1 // SPDX-License-Identifier: GPL-2.0
5 #include <linux/nfs3.h>
6 #include <linux/nfs_fs.h>
7 #include <linux/posix_acl_xattr.h>
8 #include <linux/nfsacl.h>
13 #define NFSDBG_FACILITY NFSDBG_PROC
16 * nfs3_prepare_get_acl, nfs3_complete_get_acl, nfs3_abort_get_acl: Helpers for
17 * caching get_acl results in a race-free way. See fs/posix_acl.c:get_acl()
20 static void nfs3_prepare_get_acl(struct posix_acl
**p
)
22 struct posix_acl
*sentinel
= uncached_acl_sentinel(current
);
24 if (cmpxchg(p
, ACL_NOT_CACHED
, sentinel
) != ACL_NOT_CACHED
) {
25 /* Not the first reader or sentinel already in place. */
29 static void nfs3_complete_get_acl(struct posix_acl
**p
, struct posix_acl
*acl
)
31 struct posix_acl
*sentinel
= uncached_acl_sentinel(current
);
33 /* Only cache the ACL if our sentinel is still in place. */
35 if (cmpxchg(p
, sentinel
, acl
) != sentinel
)
36 posix_acl_release(acl
);
39 static void nfs3_abort_get_acl(struct posix_acl
**p
)
41 struct posix_acl
*sentinel
= uncached_acl_sentinel(current
);
43 /* Remove our sentinel upon failure. */
44 cmpxchg(p
, sentinel
, ACL_NOT_CACHED
);
47 struct posix_acl
*nfs3_get_acl(struct inode
*inode
, int type
, bool rcu
)
49 struct nfs_server
*server
= NFS_SERVER(inode
);
50 struct page
*pages
[NFSACL_MAXPAGES
] = { };
51 struct nfs3_getaclargs args
= {
53 /* The xdr layer may allocate pages here. */
56 struct nfs3_getaclres res
= {
59 struct rpc_message msg
= {
66 return ERR_PTR(-ECHILD
);
68 if (!nfs_server_capable(inode
, NFS_CAP_ACLS
))
69 return ERR_PTR(-EOPNOTSUPP
);
71 status
= nfs_revalidate_inode(inode
, NFS_INO_INVALID_CHANGE
);
73 return ERR_PTR(status
);
76 * Only get the access acl when explicitly requested: We don't
77 * need it for access decisions, and only some applications use
78 * it. Applications which request the access acl first are not
79 * penalized from this optimization.
81 if (type
== ACL_TYPE_ACCESS
)
82 args
.mask
|= NFS_ACLCNT
|NFS_ACL
;
83 if (S_ISDIR(inode
->i_mode
))
84 args
.mask
|= NFS_DFACLCNT
|NFS_DFACL
;
88 dprintk("NFS call getacl\n");
89 msg
.rpc_proc
= &server
->client_acl
->cl_procinfo
[ACLPROC3_GETACL
];
90 res
.fattr
= nfs_alloc_fattr();
91 if (res
.fattr
== NULL
)
92 return ERR_PTR(-ENOMEM
);
94 if (args
.mask
& NFS_ACL
)
95 nfs3_prepare_get_acl(&inode
->i_acl
);
96 if (args
.mask
& NFS_DFACL
)
97 nfs3_prepare_get_acl(&inode
->i_default_acl
);
99 status
= rpc_call_sync(server
->client_acl
, &msg
, 0);
100 dprintk("NFS reply getacl: %d\n", status
);
102 /* pages may have been allocated at the xdr layer. */
103 for (count
= 0; count
< NFSACL_MAXPAGES
&& args
.pages
[count
]; count
++)
104 __free_page(args
.pages
[count
]);
108 status
= nfs_refresh_inode(inode
, res
.fattr
);
111 case -EPROTONOSUPPORT
:
112 dprintk("NFS_V3_ACL extension not supported; disabling\n");
113 server
->caps
&= ~NFS_CAP_ACLS
;
116 status
= -EOPNOTSUPP
;
121 if ((args
.mask
& res
.mask
) != args
.mask
) {
126 if (res
.acl_access
!= NULL
) {
127 if ((posix_acl_equiv_mode(res
.acl_access
, NULL
) == 0) ||
128 res
.acl_access
->a_count
== 0) {
129 posix_acl_release(res
.acl_access
);
130 res
.acl_access
= NULL
;
134 if (res
.mask
& NFS_ACL
)
135 nfs3_complete_get_acl(&inode
->i_acl
, res
.acl_access
);
137 forget_cached_acl(inode
, ACL_TYPE_ACCESS
);
139 if (res
.mask
& NFS_DFACL
)
140 nfs3_complete_get_acl(&inode
->i_default_acl
, res
.acl_default
);
142 forget_cached_acl(inode
, ACL_TYPE_DEFAULT
);
144 nfs_free_fattr(res
.fattr
);
145 if (type
== ACL_TYPE_ACCESS
) {
146 posix_acl_release(res
.acl_default
);
147 return res
.acl_access
;
149 posix_acl_release(res
.acl_access
);
