system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-09-28 23:41:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/fs
History
J.Bruce Fields 09229edb68 [PATCH] knfsd: nfsd4: acls: relax the nfsv4->posix mapping 
Use a different nfsv4->(draft posix) acl mapping which is
	1. completely backwards compatible,
	2. accepts any nfsv4 acl, and
	3. errs on the side of restricting permissions.

In detail:

	1. completely backwards compatible: The new mapping produces the
	same result on any acl produced by the existing (draft
	posix)->nfsv4 mapping; the one exception is that we no longer
	attempt to guess the value of the mask by assuming certain denies
	represent the mask.  Since the server still keeps track of the mask
	locally, sequences of chmod's will still be handled fine; the only
	thing this will change is sequences of chmod's with intervening
	read-modify-writes of the acl.  That last case just isn't worth the
	trouble and the possible misrepresentations of the user's intent
	(if we guess that a certain deny indicates masking is in effect
	when it really isn't).

	2. accepts any nfsv4 acl: That's not quite true: we still reject
	acls that use combinations of inheritance flags that we don't
	support.  We also reject acls that attempt to explicitly deny
	read_acl or read_attributes permissions, or that attempt to deny
	write_acl or write_attributes permissions to the owner of the file.

	3.  errs on the side of restricting permissions: one exception to
	this last rule: we totally ignore some bits (write_owner,
	synchronize, read_named_attributes, etc.) that are completely alien
	to our filesystem semantics, in some cases even if that would mean
	ignoring an explicit deny that we have no intention of enforcing.
	Excepting that, the posix acl produced should be the most
	permissive acl that is not more permissive than the given nfsv4
	acl.

