Commit | Line | Data |
---|---|---|
a257cdd0 | 1 | /* |
f30c2269 | 2 | * linux/fs/nfsd/nfs2acl.c |
a257cdd0 AG |
3 | * |
4 | * Process version 2 NFSACL requests. | |
5 | * | |
6 | * Copyright (C) 2002-2003 Andreas Gruenbacher <agruen@suse.de> | |
7 | */ | |
8 | ||
9 | #include <linux/sunrpc/svc.h> | |
10 | #include <linux/nfs.h> | |
11 | #include <linux/nfsd/nfsd.h> | |
12 | #include <linux/nfsd/cache.h> | |
13 | #include <linux/nfsd/xdr.h> | |
14 | #include <linux/nfsd/xdr3.h> | |
15 | #include <linux/posix_acl.h> | |
16 | #include <linux/nfsacl.h> | |
0a3adade | 17 | #include "vfs.h" |
a257cdd0 AG |
18 | |
19 | #define NFSDDBG_FACILITY NFSDDBG_PROC | |
20 | #define RETURN_STATUS(st) { resp->status = (st); return (st); } | |
21 | ||
22 | /* | |
23 | * NULL call. | |
24 | */ | |
7111c66e | 25 | static __be32 |
a257cdd0 AG |
26 | nfsacld_proc_null(struct svc_rqst *rqstp, void *argp, void *resp) |
27 | { | |
28 | return nfs_ok; | |
29 | } | |
30 | ||
31 | /* | |
32 | * Get the Access and/or Default ACL of a file. | |
33 | */ | |
7111c66e | 34 | static __be32 nfsacld_proc_getacl(struct svc_rqst * rqstp, |
a257cdd0 AG |
35 | struct nfsd3_getaclargs *argp, struct nfsd3_getaclres *resp) |
36 | { | |
37 | svc_fh *fh; | |
38 | struct posix_acl *acl; | |
c4d987ba | 39 | __be32 nfserr = 0; |
a257cdd0 AG |
40 | |
41 | dprintk("nfsd: GETACL(2acl) %s\n", SVCFH_fmt(&argp->fh)); | |
42 | ||
43 | fh = fh_copy(&resp->fh, &argp->fh); | |
8837abca MS |
44 | nfserr = fh_verify(rqstp, &resp->fh, 0, NFSD_MAY_NOP); |
45 | if (nfserr) | |
ac8587dc | 46 | RETURN_STATUS(nfserr); |
a257cdd0 AG |
47 | |
48 | if (argp->mask & ~(NFS_ACL|NFS_ACLCNT|NFS_DFACL|NFS_DFACLCNT)) | |
49 | RETURN_STATUS(nfserr_inval); | |
50 | resp->mask = argp->mask; | |
51 | ||
52 | if (resp->mask & (NFS_ACL|NFS_ACLCNT)) { | |
53 | acl = nfsd_get_posix_acl(fh, ACL_TYPE_ACCESS); | |
54 | if (IS_ERR(acl)) { | |
55 | int err = PTR_ERR(acl); | |
56 | ||
57 | if (err == -ENODATA || err == -EOPNOTSUPP) | |
58 | acl = NULL; | |
59 | else { | |
60 | nfserr = nfserrno(err); | |
61 | goto fail; | |
62 | } | |
63 | } | |
64 | if (acl == NULL) { | |
65 | /* Solaris returns the inode's minimum ACL. */ | |
66 | ||
67 | struct inode *inode = fh->fh_dentry->d_inode; | |
68 | acl = posix_acl_from_mode(inode->i_mode, GFP_KERNEL); | |
69 | } | |
70 | resp->acl_access = acl; | |
71 | } | |
72 | if (resp->mask & (NFS_DFACL|NFS_DFACLCNT)) { | |
73 | /* Check how Solaris handles requests for the Default ACL | |
74 | of a non-directory! */ | |
75 | ||
76 | acl = nfsd_get_posix_acl(fh, ACL_TYPE_DEFAULT); | |
77 | if (IS_ERR(acl)) { | |
78 | int err = PTR_ERR(acl); | |
79 | ||
80 | if (err == -ENODATA || err == -EOPNOTSUPP) | |
81 | acl = NULL; | |
82 | else { | |
83 | nfserr = nfserrno(err); | |
84 | goto fail; | |
85 | } | |
86 | } | |
87 | resp->acl_default = acl; | |
88 | } | |
89 | ||
90 | /* resp->acl_{access,default} are released in nfssvc_release_getacl. */ | |
91 | RETURN_STATUS(0); | |
92 | ||
93 | fail: | |
94 | posix_acl_release(resp->acl_access); | |
95 | posix_acl_release(resp->acl_default); | |
96 | RETURN_STATUS(nfserr); | |
97 | } | |
98 | ||
99 | /* | |
