Linux-Fsdevel Archive on lore.kernel.org
 help / color / Atom feed
From: NeilBrown <neilb@suse.com>
To: "J. Bruce Fields" <bfields@fieldses.org>,
	Anna Schumaker <anna.schumaker@netapp.com>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Trond Myklebust <trond.myklebust@hammerspace.com>
Cc: Jan Harkes <jaharkes@cs.cmu.edu>,
	linux-nfs@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>,
	Jeff Layton <jlayton@kernel.org>,
	linux-kernel@vger.kernel.org, linux-afs@lists.infradead.org,
	David Howells <dhowells@redhat.com>,
	coda@cs.cmu.edu, linux-fsdevel@vger.kernel.org,
	Christoph Hellwig <hch@lst.de>
Subject: [PATCH 0/3] Fix regression in NFSv3 ACL setting
Date: Thu, 04 Oct 2018 11:02:43 +1000
Message-ID: <153861471803.30373.6184444014227748848.stgit@noble> (raw)

Commit 013cdf1088d7 ("nfs: use generic posix ACL infrastructure for v3
Posix ACLs") introduce a regression for NFSv3 ACL setting.
An owner should be able to set an ACL, but the new code tests for
ownership in a way that is not reliable for NFSv3.  For NFSv3 the only
reliable test is to send the request to the server and see if it works.

The first patch introduces MAY_ACT_AS_OWNER and relies on the
filesystem to do the appropriate ownership test.  This touches
several filesystems, hence the long 'Cc' list.
Following two patches are small code cleanups relating to this.

Thanks,
NeilBrown


---

NeilBrown (3):
      VFS: introduce MAY_ACT_AS_OWNER
      VFS: allow MAY_ flags to be easily extended.
      NFSD - Use MAY_ACT_AS_OWNER


 fs/afs/security.c  |   10 ++++++++++
 fs/attr.c          |   12 +++++-------
 fs/coda/dir.c      |   10 ++++++++++
 fs/fcntl.c         |    2 +-
 fs/fuse/dir.c      |   10 ++++++++++
 fs/namei.c         |    9 +++++++++
 fs/nfs/dir.c       |    8 ++++++++
 fs/nfsd/vfs.c      |   11 ++++++-----
 fs/nfsd/vfs.h      |   33 ++++++++++++++++++---------------
 fs/posix_acl.c     |    2 +-
 fs/xattr.c         |    2 +-
 include/linux/fs.h |   10 ++++++++++
 12 files changed, 89 insertions(+), 30 deletions(-)

--
Signature

             reply index

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-04  1:02 NeilBrown [this message]
2018-10-04  1:02 ` [PATCH 3/3] NFSD - Use MAY_ACT_AS_OWNER NeilBrown
2018-10-04  1:02 ` [PATCH 1/3] VFS: introduce MAY_ACT_AS_OWNER NeilBrown
2018-10-04  1:02 ` [PATCH 2/3] VFS: allow MAY_ flags to be easily extended NeilBrown
2018-10-04  2:11   ` [PATCH 2/3 v2] " NeilBrown
2018-10-04 14:10 ` [PATCH 1/3] VFS: introduce MAY_ACT_AS_OWNER David Howells
2018-10-04 14:42   ` Jan Harkes
2018-10-04 21:55     ` NeilBrown
2018-10-04 21:52   ` NeilBrown
2018-10-04 22:50   ` David Howells

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=153861471803.30373.6184444014227748848.stgit@noble \
    --to=neilb@suse.com \
    --cc=anna.schumaker@netapp.com \
    --cc=bfields@fieldses.org \
    --cc=coda@cs.cmu.edu \
    --cc=dhowells@redhat.com \
    --cc=hch@lst.de \
    --cc=jaharkes@cs.cmu.edu \
    --cc=jlayton@kernel.org \
    --cc=linux-afs@lists.infradead.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=miklos@szeredi.hu \
    --cc=trond.myklebust@hammerspace.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Fsdevel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fsdevel/0 linux-fsdevel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fsdevel linux-fsdevel/ https://lore.kernel.org/linux-fsdevel \
		linux-fsdevel@vger.kernel.org
	public-inbox-index linux-fsdevel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fsdevel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git