#
c0cbe707 |
|
26-Jul-2022 |
NeilBrown <neilb@suse.de> |
NFSD: add posix ACLs to struct nfsd_attrs pacl and dpacl pointers are added to struct nfsd_attrs, which requires that we have an nfsd_attrs_free() function to free them. Those nfsv4 functions that can set ACLs now set up these pointers based on the passed in NFSv4 ACL. nfsd_setattr() sets the acls as appropriate. Errors are handled as with security labels. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
#
2b86e3aa |
|
28-Aug-2019 |
J. Bruce Fields <bfields@redhat.com> |
nfsd: eliminate an unnecessary acl size limit We're unnecessarily limiting the size of an ACL to less than what most filesystems will support. Some users do hit the limit and it's confusing and unnecessary. It still seems prudent to impose some limit on the number of ACEs the client gives us before passing it straight to kmalloc(). So, let's just limit it to the maximum number that would be possible given the amount of data left in the argument buffer. That will still leave one limit beyond whatever the filesystem imposes: the client and server negotiate a limit on the size of a request, which we have to respect. But we're no longer imposing any additional arbitrary limit. struct nfs4_ace is 20 bytes on my system and the maximum call size we'll negotiate is about a megabyte, so in practice this is limiting the allocation here to about a megabyte. Reported-by: "de Vandiere, Louis" <louis.devandiere@atos.net> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
bcaab953 |
|
24-Jun-2014 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: remove nfs4_acl_new This is a not-that-useful kmalloc wrapper. And I'd like one of the callers to actually use something other than kmalloc. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
ddd1ea56 |
|
27-Aug-2013 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: use xdr_reserve_space in attribute encoding This is a cosmetic change for now; no change in behavior. Note we're just depending on xdr_reserve_space to do the bounds checking for us, we're not really depending on its adjustment of iovec or xdr_buf lengths yet, as those are fixed up by as necessary after the fact by read-link operations and by nfs4svc_encode_compoundres. However we do have to update xdr->iov on read-like operations to prevent xdr_reserve_space from messing with the already-fixed-up length of the the head. When the attribute encoding fails partway through we have to undo the length adjustments made so far. We do it manually for now, but later patches will add an xdr_truncate_encode() helper to handle cases like this. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
d139977d |
|
11-Nov-2013 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: use more generous NFS4_ACL_MAX Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
4ac7249e |
|
20-Dec-2013 |
Christoph Hellwig <hch@infradead.org> |
nfsd: use get_acl and ->set_acl Remove the boilerplate code to marshall and unmarhall ACL objects into xattrs and operate on the posix_acl objects directly. Also move all the ACL handling code into nfs?acl.c where it belongs. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
#
3554116d |
|
08-Jan-2014 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: simplify xdr encoding of nfsv4 names We can simplify the idmapping code if it does its own encoding and returns nfs errors. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
6c1810e0 |
|
01-Feb-2013 |
Eric W. Biederman <ebiederm@xmission.com> |
nfsd: Remove declaration of nonexistent nfs4_acl_permisison Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
#
775a1905 |
|
04-Jan-2011 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: remove outdated pathname-comments Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
#
2ca72e17 |
|
04-Jan-2011 |
J. Bruce Fields <bfields@redhat.com> |
nfsd4: move idmap and acl header files into fs/nfsd These are internal nfsd interfaces. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|