100 | * Set the Access and/or Default ACL of a file. | |
101 | */ | |
7111c66e | 102 | static __be32 nfsacld_proc_setacl(struct svc_rqst * rqstp, |
a257cdd0 AG |
103 | struct nfsd3_setaclargs *argp, |
104 | struct nfsd_attrstat *resp) | |
105 | { | |
106 | svc_fh *fh; | |
c4d987ba | 107 | __be32 nfserr = 0; |
a257cdd0 AG |
108 | |
109 | dprintk("nfsd: SETACL(2acl) %s\n", SVCFH_fmt(&argp->fh)); | |
110 | ||
111 | fh = fh_copy(&resp->fh, &argp->fh); | |
8837abca | 112 | nfserr = fh_verify(rqstp, &resp->fh, 0, NFSD_MAY_SATTR); |
a257cdd0 AG |
113 | |
114 | if (!nfserr) { | |
115 | nfserr = nfserrno( nfsd_set_posix_acl( | |
116 | fh, ACL_TYPE_ACCESS, argp->acl_access) ); | |
117 | } | |
118 | if (!nfserr) { | |
119 | nfserr = nfserrno( nfsd_set_posix_acl( | |
120 | fh, ACL_TYPE_DEFAULT, argp->acl_default) ); | |
121 | } | |
122 | ||
123 | /* argp->acl_{access,default} may have been allocated in | |
124 | nfssvc_decode_setaclargs. */ | |
125 | posix_acl_release(argp->acl_access); | |
126 | posix_acl_release(argp->acl_default); | |
127 | return nfserr; | |
128 | } | |
129 | ||
130 | /* | |
131 | * Check file attributes | |
132 | */ | |
7111c66e | 133 | static __be32 nfsacld_proc_getattr(struct svc_rqst * rqstp, |
a257cdd0 AG |
134 | struct nfsd_fhandle *argp, struct nfsd_attrstat *resp) |
135 | { | |
136 | dprintk("nfsd: GETATTR %s\n", SVCFH_fmt(&argp->fh)); | |
137 | ||
138 | fh_copy(&resp->fh, &argp->fh); | |
8837abca | 139 | return fh_verify(rqstp, &resp->fh, 0, NFSD_MAY_NOP); |
a257cdd0 AG |
140 | } |
141 | ||
142 | /* | |
143 | * Check file access | |
144 | */ | |
7111c66e | 145 | static __be32 nfsacld_proc_access(struct svc_rqst *rqstp, struct nfsd3_accessargs *argp, |
a257cdd0 AG |
146 | struct nfsd3_accessres *resp) |
147 | { | |
c4d987ba | 148 | __be32 nfserr; |
a257cdd0 AG |
149 | |
150 | dprintk("nfsd: ACCESS(2acl) %s 0x%x\n", | |
151 | SVCFH_fmt(&argp->fh), | |
152 | argp->access); | |
153 | ||
154 | fh_copy(&resp->fh, &argp->fh); | |
155 | resp->access = argp->access; | |
156 | nfserr = nfsd_access(rqstp, &resp->fh, &resp->access, NULL); | |
157 | return nfserr; | |
158 | } | |
159 | ||
160 | /* | |
161 | * XDR decode functions | |
162 | */ | |
131a21c2 | 163 | static int nfsaclsvc_decode_getaclargs(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
164 | struct nfsd3_getaclargs *argp) |
165 | { | |
166 | if (!(p = nfs2svc_decode_fh(p, &argp->fh))) | |
167 | return 0; | |
168 | argp->mask = ntohl(*p); p++; | |
169 | ||
170 | return xdr_argsize_check(rqstp, p); | |
171 | } | |
172 | ||
173 | ||
131a21c2 | 174 | static int nfsaclsvc_decode_setaclargs(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
175 | struct nfsd3_setaclargs *argp) |
176 | { | |
177 | struct kvec *head = rqstp->rq_arg.head; | |
178 | unsigned int base; | |
179 | int n; | |
180 | ||
181 | if (!(p = nfs2svc_decode_fh(p, &argp->fh))) | |
182 | return 0; | |
183 | argp->mask = ntohl(*p++); | |
184 | if (argp->mask & ~(NFS_ACL|NFS_ACLCNT|NFS_DFACL|NFS_DFACLCNT) || | |
185 | !xdr_argsize_check(rqstp, p)) | |
186 | return 0; | |
187 | ||
188 | base = (char *)p - (char *)head->iov_base; | |
