Y020498; Wed, 23 Feb 2011 19:23:41 +0530 Received: from d28av05.in.ibm.com (d28av05.in.ibm.com [9.184.220.67]) by d28relay01.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id p1NDrd0M622618; Wed, 23 Feb 2011 19:23:39 +0530 Received: from d28av05.in.ibm.com (loopback [127.0.0.1]) by d28av05.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id p1NDrZjT019486; Thu, 24 Feb 2011 00:53:37 +1100 Received: from skywalker.ibm.com ([9.77.68.27]) by d28av05.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id p1NDqS26014791; Thu, 24 Feb 2011 00:53:34 +1100 From: "Aneesh Kumar K.V" To: sfrench@us.ibm.com, agruen@linbit.com, dilger.kernel@dilger.ca, sandeen@redhat.com, tytso@mit.edu, bfields@fieldses.org, jlayton@redhat.com Cc: aneesh.kumar@linux.vnet.ibm.com, linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org, Andreas Gruenbacher Subject: [PATCH -V5 13/24] richacl: Permission mapping functions Date: Wed, 23 Feb 2011 19:22:00 +0530 Message-Id: <1298469131-16555-14-git-send-email-aneesh.kumar@linux.vnet.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1298469131-16555-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> References: <1298469131-16555-1-git-send-email-aneesh.kumar@linux.vnet.ibm.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Wed, 23 Feb 2011 13:59:00 +0000 (UTC) diff --git a/fs/richacl_base.c b/fs/richacl_base.c index 99ed0ca..50ba645 100644 --- a/fs/richacl_base.c +++ b/fs/richacl_base.c @@ -69,6 +69,124 @@ richacl_clone(const struct richacl *acl) } /** + * richacl_mask_to_mode - compute the file permission bits which correspond to @mask + * @mask: %ACE4_* permission mask + * + * See richacl_masks_to_mode(). + */ +static int +richacl_mask_to_mode(unsigned int mask) +{ + int mode = 0; + + if (mask & ACE4_POSIX_MODE_READ) + mode |= MAY_READ; + if (mask & ACE4_POSIX_MODE_WRITE) + mode |= MAY_WRITE; + if (mask & ACE4_POSIX_MODE_EXEC) + mode |= MAY_EXEC; + + return mode; +} + +/** + * richacl_masks_to_mode - compute the file permission bits from the file masks + * + * When setting a richacl, we set the file permission bits to indicate maximum + * permissions: for example, we set the Write permission when a mask contains + * ACE4_APPEND_DATA even if it does not also contain ACE4_WRITE_DATA. + * + * Permissions which are not in ACE4_POSIX_MODE_READ, ACE4_POSIX_MODE_WRITE, or + * ACE4_POSIX_MODE_EXEC cannot be represented in the file permission bits. + * Such permissions can still be effective, but not for new files or after a + * chmod(), and only if they were set explicitly, for example, by setting a + * richacl. + */ +int +richacl_masks_to_mode(const struct richacl *acl) +{ + return richacl_mask_to_mode(acl->a_owner_mask) << 6 | + richacl_mask_to_mode(acl->a_group_mask) << 3 | + richacl_mask_to_mode(acl->a_other_mask); +} +EXPORT_SYMBOL_GPL(richacl_masks_to_mode); + +/** + * richacl_mode_to_mask - compute a file mask from the lowest three mode bits + * + * When the file permission bits of a file are set with chmod(), this specifies + * the maximum permissions that processes will get. All permissions beyond + * that will be removed from the file masks, and become ineffective. + * + * We also add in the permissions which are always allowed no matter what the + * acl says. + */ +unsigned int +richacl_mode_to_mask(mode_t mode) +{ + unsigned int mask = ACE4_POSIX_ALWAYS_ALLOWED; + + if (mode & MAY_READ) + mask |= ACE4_POSIX_MODE_READ; + if (mode & MAY_WRITE) + mask |= ACE4_POSIX_MODE_WRITE; + if (mode & MAY_EXEC) + mask |= ACE4_POSIX_MODE_EXEC; + + return mask; +} + +/** + * richacl_want_to_mask - convert the iop->permission want argument to a mask + * @want: @want argument of the permission inode operation + * + * When checking for append, @want is (MAY_WRITE | MAY_APPEND). + * + * Richacls use the iop->may_create and iop->may_delete hooks which are + * used for checking if creating and deleting files is allowed. These hooks do + * not use richacl_want_to_mask(), so we do not have to deal with mapping + * MAY_WRITE to ACE4_ADD_FILE, ACE4_ADD_SUBDIRECTORY, and ACE4_DELETE_CHILD + * here. + */ +unsigned int +richacl_want_to_mask(int want) +{ + unsigned int mask = 0; + + if (want & MAY_READ) + mask |= ACE4_READ_DATA; + if (want & (MAY_APPEND | + MAY_CREATE_FILE | MAY_CREATE_DIR | + MAY_DELETE_CHILD | MAY_DELETE_SELF | + MAY_TAKE_OWNERSHIP | MAY_CHMOD | MAY_SET_TIMES)) { + if (want & MAY_APPEND) + mask |= ACE4_APPEND_DATA; + else if (want & MAY_DELETE_SELF) + mask |= ACE4_DELETE; + else if (want & MAY_TAKE_OWNERSHIP) + mask |= ACE4_WRITE_OWNER; + else if (want & MAY_CHMOD) + mask |= ACE4_WRITE_ACL; + else if (want & MAY_SET_TIMES) + mask |= ACE4_WRITE_ATTRIBUTES; + else { + if (want & MAY_CREATE_FILE) + mask |= ACE4_ADD_FILE; + if (want & MAY_CREATE_DIR) + mask |= ACE4_ADD_SUBDIRECTORY; + if (want & MAY_DELETE_CHILD) + mask |= ACE4_DELETE_CHILD; + } + } else if (want & MAY_WRITE) + mask |= ACE4_WRITE_DATA; + if (want & MAY_EXEC) + mask |= ACE4_EXECUTE; + + return mask; +} +EXPORT_SYMBOL_GPL(richacl_want_to_mask); + +/** * richace_is_same_identifier - are both identifiers the same? */ int diff --git a/include/linux/richacl.h b/include/linux/richacl.h index b0472f1..399dbc9 100644 --- a/include/linux/richacl.h +++ b/include/linux/richacl.h @@ -117,6 +117,49 @@ struct richacl { ACE4_WRITE_OWNER | \ ACE4_SYNCHRONIZE) +/* + * The POSIX permissions are supersets of the following NFSv4 permissions: + * + * - MAY_READ maps to READ_DATA or LIST_DIRECTORY, depending on the type + * of the file system object. + * + * - MAY_WRITE maps to WRITE_DATA or ACE4_APPEND_DATA for files, and to + * ADD_FILE, ACE4_ADD_SUBDIRECTORY, or ACE4_DELETE_CHILD for directories. + * + * - MAY_EXECUTE maps to ACE4_EXECUTE. + * + * (Some of these NFSv4 permissions have the same bit values.) + */ +#define ACE4_POSIX_MODE_READ ( \ + ACE4_READ_DATA | \ + ACE4_LIST_DIRECTORY) +#define ACE4_POSIX_MODE_WRITE ( \ + ACE4_WRITE_DATA | \ + ACE4_ADD_FILE | \ + ACE4_APPEND_DATA | \ + ACE4_ADD_SUBDIRECTORY | \ + ACE4_DELETE_CHILD) +#define ACE4_POSIX_MODE_EXEC ACE4_EXECUTE +#define ACE4_POSIX_MODE_ALL ( \ + ACE4_POSIX_MODE_READ | \ + ACE4_POSIX_MODE_WRITE | \ + ACE4_POSIX_MODE_EXEC) +/* + * These permissions are always allowed + * no matter what the acl says. + */ +#define ACE4_POSIX_ALWAYS_ALLOWED ( \ + ACE4_SYNCHRONIZE | \ + ACE4_READ_ATTRIBUTES | \ + ACE4_READ_ACL) +/* + * The owner is implicitly granted + * these permissions under POSIX. + */ +#define ACE4_POSIX_OWNER_ALLOWED ( \ + ACE4_WRITE_ATTRIBUTES | \ + ACE4_WRITE_OWNER | \ + ACE4_WRITE_ACL) /** * richacl_get - grab another reference to a richacl handle */ @@ -241,5 +284,8 @@ extern struct richacl *richacl_alloc(int); extern int richace_is_same_identifier(const struct richace *, const struct richace *); extern int richace_set_who(struct richace *, const char *); +extern int richacl_masks_to_mode(const struct richacl *); +extern unsigned int richacl_mode_to_mask(mode_t); +extern unsigned int richacl_want_to_mask(int); #endif /* __RICHACL_H */