1 #include <linux/fs.h> 2 #include <linux/gfp.h> 3 #include <linux/nfs.h> 4 #include <linux/nfs3.h> 5 #include <linux/nfs_fs.h> 6 #include <linux/posix_acl_xattr.h> 7 #include <linux/nfsacl.h> 8 9 #include "internal.h" 10 #include "nfs3_fs.h" 11 12 #define NFSDBG_FACILITY NFSDBG_PROC 13 14 /* 15 * nfs3_prepare_get_acl, nfs3_complete_get_acl, nfs3_abort_get_acl: Helpers for 16 * caching get_acl results in a race-free way. See fs/posix_acl.c:get_acl() 17 * for explanations. 18 */ 19 static void nfs3_prepare_get_acl(struct posix_acl **p) 20 { 21 struct posix_acl *sentinel = uncached_acl_sentinel(current); 22 23 if (cmpxchg(p, ACL_NOT_CACHED, sentinel) != ACL_NOT_CACHED) { 24 /* Not the first reader or sentinel already in place. */ 25 } 26 } 27 28 static void nfs3_complete_get_acl(struct posix_acl **p, struct posix_acl *acl) 29 { 30 struct posix_acl *sentinel = uncached_acl_sentinel(current); 31 32 /* Only cache the ACL if our sentinel is still in place. */ 33 posix_acl_dup(acl); 34 if (cmpxchg(p, sentinel, acl) != sentinel) 35 posix_acl_release(acl); 36 } 37 38 static void nfs3_abort_get_acl(struct posix_acl **p) 39 { 40 struct posix_acl *sentinel = uncached_acl_sentinel(current); 41 42 /* Remove our sentinel upon failure. */ 43 cmpxchg(p, sentinel, ACL_NOT_CACHED); 44 } 45 46 struct posix_acl *nfs3_get_acl(struct inode *inode, int type) 47 { 48 struct nfs_server *server = NFS_SERVER(inode); 49 struct page *pages[NFSACL_MAXPAGES] = { }; 50 struct nfs3_getaclargs args = { 51 .fh = NFS_FH(inode), 52 /* The xdr layer may allocate pages here. */ 53 .pages = pages, 54 }; 55 struct nfs3_getaclres res = { 56 NULL, 57 }; 58 struct rpc_message msg = { 59 .rpc_argp = &args, 60 .rpc_resp = &res, 61 }; 62 int status, count; 63 64 if (!nfs_server_capable(inode, NFS_CAP_ACLS)) 65 return ERR_PTR(-EOPNOTSUPP); 66 67 status = nfs_revalidate_inode(server, inode); 68 if (status < 0) 69 return ERR_PTR(status); 70 71 /* 72 * Only get the access acl when explicitly requested: We don't 73 * need it for access decisions, and only some applications use 74 * it. Applications which request the access acl first are not 75 * penalized from this optimization. 76 */ 77 if (type == ACL_TYPE_ACCESS) 78 args.mask |= NFS_ACLCNT|NFS_ACL; 79 if (S_ISDIR(inode->i_mode)) 80 args.mask |= NFS_DFACLCNT|NFS_DFACL; 81 if (args.mask == 0) 82 return NULL; 83 84 dprintk("NFS call getacl\n"); 85 msg.rpc_proc = &server->client_acl->cl_procinfo[ACLPROC3_GETACL]; 86 res.fattr = nfs_alloc_fattr(); 87 if (res.fattr == NULL) 88 return ERR_PTR(-ENOMEM); 89 90 if (args.mask & NFS_ACL) 91 nfs3_prepare_get_acl(&inode->i_acl); 92 if (args.mask & NFS_DFACL) 93 nfs3_prepare_get_acl(&inode->i_default_acl); 94 95 status = rpc_call_sync(server->client_acl, &msg, 0); 96 dprintk("NFS reply getacl: %d\n", status); 97 98 /* pages may have been allocated at the xdr layer. */ 99 for (count = 0; count < NFSACL_MAXPAGES && args.pages[count]; count++) 100 __free_page(args.pages[count]); 101 102 switch (status) { 103 case 0: 104 status = nfs_refresh_inode(inode, res.fattr); 105 break; 106 case -EPFNOSUPPORT: 107 case -EPROTONOSUPPORT: 108 dprintk("NFS_V3_ACL extension not supported; disabling\n"); 109 server->caps &= ~NFS_CAP_ACLS; 110 case -ENOTSUPP: 111 status = -EOPNOTSUPP; 112 default: 113 goto getout; 114 } 115 if ((args.mask & res.mask) != args.mask) { 116 status = -EIO; 117 goto getout; 118 } 119 120 if (res.acl_access != NULL) { 121 if ((posix_acl_equiv_mode(res.acl_access, NULL) == 0) || 122 res.acl_access->a_count == 0) { 123 posix_acl_release(res.acl_access); 124 res.acl_access = NULL; 125 } 126 } 127 128 if (res.mask & NFS_ACL) 129 nfs3_complete_get_acl(&inode->i_acl, res.acl_access); 130 else 131 forget_cached_acl(inode, ACL_TYPE_ACCESS); 132 133 if (res.mask & NFS_DFACL) 134 nfs3_complete_get_acl(&inode->i_default_acl, res.acl_default); 135 else 136 forget_cached_acl(inode, ACL_TYPE_DEFAULT); 137 138 nfs_free_fattr(res.fattr); 139 if (type == ACL_TYPE_ACCESS) { 140 posix_acl_release(res.acl_default); 141 return res.acl_access; 142 } else { 143 posix_acl_release(res.acl_access); 144 return res.acl_default; 145 } 146 147 getout: 148 nfs3_abort_get_acl(&inode->i_acl); 149 nfs3_abort_get_acl(&inode->i_default_acl); 150 posix_acl_release(res.acl_access); 151 posix_acl_release(res.acl_default); 152 nfs_free_fattr(res.fattr); 153 return ERR_PTR(status); 154 } 155 156 static int __nfs3_proc_setacls(struct inode *inode, struct posix_acl *acl, 157 struct posix_acl *dfacl) 158 { 159 struct nfs_server *server = NFS_SERVER(inode); 160 struct nfs_fattr *fattr; 161 struct page *pages[NFSACL_MAXPAGES]; 162 struct nfs3_setaclargs args = { 163 .inode = inode, 164 .mask = NFS_ACL, 165 .acl_access = acl, 166 .pages = pages, 167 }; 168 struct rpc_message msg = { 169 .rpc_argp = &args, 170 .rpc_resp = &fattr, 171 }; 172 int status = 0; 173 174 if (acl == NULL && (!S_ISDIR(inode->i_mode) || dfacl == NULL)) 175 goto out; 176 177 status = -EOPNOTSUPP; 178 if (!nfs_server_capable(inode, NFS_CAP_ACLS)) 179 goto out; 180 181 /* We are doing this here because XDR marshalling does not 182 * return any results, it BUGs. */ 183 status = -ENOSPC; 184 if (acl != NULL && acl->a_count > NFS_ACL_MAX_ENTRIES) 185 goto out; 186 if (dfacl != NULL && dfacl->a_count > NFS_ACL_MAX_ENTRIES) 187 goto out; 188 if (S_ISDIR(inode->i_mode)) { 189 args.mask |= NFS_DFACL; 190 args.acl_default = dfacl; 191 args.len = nfsacl_size(acl, dfacl); 192 } else 193 args.len = nfsacl_size(acl, NULL); 194 195 if (args.len > NFS_ACL_INLINE_BUFSIZE) { 196 unsigned int npages = 1 + ((args.len - 1) >> PAGE_SHIFT); 197 198 status = -ENOMEM; 199 do { 200 args.pages[args.npages] = alloc_page(GFP_KERNEL); 201 if (args.pages[args.npages] == NULL) 202 goto out_freepages; 203 args.npages++; 204 } while (args.npages < npages); 205 } 206 207 dprintk("NFS call setacl\n"); 208 status = -ENOMEM; 209 fattr = nfs_alloc_fattr(); 210 if (fattr == NULL) 211 goto out_freepages; 212 213 msg.rpc_proc = &server->client_acl->cl_procinfo[ACLPROC3_SETACL]; 214 msg.rpc_resp = fattr; 215 status = rpc_call_sync(server->client_acl, &msg, 0); 216 nfs_access_zap_cache(inode); 217 nfs_zap_acl_cache(inode); 218 dprintk("NFS reply setacl: %d\n", status); 219 220 switch (status) { 221 case 0: 222 status = nfs_refresh_inode(inode, fattr); 223 set_cached_acl(inode, ACL_TYPE_ACCESS, acl); 224 set_cached_acl(inode, ACL_TYPE_DEFAULT, dfacl); 225 break; 226 case -EPFNOSUPPORT: 227 case -EPROTONOSUPPORT: 228 dprintk("NFS_V3_ACL SETACL RPC not supported" 229 "(will not retry)\n"); 230 server->caps &= ~NFS_CAP_ACLS; 231 case -ENOTSUPP: 232 status = -EOPNOTSUPP; 233 } 234 nfs_free_fattr(fattr); 235 out_freepages: 236 while (args.npages != 0) { 237 args.npages--; 238 __free_page(args.pages[args.npages]); 239 } 240 out: 241 return status; 242 } 243 244 int nfs3_proc_setacls(struct inode *inode, struct posix_acl *acl, 245 struct posix_acl *dfacl) 246 { 247 int ret; 248 ret = __nfs3_proc_setacls(inode, acl, dfacl); 249 return (ret == -EOPNOTSUPP) ? 0 : ret; 250 251 } 252 253 int nfs3_set_acl(struct inode *inode, struct posix_acl *acl, int type) 254 { 255 struct posix_acl *alloc = NULL, *dfacl = NULL; 256 int status; 257 258 if (S_ISDIR(inode->i_mode)) { 259 switch(type) { 260 case ACL_TYPE_ACCESS: 261 alloc = dfacl = get_acl(inode, ACL_TYPE_DEFAULT); 262 if (IS_ERR(alloc)) 263 goto fail; 264 break; 265 266 case ACL_TYPE_DEFAULT: 267 dfacl = acl; 268 alloc = acl = get_acl(inode, ACL_TYPE_ACCESS); 269 if (IS_ERR(alloc)) 270 goto fail; 271 break; 272 } 273 } 274 275 if (acl == NULL) { 276 alloc = acl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); 277 if (IS_ERR(alloc)) 278 goto fail; 279 } 280 status = __nfs3_proc_setacls(inode, acl, dfacl); 281 posix_acl_release(alloc); 282 return status; 283 284 fail: 285 return PTR_ERR(alloc); 286 } 287 288 const struct xattr_handler *nfs3_xattr_handlers[] = { 289 &posix_acl_access_xattr_handler, 290 &posix_acl_default_xattr_handler, 291 NULL, 292 }; 293 294 static int 295 nfs3_list_one_acl(struct inode *inode, int type, const char *name, void *data, 296 size_t size, ssize_t *result) 297 { 298 struct posix_acl *acl; 299 char *p = data + *result; 300 301 acl = get_acl(inode, type); 302 if (IS_ERR_OR_NULL(acl)) 303 return 0; 304 305 posix_acl_release(acl); 306 307 *result += strlen(name); 308 *result += 1; 309 if (!size) 310 return 0; 311 if (*result > size) 312 return -ERANGE; 313 314 strcpy(p, name); 315 return 0; 316 } 317 318 ssize_t 319 nfs3_listxattr(struct dentry *dentry, char *data, size_t size) 320 { 321 struct inode *inode = d_inode(dentry); 322 ssize_t result = 0; 323 int error; 324 325 error = nfs3_list_one_acl(inode, ACL_TYPE_ACCESS, 326 XATTR_NAME_POSIX_ACL_ACCESS, data, size, &result); 327 if (error) 328 return error; 329 330 error = nfs3_list_one_acl(inode, ACL_TYPE_DEFAULT, 331 XATTR_NAME_POSIX_ACL_DEFAULT, data, size, &result); 332 if (error) 333 return error; 334 return result; 335 } 336