And the new code's shorter, too.  Neato.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-04 07:55:20 -07:00
..
9p [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
adfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
affs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
afs [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
autofs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
autofs4 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
befs fix file specification in comments 2006-10-03 23:01:26 +02:00
bfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
cifs Still more typo fixes 2006-10-03 22:36:44 +02:00
coda [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
configfs [PATCH] pr_debug: configfs: use size_t length modifier in pr_debug format argument 2006-10-03 08:04:19 -07:00
cramfs [PATCH] cramfs: make cramfs_uncompress_exit() return void 2006-09-29 09:18:20 -07:00
debugfs debugfs: spelling fix 2006-10-03 23:28:36 +02:00
devpts [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
efs [PATCH] Really ignore kmem_cache_destroy return value 2006-09-27 08:26:10 -07:00
exportfs [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
ext2 [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
ext3 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
fat [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
freevxfs [PATCH] freevxfs: fix leak on error path 2006-09-29 09:18:20 -07:00
fuse [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hfsplus fix file specification in comments 2006-10-03 23:01:26 +02:00
hostfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
hpfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hppfs [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
hugetlbfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
isofs [PATCH] I/O Error attempting to read last partial block of a file in an ISO9660 file system 2006-09-29 09:18:15 -07:00
jbd fix file specification in comments 2006-10-03 23:01:26 +02:00
jffs [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
jffs2 [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
jfs JFS: White space cleanup 2006-10-02 09:55:27 -05:00
lockd [PATCH] Convert lockd to use the newer mutex instead of the older semaphore 2006-10-04 07:55:19 -07:00
minix [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
msdos [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ncpfs [PATCH] Move ncpfs 32bit compat ioctl to ncpfs 2006-10-01 00:39:23 -07:00
nfs [PATCH] namespaces: utsname: switch to using uts namespaces 2006-10-02 07:57:21 -07:00
nfs_common
nfsd [PATCH] knfsd: nfsd4: acls: relax the nfsv4->posix mapping 2006-10-04 07:55:20 -07:00
nls fix file specification in comments 2006-10-03 23:01:26 +02:00
ntfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
ocfs2 [PATCH] r/o bind mounts: clean up OCFS2 nlink handling 2006-10-01 00:39:30 -07:00
openpromfs Move several *_SUPER_MAGIC symbols to include/linux/magic.h. 2006-09-24 11:13:19 -04:00
partitions [PATCH] fs/partitions: Conversion to generic boolean 2006-10-01 00:39:19 -07:00
proc [PATCH] introduce get_task_pid() to fix unsafe get_pid() 2006-10-02 07:57:25 -07:00
qnx4 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ramfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
reiserfs [PATCH] Remove unnecessary check in fs/reiserfs/inode.c 2006-10-04 07:55:14 -07:00
romfs [PATCH] Really ignore kmem_cache_destroy return value 2006-09-27 08:26:10 -07:00
smbfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
sysfs [PATCH] pr_debug: sysfs: use size_t length modifier in pr_debug format arguments 2006-10-03 08:04:19 -07:00
sysv [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
udf [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ufs [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
vfat [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
xfs BUG_ON conversion for fs/xfs/ 2006-10-03 23:37:55 +02:00
aio.c [PATCH] pr_debug: aio: use size_t length modifier in pr_debug format arguments 2006-10-03 08:04:19 -07:00
attr.c [PATCH] capable/capability.h (fs/) 2006-01-11 18:42:13 -08:00
bad_inode.c [PATCH] Remove readv/writev methods and use aio_read/aio_write instead 2006-10-01 00:39:28 -07:00
binfmt_aout.c [PATCH] Require mmap handler for a.out executables 2006-09-29 09:18:08 -07:00
binfmt_elf.c [PATCH] Support piping into commands in /proc/sys/kernel/core_pattern 2006-10-01 00:39:33 -07:00
binfmt_elf_fdpic.c [PATCH] elf_fdpic_core_dump: don't take tasklist_lock 2006-09-29 09:18:14 -07:00
binfmt_em86.c
binfmt_flat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
binfmt_misc.c [PATCH] Fix unserialized task->files changing 2006-09-29 09:18:12 -07:00
binfmt_script.c
binfmt_som.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
bio.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
block_dev.c [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
buffer.c [PATCH] BLOCK: Move functions out of buffer code [try #6] 2006-09-30 20:31:19 +02:00
char_dev.c [PATCH] BLOCK: Move extern declarations out of fs/*.c into header files [try #6] 2006-09-30 20:52:18 +02:00
compat.c [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
compat_ioctl.c [PATCH] Move ncpfs 32bit compat ioctl to ncpfs 2006-10-01 00:39:23 -07:00
dcache.c [PATCH] BLOCK: Move extern declarations out of fs/*.c into header files [try #6] 2006-09-30 20:52:18 +02:00
dcookies.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
direct-io.c [PATCH] lockdep: annotate direct io 2006-07-03 15:27:06 -07:00
dnotify.c [PATCH] file: modify struct fown_struct to use a struct pid 2006-10-02 07:57:14 -07:00
dquot.c [PATCH] dquot: add proper locking when using current->signal->tty 2006-09-29 09:18:14 -07:00
drop_caches.c
eventpoll.c [PATCH] fs/eventpoll: error handling micro-cleanup 2006-10-03 08:03:41 -07:00
exec.c [PATCH] namespaces: utsname: switch to using uts namespaces 2006-10-02 07:57:21 -07:00
fcntl.c [PATCH] file: Add locking to f_getown 2006-10-02 07:57:15 -07:00
fifo.c [PATCH] pipe.c/fifo.c code cleanups 2006-04-11 13:53:33 +02:00
file.c [PATCH] expand_fdtable(): remove pointless unlock+lock 2006-09-29 09:18:25 -07:00
file_table.c [PATCH] file: modify struct fown_struct to use a struct pid 2006-10-02 07:57:14 -07:00
filesystems.c [PATCH] Ban register_filesystem(NULL); 2006-09-29 09:18:20 -07:00
fs-writeback.c [PATCH] BLOCK: Remove dependence on existence of blockdev_superblock [try #6] 2006-09-30 20:52:26 +02:00
generic_acl.c [PATCH] Generic infrastructure for acls 2006-09-29 09:18:24 -07:00
inode.c [PATCH] fs/inode.c tweaks 2006-10-02 07:57:14 -07:00
inotify.c [PATCH] inotify (4/5): allow watch removal from event handler 2006-06-20 05:25:19 -04:00
inotify_user.c [PATCH] inotify: fix deadlock found by lockdep 2006-07-31 13:28:41 -07:00
internal.h [PATCH] CONFIG_BLOCK internal.h cleanups 2006-09-30 20:52:32 +02:00
ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ioprio.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
Kconfig Still more typo fixes 2006-10-03 22:36:44 +02:00
Kconfig.binfmt
libfs.c [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
locks.c [PATCH] file: modify struct fown_struct to use a struct pid 2006-10-02 07:57:14 -07:00
Makefile [PATCH] Create fs/utimes.c 2006-10-01 00:39:19 -07:00
mbcache.c [PATCH] mbcache: add lock annotation for __mb_cache_entry_release_unlock() 2006-09-29 09:18:07 -07:00
mpage.c [PATCH] BLOCK: Dissociate generic_writepages() from mpage stuff [try #6] 2006-09-30 20:52:26 +02:00
namei.c [PATCH] r/o bind mount prepwork: move open_namei()'s vfs_create() 2006-10-01 00:39:30 -07:00
namespace.c [PATCH] namespaces: incorporate fs namespace into nsproxy 2006-10-02 07:57:20 -07:00
nfsctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
no-block.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
open.c [PATCH] r/o bind mounts: prepare for write access checks: collapse if() 2006-10-01 00:39:30 -07:00
pipe.c [PATCH] Some cleanup in the pipe code 2006-10-01 00:39:33 -07:00
pnode.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
pnode.h
posix_acl.c [PATCH] kmemdup: some users 2006-10-01 00:39:19 -07:00
quota.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
quota_v1.c
quota_v2.c [PATCH] sem2mutex: quota 2006-03-23 07:38:11 -08:00
read_write.c [PATCH] Add vector AIO support 2006-10-01 00:39:29 -07:00
read_write.h [PATCH] Remove readv/writev methods and use aio_read/aio_write instead 2006-10-01 00:39:28 -07:00
readdir.c [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
select.c [PATCH] enforce RLIMIT_NOFILE in poll() 2006-09-29 09:18:23 -07:00
seq_file.c [PATCH] sem2mutex: fs/seq_file.c 2006-03-23 07:38:12 -08:00
splice.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
stat.c [PATCH] VFS: Make filldir_t and struct kstat deal in 64-bit inode numbers 2006-10-03 08:03:40 -07:00
super.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
sync.c [PATCH] BLOCK: Move functions out of buffer code [try #6] 2006-09-30 20:31:19 +02:00
utimes.c [PATCH] Create fs/utimes.c 2006-10-01 00:39:19 -07:00
xattr.c [PATCH] log more info for directory entry change events 2006-06-20 05:25:28 -04:00
xattr_acl.c