Re: [PATCH v13 20/51] ext4: Add richacl support
On Wed, Nov 4, 2015 at 3:13 AM, Andreas Dilger wrote: > Patch looks reasonable. One minor cleanup below that could be fixed when > the patch series is refreshed, and you can add: > > Reviewed-by: Andreas Dilger Okay, thank you. Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v13 20/51] ext4: Add richacl support
On Nov 3, 2015, at 8:16 AM, Andreas Gruenbacher wrote: > > From: "Aneesh Kumar K.V" > > Support the richacl permission model in ext4. The richacls are stored > in "system.richacl" xattrs. Richacls need to be enabled by tune2fs or > at file system create time. Patch looks reasonable. One minor cleanup below that could be fixed when the patch series is refreshed, and you can add: Reviewed-by: Andreas Dilger > > Signed-off-by: Aneesh Kumar K.V > Signed-off-by: Andreas Gruenbacher > --- > fs/ext4/Kconfig | 11 + > fs/ext4/Makefile | 1 + > fs/ext4/file.c| 3 ++ > fs/ext4/ialloc.c | 11 - > fs/ext4/inode.c | 12 - > fs/ext4/namei.c | 5 ++ > fs/ext4/richacl.c | 141 ++ > fs/ext4/richacl.h | 40 > fs/ext4/xattr.c | 7 +++ > 9 files changed, 228 insertions(+), 3 deletions(-) > create mode 100644 fs/ext4/richacl.c > create mode 100644 fs/ext4/richacl.h > > diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig > index b46e9fc..65c5230 100644 > --- a/fs/ext4/Kconfig > +++ b/fs/ext4/Kconfig > @@ -22,6 +22,17 @@ config EXT3_FS_POSIX_ACL > This config option is here only for backward compatibility. ext3 > filesystem is now handled by the ext4 driver. > > +config EXT4_FS_RICHACL > + bool "Ext4 Rich Access Control Lists (EXPERIMENTAL)" > + depends on EXT4_FS > + select FS_RICHACL > + help > + Richacls are an implementation of NFSv4 ACLs, extended by file masks > + to cleanly integrate into the POSIX file permission model. To learn > + more about them, see http://www.bestbits.at/richacl/. > + > + If you don't know what Richacls are, say N. > + > config EXT3_FS_SECURITY > bool "Ext3 Security Labels" > depends on EXT3_FS > diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile > index 75285ea..ea0d539 100644 > --- a/fs/ext4/Makefile > +++ b/fs/ext4/Makefile > @@ -14,3 +14,4 @@ ext4-$(CONFIG_EXT4_FS_POSIX_ACL)+= acl.o > ext4-$(CONFIG_EXT4_FS_SECURITY) += xattr_security.o > ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o crypto.o \ > crypto_key.o crypto_fname.o > +ext4-$(CONFIG_EXT4_FS_RICHACL) += richacl.o > diff --git a/fs/ext4/file.c b/fs/ext4/file.c > index 113837e..a03b4a5 100644 > --- a/fs/ext4/file.c > +++ b/fs/ext4/file.c > @@ -30,6 +30,7 @@ > #include "ext4_jbd2.h" > #include "xattr.h" > #include "acl.h" > +#include "richacl.h" > > /* > * Called when an inode is released. Note that this is different > @@ -719,6 +720,8 @@ const struct inode_operations ext4_file_inode_operations > = { > .removexattr= generic_removexattr, > .get_acl= ext4_get_acl, > .set_acl= ext4_set_acl, > + .get_richacl= ext4_get_richacl, > + .set_richacl= ext4_set_richacl, > .fiemap = ext4_fiemap, > }; > > diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c > index 619bfc1..9657b3a 100644 > --- a/fs/ext4/ialloc.c > +++ b/fs/ext4/ialloc.c > @@ -27,6 +27,7 @@ > #include "ext4_jbd2.h" > #include "xattr.h" > #include "acl.h" > +#include "richacl.h" > > #include > > @@ -697,6 +698,14 @@ out: > return ret; > } > > +static inline int > +ext4_new_acl(handle_t *handle, struct inode *inode, struct inode *dir) > +{ > + if (IS_RICHACL(dir)) > + return ext4_init_richacl(handle, inode, dir); > + return ext4_init_acl(handle, inode, dir); > +} > + > /* > * There are two policies for allocating an inode. If the new inode is > * a directory, then a forward search is made for a block group with both > @@ -1052,7 +1061,7 @@ got: > if (err) > goto fail_drop; > > - err = ext4_init_acl(handle, inode, dir); > + err = ext4_new_acl(handle, inode, dir); > if (err) > goto fail_free_drop; > > diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c > index 612fbcf..647f3c3 100644 > --- a/fs/ext4/inode.c > +++ b/fs/ext4/inode.c > @@ -42,6 +42,7 @@ > #include "xattr.h" > #include "acl.h" > #include "truncate.h" > +#include "richacl.h" > > #include > > @@ -4638,6 +4639,14 @@ static void ext4_wait_for_tail_page_commit(struct > inode *inode) > } > } > > +static inline int > +ext4_acl_chmod(struct inode *inode, umode_t mode) > +{ > + if (IS_RICHACL(inode)) > + return richacl_chmod(inode, inode->i_mode); > + return posix_acl_chmod(inode, inode->i_mode); > +} > + > /* > * ext4_setattr() > * > @@ -4806,8 +4815,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr > *attr) > ext4_orphan_del(NULL, inode); > > if (!rc && (ia_valid & ATTR_MODE)) > - rc = posix_acl_chmod(inode, inode->i_mode); > - > + rc = ext4_acl_chmod(inode, inode->i_mode); > err_out: > ext4_std_error(inode->i_sb, error); > if (!error) > diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c > index 9f61e76..9b6e8b9 100644 > --- a/fs/ext4/namei.c > +++ b/fs/ext4/namei.c > @@
[PATCH v13 20/51] ext4: Add richacl support
From: "Aneesh Kumar K.V" Support the richacl permission model in ext4. The richacls are stored in "system.richacl" xattrs. Richacls need to be enabled by tune2fs or at file system create time. Signed-off-by: Aneesh Kumar K.V Signed-off-by: Andreas Gruenbacher --- fs/ext4/Kconfig | 11 + fs/ext4/Makefile | 1 + fs/ext4/file.c| 3 ++ fs/ext4/ialloc.c | 11 - fs/ext4/inode.c | 12 - fs/ext4/namei.c | 5 ++ fs/ext4/richacl.c | 141 ++ fs/ext4/richacl.h | 40 fs/ext4/xattr.c | 7 +++ 9 files changed, 228 insertions(+), 3 deletions(-) create mode 100644 fs/ext4/richacl.c create mode 100644 fs/ext4/richacl.h diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig index b46e9fc..65c5230 100644 --- a/fs/ext4/Kconfig +++ b/fs/ext4/Kconfig @@ -22,6 +22,17 @@ config EXT3_FS_POSIX_ACL This config option is here only for backward compatibility. ext3 filesystem is now handled by the ext4 driver. +config EXT4_FS_RICHACL + bool "Ext4 Rich Access Control Lists (EXPERIMENTAL)" + depends on EXT4_FS + select FS_RICHACL + help + Richacls are an implementation of NFSv4 ACLs, extended by file masks + to cleanly integrate into the POSIX file permission model. To learn + more about them, see http://www.bestbits.at/richacl/. + + If you don't know what Richacls are, say N. + config EXT3_FS_SECURITY bool "Ext3 Security Labels" depends on EXT3_FS diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile index 75285ea..ea0d539 100644 --- a/fs/ext4/Makefile +++ b/fs/ext4/Makefile @@ -14,3 +14,4 @@ ext4-$(CONFIG_EXT4_FS_POSIX_ACL) += acl.o ext4-$(CONFIG_EXT4_FS_SECURITY)+= xattr_security.o ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o crypto.o \ crypto_key.o crypto_fname.o +ext4-$(CONFIG_EXT4_FS_RICHACL) += richacl.o diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 113837e..a03b4a5 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -30,6 +30,7 @@ #include "ext4_jbd2.h" #include "xattr.h" #include "acl.h" +#include "richacl.h" /* * Called when an inode is released. Note that this is different @@ -719,6 +720,8 @@ const struct inode_operations ext4_file_inode_operations = { .removexattr= generic_removexattr, .get_acl= ext4_get_acl, .set_acl= ext4_set_acl, + .get_richacl= ext4_get_richacl, + .set_richacl= ext4_set_richacl, .fiemap = ext4_fiemap, }; diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c index 619bfc1..9657b3a 100644 --- a/fs/ext4/ialloc.c +++ b/fs/ext4/ialloc.c @@ -27,6 +27,7 @@ #include "ext4_jbd2.h" #include "xattr.h" #include "acl.h" +#include "richacl.h" #include @@ -697,6 +698,14 @@ out: return ret; } +static inline int +ext4_new_acl(handle_t *handle, struct inode *inode, struct inode *dir) +{ + if (IS_RICHACL(dir)) + return ext4_init_richacl(handle, inode, dir); + return ext4_init_acl(handle, inode, dir); +} + /* * There are two policies for allocating an inode. If the new inode is * a directory, then a forward search is made for a block group with both @@ -1052,7 +1061,7 @@ got: if (err) goto fail_drop; - err = ext4_init_acl(handle, inode, dir); + err = ext4_new_acl(handle, inode, dir); if (err) goto fail_free_drop; diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 612fbcf..647f3c3 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -42,6 +42,7 @@ #include "xattr.h" #include "acl.h" #include "truncate.h" +#include "richacl.h" #include @@ -4638,6 +4639,14 @@ static void ext4_wait_for_tail_page_commit(struct inode *inode) } } +static inline int +ext4_acl_chmod(struct inode *inode, umode_t mode) +{ + if (IS_RICHACL(inode)) + return richacl_chmod(inode, inode->i_mode); + return posix_acl_chmod(inode, inode->i_mode); +} + /* * ext4_setattr() * @@ -4806,8 +4815,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr *attr) ext4_orphan_del(NULL, inode); if (!rc && (ia_valid & ATTR_MODE)) - rc = posix_acl_chmod(inode, inode->i_mode); - + rc = ext4_acl_chmod(inode, inode->i_mode); err_out: ext4_std_error(inode->i_sb, error); if (!error) diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 9f61e76..9b6e8b9 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -38,6 +38,7 @@ #include "xattr.h" #include "acl.h" +#include "richacl.h" #include /* @@ -3854,6 +3855,8 @@ const struct inode_operations ext4_dir_inode_operations = { .removexattr= generic_removexattr, .get_acl= ext4_get_acl, .set_acl= ext4_set_acl, + .get_richacl= ext4_get_richacl, + .set_richacl=
[PATCH v13 20/51] ext4: Add richacl support
From: "Aneesh Kumar K.V"Support the richacl permission model in ext4. The richacls are stored in "system.richacl" xattrs. Richacls need to be enabled by tune2fs or at file system create time. Signed-off-by: Aneesh Kumar K.V Signed-off-by: Andreas Gruenbacher --- fs/ext4/Kconfig | 11 + fs/ext4/Makefile | 1 + fs/ext4/file.c| 3 ++ fs/ext4/ialloc.c | 11 - fs/ext4/inode.c | 12 - fs/ext4/namei.c | 5 ++ fs/ext4/richacl.c | 141 ++ fs/ext4/richacl.h | 40 fs/ext4/xattr.c | 7 +++ 9 files changed, 228 insertions(+), 3 deletions(-) create mode 100644 fs/ext4/richacl.c create mode 100644 fs/ext4/richacl.h diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig index b46e9fc..65c5230 100644 --- a/fs/ext4/Kconfig +++ b/fs/ext4/Kconfig @@ -22,6 +22,17 @@ config EXT3_FS_POSIX_ACL This config option is here only for backward compatibility. ext3 filesystem is now handled by the ext4 driver. +config EXT4_FS_RICHACL + bool "Ext4 Rich Access Control Lists (EXPERIMENTAL)" + depends on EXT4_FS + select FS_RICHACL + help + Richacls are an implementation of NFSv4 ACLs, extended by file masks + to cleanly integrate into the POSIX file permission model. To learn + more about them, see http://www.bestbits.at/richacl/. + + If you don't know what Richacls are, say N. + config EXT3_FS_SECURITY bool "Ext3 Security Labels" depends on EXT3_FS diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile index 75285ea..ea0d539 100644 --- a/fs/ext4/Makefile +++ b/fs/ext4/Makefile @@ -14,3 +14,4 @@ ext4-$(CONFIG_EXT4_FS_POSIX_ACL) += acl.o ext4-$(CONFIG_EXT4_FS_SECURITY)+= xattr_security.o ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o crypto.o \ crypto_key.o crypto_fname.o +ext4-$(CONFIG_EXT4_FS_RICHACL) += richacl.o diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 113837e..a03b4a5 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -30,6 +30,7 @@ #include "ext4_jbd2.h" #include "xattr.h" #include "acl.h" +#include "richacl.h" /* * Called when an inode is released. Note that this is different @@ -719,6 +720,8 @@ const struct inode_operations ext4_file_inode_operations = { .removexattr= generic_removexattr, .get_acl= ext4_get_acl, .set_acl= ext4_set_acl, + .get_richacl= ext4_get_richacl, + .set_richacl= ext4_set_richacl, .fiemap = ext4_fiemap, }; diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c index 619bfc1..9657b3a 100644 --- a/fs/ext4/ialloc.c +++ b/fs/ext4/ialloc.c @@ -27,6 +27,7 @@ #include "ext4_jbd2.h" #include "xattr.h" #include "acl.h" +#include "richacl.h" #include @@ -697,6 +698,14 @@ out: return ret; } +static inline int +ext4_new_acl(handle_t *handle, struct inode *inode, struct inode *dir) +{ + if (IS_RICHACL(dir)) + return ext4_init_richacl(handle, inode, dir); + return ext4_init_acl(handle, inode, dir); +} + /* * There are two policies for allocating an inode. If the new inode is * a directory, then a forward search is made for a block group with both @@ -1052,7 +1061,7 @@ got: if (err) goto fail_drop; - err = ext4_init_acl(handle, inode, dir); + err = ext4_new_acl(handle, inode, dir); if (err) goto fail_free_drop; diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 612fbcf..647f3c3 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -42,6 +42,7 @@ #include "xattr.h" #include "acl.h" #include "truncate.h" +#include "richacl.h" #include @@ -4638,6 +4639,14 @@ static void ext4_wait_for_tail_page_commit(struct inode *inode) } } +static inline int +ext4_acl_chmod(struct inode *inode, umode_t mode) +{ + if (IS_RICHACL(inode)) + return richacl_chmod(inode, inode->i_mode); + return posix_acl_chmod(inode, inode->i_mode); +} + /* * ext4_setattr() * @@ -4806,8 +4815,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr *attr) ext4_orphan_del(NULL, inode); if (!rc && (ia_valid & ATTR_MODE)) - rc = posix_acl_chmod(inode, inode->i_mode); - + rc = ext4_acl_chmod(inode, inode->i_mode); err_out: ext4_std_error(inode->i_sb, error); if (!error) diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 9f61e76..9b6e8b9 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -38,6 +38,7 @@ #include "xattr.h" #include "acl.h" +#include "richacl.h" #include /* @@ -3854,6 +3855,8 @@ const struct inode_operations ext4_dir_inode_operations = { .removexattr= generic_removexattr, .get_acl= ext4_get_acl, .set_acl= ext4_set_acl,
Re: [PATCH v13 20/51] ext4: Add richacl support
On Wed, Nov 4, 2015 at 3:13 AM, Andreas Dilgerwrote: > Patch looks reasonable. One minor cleanup below that could be fixed when > the patch series is refreshed, and you can add: > > Reviewed-by: Andreas Dilger Okay, thank you. Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v13 20/51] ext4: Add richacl support
On Nov 3, 2015, at 8:16 AM, Andreas Gruenbacherwrote: > > From: "Aneesh Kumar K.V" > > Support the richacl permission model in ext4. The richacls are stored > in "system.richacl" xattrs. Richacls need to be enabled by tune2fs or > at file system create time. Patch looks reasonable. One minor cleanup below that could be fixed when the patch series is refreshed, and you can add: Reviewed-by: Andreas Dilger > > Signed-off-by: Aneesh Kumar K.V > Signed-off-by: Andreas Gruenbacher > --- > fs/ext4/Kconfig | 11 + > fs/ext4/Makefile | 1 + > fs/ext4/file.c| 3 ++ > fs/ext4/ialloc.c | 11 - > fs/ext4/inode.c | 12 - > fs/ext4/namei.c | 5 ++ > fs/ext4/richacl.c | 141 ++ > fs/ext4/richacl.h | 40 > fs/ext4/xattr.c | 7 +++ > 9 files changed, 228 