189 | n = nfsacl_decode(&rqstp->rq_arg, base, NULL, | |
190 | (argp->mask & NFS_ACL) ? | |
191 | &argp->acl_access : NULL); | |
192 | if (n > 0) | |
193 | n = nfsacl_decode(&rqstp->rq_arg, base + n, NULL, | |
194 | (argp->mask & NFS_DFACL) ? | |
195 | &argp->acl_default : NULL); | |
196 | return (n > 0); | |
197 | } | |
198 | ||
131a21c2 | 199 | static int nfsaclsvc_decode_fhandleargs(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
200 | struct nfsd_fhandle *argp) |
201 | { | |
202 | if (!(p = nfs2svc_decode_fh(p, &argp->fh))) | |
203 | return 0; | |
204 | return xdr_argsize_check(rqstp, p); | |
205 | } | |
206 | ||
131a21c2 | 207 | static int nfsaclsvc_decode_accessargs(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
208 | struct nfsd3_accessargs *argp) |
209 | { | |
210 | if (!(p = nfs2svc_decode_fh(p, &argp->fh))) | |
211 | return 0; | |
212 | argp->access = ntohl(*p++); | |
213 | ||
214 | return xdr_argsize_check(rqstp, p); | |
215 | } | |
216 | ||
217 | /* | |
218 | * XDR encode functions | |
219 | */ | |
220 | ||
1b7e0403 PS |
221 | /* |
222 | * There must be an encoding function for void results so svc_process | |
223 | * will work properly. | |
224 | */ | |
225 | int | |
226 | nfsaclsvc_encode_voidres(struct svc_rqst *rqstp, __be32 *p, void *dummy) | |
227 | { | |
228 | return xdr_ressize_check(rqstp, p); | |
229 | } | |
230 | ||
a257cdd0 | 231 | /* GETACL */ |
131a21c2 | 232 | static int nfsaclsvc_encode_getaclres(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
233 | struct nfsd3_getaclres *resp) |
234 | { | |
235 | struct dentry *dentry = resp->fh.fh_dentry; | |
aefa89d1 | 236 | struct inode *inode; |
a257cdd0 AG |
237 | struct kvec *head = rqstp->rq_res.head; |
238 | unsigned int base; | |
239 | int n; | |
cb65a5ba | 240 | int w; |
a257cdd0 | 241 | |
aefa89d1 P |
242 | /* |
243 | * Since this is version 2, the check for nfserr in | |
244 | * nfsd_dispatch actually ensures the following cannot happen. | |
245 | * However, it seems fragile to depend on that. | |
246 | */ | |
a257cdd0 AG |
247 | if (dentry == NULL || dentry->d_inode == NULL) |
248 | return 0; | |
249 | inode = dentry->d_inode; | |
250 | ||
251 | p = nfs2svc_encode_fattr(rqstp, p, &resp->fh); | |
252 | *p++ = htonl(resp->mask); | |
253 | if (!xdr_ressize_check(rqstp, p)) | |
254 | return 0; | |
255 | base = (char *)p - (char *)head->iov_base; | |
256 | ||
cb65a5ba JJ |
257 | rqstp->rq_res.page_len = w = nfsacl_size( |
258 | (resp->mask & NFS_ACL) ? resp->acl_access : NULL, | |
259 | (resp->mask & NFS_DFACL) ? resp->acl_default : NULL); | |
a257cdd0 | 260 | while (w > 0) { |
44524359 | 261 | if (!rqstp->rq_respages[rqstp->rq_resused++]) |
a257cdd0 AG |
262 | return 0; |
263 | w -= PAGE_SIZE; | |
264 | } | |
265 | ||
266 | n = nfsacl_encode(&rqstp->rq_res, base, inode, | |
267 | resp->acl_access, | |
268 | resp->mask & NFS_ACL, 0); | |
269 | if (n > 0) | |
270 | n = nfsacl_encode(&rqstp->rq_res, base + n, inode, | |
271 | resp->acl_default, | |
272 | resp->mask & NFS_DFACL, | |
273 | NFS_ACL_DEFAULT); | |
274 | if (n <= 0) | |
275 | return 0; | |
276 | return 1; | |
277 | } | |
278 | ||