150 return res
.acl_default
;
154 nfs3_abort_get_acl(&inode
->i_acl
);
155 nfs3_abort_get_acl(&inode
->i_default_acl
);
156 posix_acl_release(res
.acl_access
);
157 posix_acl_release(res
.acl_default
);
158 nfs_free_fattr(res
.fattr
);
159 return ERR_PTR(status
);
162 static int __nfs3_proc_setacls(struct inode
*inode
, struct posix_acl
*acl
,
163 struct posix_acl
*dfacl
)
165 struct nfs_server
*server
= NFS_SERVER(inode
);
166 struct nfs_fattr
*fattr
;
167 struct page
*pages
[NFSACL_MAXPAGES
];
168 struct nfs3_setaclargs args
= {
174 struct rpc_message msg
= {
180 if (acl
== NULL
&& (!S_ISDIR(inode
->i_mode
) || dfacl
== NULL
))
183 status
= -EOPNOTSUPP
;
184 if (!nfs_server_capable(inode
, NFS_CAP_ACLS
))
187 /* We are doing this here because XDR marshalling does not
188 * return any results, it BUGs. */
190 if (acl
!= NULL
&& acl
->a_count
> NFS_ACL_MAX_ENTRIES
)
192 if (dfacl
!= NULL
&& dfacl
->a_count
> NFS_ACL_MAX_ENTRIES
)
194 if (S_ISDIR(inode
->i_mode
)) {
195 args
.mask
|= NFS_DFACL
;
196 args
.acl_default
= dfacl
;
197 args
.len
= nfsacl_size(acl
, dfacl
);
199 args
.len
= nfsacl_size(acl
, NULL
);
201 if (args
.len
> NFS_ACL_INLINE_BUFSIZE
) {
202 unsigned int npages
= 1 + ((args
.len
- 1) >> PAGE_SHIFT
);
206 args
.pages
[args
.npages
] = alloc_page(GFP_KERNEL
);
207 if (args
.pages
[args
.npages
] == NULL
)
210 } while (args
.npages
< npages
);
213 dprintk("NFS call setacl\n");
215 fattr
= nfs_alloc_fattr();
219 msg
.rpc_proc
= &server
->client_acl
->cl_procinfo
[ACLPROC3_SETACL
];
220 msg
.rpc_resp
= fattr
;
221 status
= rpc_call_sync(server
->client_acl
, &msg
, 0);
222 nfs_access_zap_cache(inode
);
223 nfs_zap_acl_cache(inode
);
224 dprintk("NFS reply setacl: %d\n", status
);
228 status
= nfs_refresh_inode(inode
, fattr
);
231 case -EPROTONOSUPPORT
:
232 dprintk("NFS_V3_ACL SETACL RPC not supported"
233 "(will not retry)\n");
234 server
->caps
&= ~NFS_CAP_ACLS
;
237 status
= -EOPNOTSUPP
;
239 nfs_free_fattr(fattr
);
241 while (args
.npages
!= 0) {
243 __free_page(args
.pages
[args
.npages
]);
249 int nfs3_proc_setacls(struct inode
*inode
, struct posix_acl
*acl
,
250 struct posix_acl
*dfacl
)
253 ret
= __nfs3_proc_setacls(inode
, acl
, dfacl
);
254 return (ret
== -EOPNOTSUPP
) ? 0 : ret
;
258 int nfs3_set_acl(struct user_namespace
*mnt_userns
, struct inode
*inode
,
259 struct posix_acl
*acl
, int type
)
261 struct posix_acl
*orig
= acl
, *dfacl
= NULL
, *alloc
;
264 if (S_ISDIR(inode
->i_mode
)) {
266 case ACL_TYPE_ACCESS
:
267 alloc
= get_acl(inode
, ACL_TYPE_DEFAULT
);
273 case ACL_TYPE_DEFAULT
:
274 alloc
= get_acl(inode
, ACL_TYPE_ACCESS
);
284 alloc
= posix_acl_from_mode(inode
->i_mode
, GFP_KERNEL
);
289 status
= __nfs3_proc_setacls(inode
, acl
, dfacl
);
292 posix_acl_release(acl
);
294 posix_acl_release(dfacl
);
298 status
= PTR_ERR(alloc
);
302 const struct xattr_handler
*nfs3_xattr_handlers
[] = {
303 &posix_acl_access_xattr_handler
,
304 &posix_acl_default_xattr_handler
,
309 nfs3_list_one_acl(struct inode
*inode
, int type
, const char *name
, void *data
,
310 size_t size
, ssize_t
*result
)
312 struct posix_acl
*acl
;
313 char *p
= data
+ *result
;
315 acl
= get_acl(inode
, type
);
316 if (IS_ERR_OR_NULL(acl
))
319 posix_acl_release(acl
);
321 *result
+= strlen(name
);
333 nfs3_listxattr(struct dentry
*dentry
, char *data
, size_t size
)
335 struct inode
*inode
= d_inode(dentry
);
339 error
= nfs3_list_one_acl(inode
, ACL_TYPE_ACCESS
,
340 XATTR_NAME_POSIX_ACL_ACCESS
, data
, size
, &result
);
344 error
= nfs3_list_one_acl(inode
, ACL_TYPE_DEFAULT
,
345 XATTR_NAME_POSIX_ACL_DEFAULT
, data
, size
, &result
);