insertions(+), 3 deletions(-) > create mode 100644 fs/ext4/richacl.c > create mode 100644 fs/ext4/richacl.h > > diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig > index b46e9fc..65c5230 100644 > --- a/fs/ext4/Kconfig > +++ b/fs/ext4/Kconfig > @@ -22,6 +22,17 @@ config EXT3_FS_POSIX_ACL > This config option is here only for backward compatibility. ext3 > filesystem is now handled by the ext4 driver. > > +config EXT4_FS_RICHACL > + bool "Ext4 Rich Access Control Lists (EXPERIMENTAL)" > + depends on EXT4_FS > + select FS_RICHACL > + help > + Richacls are an implementation of NFSv4 ACLs, extended by file masks > + to cleanly integrate into the POSIX file permission model. To learn > + more about them, see http://www.bestbits.at/richacl/. > + > + If you don't know what Richacls are, say N. > + > config EXT3_FS_SECURITY > bool "Ext3 Security Labels" > depends on EXT3_FS > diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile > index 75285ea..ea0d539 100644 > --- a/fs/ext4/Makefile > +++ b/fs/ext4/Makefile > @@ -14,3 +14,4 @@ ext4-$(CONFIG_EXT4_FS_POSIX_ACL)+= acl.o > ext4-$(CONFIG_EXT4_FS_SECURITY) += xattr_security.o > ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o crypto.o \ > crypto_key.o crypto_fname.o > +ext4-$(CONFIG_EXT4_FS_RICHACL) += richacl.o > diff --git a/fs/ext4/file.c b/fs/ext4/file.c > index 113837e..a03b4a5 100644 > --- a/fs/ext4/file.c > +++ b/fs/ext4/file.c > @@ -30,6 +30,7 @@ > #include "ext4_jbd2.h" > #include "xattr.h" > #include "acl.h" > +#include "richacl.h" > > /* > * Called when an inode is released. Note that this is different > @@ -719,6 +720,8 @@ const struct inode_operations ext4_file_inode_operations > = { > .removexattr= generic_removexattr, > .get_acl= ext4_get_acl, > .set_acl= ext4_set_acl, > + .get_richacl= ext4_get_richacl, > + .set_richacl= ext4_set_richacl, > .fiemap = ext4_fiemap, > }; > > diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c > index 619bfc1..9657b3a 100644 > --- a/fs/ext4/ialloc.c > +++ b/fs/ext4/ialloc.c > @@ -27,6 +27,7 @@ > #include "ext4_jbd2.h" > #include "xattr.h" > #include "acl.h" > +#include "richacl.h" > > #include > > @@ -697,6 +698,14 @@ out: > return ret; > } > > +static inline int > +ext4_new_acl(handle_t *handle, struct inode *inode, struct inode *dir) > +{ > + if (IS_RICHACL(dir)) > + return ext4_init_richacl(handle, inode, dir); > + return ext4_init_acl(handle, inode, dir); > +} > + > /* > * There are two policies for allocating an inode. If the new inode is > * a directory, then a forward search is made for a block group with both > @@ -1052,7 +1061,7 @@ got: > if (err) > goto fail_drop; > > - err = ext4_init_acl(handle, inode, dir); > + err = ext4_new_acl(handle, inode, dir); > if (err) > goto fail_free_drop; > > diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c > index 612fbcf..647f3c3 100644 > --- a/fs/ext4/inode.c > +++ b/fs/ext4/inode.c > @@ -42,6 +42,7 @@ > #include "xattr.h" > #include "acl.h" > #include "truncate.h" > +#include "richacl.h" > > #include > > @@ -4638,6 +4639,14 @@ static void ext4_wait_for_tail_page_commit(struct > inode *inode) > } > } > > +static inline int > +ext4_acl_chmod(struct inode *inode, umode_t mode) > +{ > + if (IS_RICHACL(inode)) > + return richacl_chmod(inode, inode->i_mode); > + return posix_acl_chmod(inode, inode->i_mode); > +} > + > /* > * ext4_setattr() > * > @@ -4806,8 +4815,7 @@ int ext4_setattr(struct dentry *dentry, struct iattr > *attr) > ext4_orphan_del(NULL, inode); > > if (!rc && (ia_valid & ATTR_MODE)) > - rc = posix_acl_chmod(inode, inode->i_mode); > - > + rc = ext4_acl_chmod(inode, inode->i_mode); > err_out: > ext4_std_error(inode->i_sb, error); > if (!error) > diff