131a21c2 | 279 | static int nfsaclsvc_encode_attrstatres(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
280 | struct nfsd_attrstat *resp) |
281 | { | |
282 | p = nfs2svc_encode_fattr(rqstp, p, &resp->fh); | |
283 | return xdr_ressize_check(rqstp, p); | |
284 | } | |
285 | ||
286 | /* ACCESS */ | |
131a21c2 | 287 | static int nfsaclsvc_encode_accessres(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
288 | struct nfsd3_accessres *resp) |
289 | { | |
290 | p = nfs2svc_encode_fattr(rqstp, p, &resp->fh); | |
291 | *p++ = htonl(resp->access); | |
292 | return xdr_ressize_check(rqstp, p); | |
293 | } | |
294 | ||
295 | /* | |
296 | * XDR release functions | |
297 | */ | |
131a21c2 | 298 | static int nfsaclsvc_release_getacl(struct svc_rqst *rqstp, __be32 *p, |
a257cdd0 AG |
299 | struct nfsd3_getaclres *resp) |
300 | { | |
301 | fh_put(&resp->fh); | |
302 | posix_acl_release(resp->acl_access); | |
303 | posix_acl_release(resp->acl_default); | |
304 | return 1; | |
305 | } | |
306 | ||
c9ce2283 GB |
307 | static int nfsaclsvc_release_attrstat(struct svc_rqst *rqstp, __be32 *p, |
308 | struct nfsd_attrstat *resp) | |
a257cdd0 AG |
309 | { |
310 | fh_put(&resp->fh); | |
311 | return 1; | |
312 | } | |
313 | ||
c9ce2283 GB |
314 | static int nfsaclsvc_release_access(struct svc_rqst *rqstp, __be32 *p, |
315 | struct nfsd3_accessres *resp) | |
316 | { | |
317 | fh_put(&resp->fh); | |
318 | return 1; | |
319 | } | |
320 | ||
a257cdd0 | 321 | #define nfsaclsvc_decode_voidargs NULL |
a257cdd0 AG |
322 | #define nfsaclsvc_release_void NULL |
323 | #define nfsd3_fhandleargs nfsd_fhandle | |
324 | #define nfsd3_attrstatres nfsd_attrstat | |
325 | #define nfsd3_voidres nfsd3_voidargs | |
326 | struct nfsd3_voidargs { int dummy; }; | |
327 | ||
328 | #define PROC(name, argt, rest, relt, cache, respsize) \ | |
329 | { (svc_procfunc) nfsacld_proc_##name, \ | |
330 | (kxdrproc_t) nfsaclsvc_decode_##argt##args, \ | |
331 | (kxdrproc_t) nfsaclsvc_encode_##rest##res, \ | |
332 | (kxdrproc_t) nfsaclsvc_release_##relt, \ | |
333 | sizeof(struct nfsd3_##argt##args), \ | |
334 | sizeof(struct nfsd3_##rest##res), \ | |
335 | 0, \ | |
336 | cache, \ | |
337 | respsize, \ | |
338 | } | |
339 | ||
340 | #define ST 1 /* status*/ | |
341 | #define AT 21 /* attributes */ | |
342 | #define pAT (1+AT) /* post attributes - conditional */ | |
343 | #define ACL (1+NFS_ACL_MAX_ENTRIES*3) /* Access Control List */ | |
344 | ||
345 | static struct svc_procedure nfsd_acl_procedures2[] = { | |
346 | PROC(null, void, void, void, RC_NOCACHE, ST), | |
347 | PROC(getacl, getacl, getacl, getacl, RC_NOCACHE, ST+1+2*(1+ACL)), | |
c9ce2283 GB |
348 | PROC(setacl, setacl, attrstat, attrstat, RC_NOCACHE, ST+AT), |
349 | PROC(getattr, fhandle, attrstat, attrstat, RC_NOCACHE, ST+AT), | |
350 | PROC(access, access, access, access, RC_NOCACHE, ST+AT+1), | |
a257cdd0 AG |
351 | }; |
352 | ||
353 | struct svc_version nfsd_acl_version2 = { | |
354 | .vs_vers = 2, | |
355 | .vs_nproc = 5, | |
356 | .vs_proc = nfsd_acl_procedures2, | |
357 | .vs_dispatch = nfsd_dispatch, | |
358 | .vs_xdrsize = NFS3_SVC_XDRSIZE, | |
1b7e0403 | 359 | .vs_hidden = 0, |
a257cdd0 | 360 | }; |