Changeset View
Changeset View
Standalone View
Standalone View
sys/ufs/ufs/ufs_acl.c
Show First 20 Lines • Show All 133 Lines • ▼ Show 20 Lines | |||||
/* | /* | ||||
* Calculate what the inode mode should look like based on an authoritative | * Calculate what the inode mode should look like based on an authoritative | ||||
* ACL for the inode. Replace only the fields in the inode that the ACL | * ACL for the inode. Replace only the fields in the inode that the ACL | ||||
* can represent. | * can represent. | ||||
*/ | */ | ||||
void | void | ||||
ufs_sync_inode_from_acl(struct acl *acl, struct inode *ip) | ufs_sync_inode_from_acl(struct acl *acl, struct inode *ip) | ||||
{ | { | ||||
int newmode; | |||||
ip->i_mode &= ACL_PRESERVE_MASK; | newmode = ip->i_mode & ACL_PRESERVE_MASK; | ||||
ip->i_mode |= acl_posix1e_acl_to_mode(acl); | newmode |= acl_posix1e_acl_to_mode(acl); | ||||
UFS_INODE_SET_MODE(ip, newmode); | |||||
DIP_SET(ip, i_mode, ip->i_mode); | DIP_SET(ip, i_mode, ip->i_mode); | ||||
} | } | ||||
/* | /* | ||||
* Retrieve NFSv4 ACL, skipping access checks. Must be used in UFS code | * Retrieve NFSv4 ACL, skipping access checks. Must be used in UFS code | ||||
* instead of VOP_GETACL() when we don't want to be restricted by the user | * instead of VOP_GETACL() when we don't want to be restricted by the user | ||||
* not having ACL_READ_ACL permission, e.g. when calculating inherited ACL | * not having ACL_READ_ACL permission, e.g. when calculating inherited ACL | ||||
* or in ufs_vnops.c:ufs_accessx(). | * or in ufs_vnops.c:ufs_accessx(). | ||||
▲ Show 20 Lines • Show All 223 Lines • ▼ Show 20 Lines | |||||
* e.g. by the UFS code that implements ACL inheritance, or from | * e.g. by the UFS code that implements ACL inheritance, or from | ||||
* ufs_vnops.c:ufs_chmod(), as some of the checks have to be skipped | * ufs_vnops.c:ufs_chmod(), as some of the checks have to be skipped | ||||
* in that case, and others are redundant. | * in that case, and others are redundant. | ||||
*/ | */ | ||||
int | int | ||||
ufs_setacl_nfs4_internal(struct vnode *vp, struct acl *aclp, struct thread *td) | ufs_setacl_nfs4_internal(struct vnode *vp, struct acl *aclp, struct thread *td) | ||||
{ | { | ||||
int error; | int error; | ||||
mode_t mode; | mode_t mode, newmode; | ||||
struct inode *ip = VTOI(vp); | struct inode *ip = VTOI(vp); | ||||
KASSERT(acl_nfs4_check(aclp, vp->v_type == VDIR) == 0, | KASSERT(acl_nfs4_check(aclp, vp->v_type == VDIR) == 0, | ||||
("invalid ACL passed to ufs_setacl_nfs4_internal")); | ("invalid ACL passed to ufs_setacl_nfs4_internal")); | ||||
if (acl_nfs4_is_trivial(aclp, ip->i_uid)) { | if (acl_nfs4_is_trivial(aclp, ip->i_uid)) { | ||||
error = vn_extattr_rm(vp, IO_NODELOCKED, | error = vn_extattr_rm(vp, IO_NODELOCKED, | ||||
NFS4_ACL_EXTATTR_NAMESPACE, NFS4_ACL_EXTATTR_NAME, td); | NFS4_ACL_EXTATTR_NAMESPACE, NFS4_ACL_EXTATTR_NAME, td); | ||||
Show All 20 Lines | ufs_setacl_nfs4_internal(struct vnode *vp, struct acl *aclp, struct thread *td) | ||||
if (error) | if (error) | ||||
return (error); | return (error); | ||||
mode = ip->i_mode; | mode = ip->i_mode; | ||||
acl_nfs4_sync_mode_from_acl(&mode, aclp); | acl_nfs4_sync_mode_from_acl(&mode, aclp); | ||||
ip->i_mode &= ACL_PRESERVE_MASK; | newmode = ip->i_mode & ACL_PRESERVE_MASK; | ||||
ip->i_mode |= mode; | newmode |= mode; | ||||
UFS_INODE_SET_MODE(ip, newmode); | |||||
DIP_SET(ip, i_mode, ip->i_mode); | DIP_SET(ip, i_mode, ip->i_mode); | ||||
UFS_INODE_SET_FLAG(ip, IN_CHANGE); | UFS_INODE_SET_FLAG(ip, IN_CHANGE); | ||||
VN_KNOTE_UNLOCKED(vp, NOTE_ATTRIB); | VN_KNOTE_UNLOCKED(vp, NOTE_ATTRIB); | ||||
error = UFS_UPDATE(vp, 0); | error = UFS_UPDATE(vp, 0); | ||||
return (error); | return (error); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 270 Lines • Show Last 20 Lines |