From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-it1-f170.google.com ([209.85.166.170]:52302 "EHLO mail-it1-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726061AbeJLINw (ORCPT ); Fri, 12 Oct 2018 04:13:52 -0400 Received: by mail-it1-f170.google.com with SMTP id 134-v6so16374284itz.2 for ; Thu, 11 Oct 2018 17:44:05 -0700 (PDT) From: Andreas Dilger Content-Type: multipart/signed; boundary="Apple-Mail=_2D1B2491-9723-49F4-993E-A39C32C9EC75"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Fwd: posix_acl_permission() and MAY_* flags Date: Thu, 11 Oct 2018 18:43:57 -0600 References: <1254FD78-8392-4B97-A191-EDA01B719635@whamcloud.com> Cc: linux-fsdevel To: Al Viro , Andreas Gruenbacher Message-Id: Sender: linux-fsdevel-owner@vger.kernel.org List-ID: --Apple-Mail=_2D1B2491-9723-49F4-993E-A39C32C9EC75 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii I was looking at POSIX ACL on-disk and in-memory code and it looks like there is a subtle dependency between the on-disk format and what (IMHO) would be considered in-memory declarations. When a POSIX ACL is read from disk, posix_acl_from_mode() copies the file mode (S_I[RWX][UGO]) into the e_perm fields of the ACL default entries. Similarly, in posix_acl_equiv_mode() and posix_acl_create_masq() it uses S_IRWXO to mask the e_perm flags. However, later on in posix_acl_permission() it directly uses the "want" flag contains MAY_{READ,WRITE,EXEC} flags and compares those to e_perm of each ACL entry. In posix_acl_valid() it compares e_perm with ACL_{READ,WRITE,EXECUTE}. While the MAY_[RWX] and ACL_[RWX] currently have the same value as S_I[RWX]OTH, it isn't very clear that these flags MUST all have the same values or POSIX ACLs will break. This definitely doesn't seem quite right. Are the ACL_* constants the values to be used, with "conversion" in between the flags/modes? Should there be a BUILD_BUG_ON() that trips if those values ever differ? Cheers, Andreas --Apple-Mail=_2D1B2491-9723-49F4-993E-A39C32C9EC75 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIzBAEBCAAdFiEEDb73u6ZejP5ZMprvcqXauRfMH+AFAlu/7k4ACgkQcqXauRfM H+BzPA/8Dq/vtZzlbBB2X1SGJj0SpbEA1GKkhhbi2PPMWSK3F24wF+dLRzFGfkg+ qJ128Mi1wo4iYOcqPdrYh3QWHmFLmpaXF7OMUTFvs+74c9dEcgEsi5Z1AfQ1poqw roO0o2PIRFwSLEt7qEbZoVoWwQpMNSZhH9eug6xTS1eQPNgSsZNlTi8XYWp9312B OgDjMvheTOeSX/NUeKhkuDeFu4QEUTBbwcUG+FCMVIjMssQsMYMfb75YqqJYxnsO QwxeWJui5WpgNkhF9z6p/5NqquN6ef8/lEjZsBGTlFYNjbOx2eSwzB+gq+DrVqSi KJHVp+B8bZt16e66o2Cm0fChMZW5a1XpTzQ+s1LnpY6N9JFt8MFFAClczjiBCXHy mK7akD0GFY/dgwzAO5vINWo6YFFPQt7bINdpxzx12eg8Sg3D5ORvWQ6+2XqB+wza SAqB+fM91Ccl91F5ACmoNpGZgGg50LlpkxIQsZb3PdtVE/Tdb7JkkPfG/6Gol+GB MPSwNZIvV1rxyXfPOCvPFwobTA+9ZNuENzM8HH3kVFv9T4Z4I2YCJ5VLclshpXIo 3PLB/rXr8O/rxekMU2Yh3oy0xsufF20mTVUtyHrFBAXXikJCCzOXSRviVHt5T+Fu KQlWXRPFzpNi6UU+H+SdROSKi68zSbMTKNa49QeDdbkz/fMPYGg= =ETKa -----END PGP SIGNATURE----- --Apple-Mail=_2D1B2491-9723-49F4-993E-A39C32C9EC75--