| author | marks |
| Mon, 14 Jan 2008 08:49:26 -0800 | |
| changeset 5824 | 1d2d522d19b5 |
| parent 5771 | 7ba3a2c57d6a |
| child 5959 | 1e1904b8526d |
| permissions | -rw-r--r-- |
| 789 | 1 |
/* |
2 |
* CDDL HEADER START |
|
3 |
* |
|
4 |
* The contents of this file are subject to the terms of the |
|
| 1544 | 5 |
* Common Development and Distribution License (the "License"). |
6 |
* You may not use this file except in compliance with the License. |
|
| 789 | 7 |
* |
8 |
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
9 |
* or http://www.opensolaris.org/os/licensing. |
|
10 |
* See the License for the specific language governing permissions |
|
11 |
* and limitations under the License. |
|
12 |
* |
|
13 |
* When distributing Covered Code, include this CDDL HEADER in each |
|
14 |
* file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
15 |
* If applicable, add the following below this CDDL HEADER, with the |
|
16 |
* fields enclosed by brackets "[]" replaced with your own identifying |
|
17 |
* information: Portions Copyright [yyyy] [name of copyright owner] |
|
18 |
* |
|
19 |
* CDDL HEADER END |
|
20 |
*/ |
|
21 |
/* |
|
| 5762 | 22 |
* Copyright 2008 Sun Microsystems, Inc. All rights reserved. |
| 789 | 23 |
* Use is subject to license terms. |
24 |
*/ |
|
25 |
||
26 |
#pragma ident "%Z%%M% %I% %E% SMI" |
|
27 |
||
28 |
#include <sys/types.h> |
|
29 |
#include <sys/param.h> |
|
30 |
#include <sys/time.h> |
|
31 |
#include <sys/systm.h> |
|
32 |
#include <sys/sysmacros.h> |
|
33 |
#include <sys/resource.h> |
|
34 |
#include <sys/vfs.h> |
|
35 |
#include <sys/vnode.h> |
|
| 5331 | 36 |
#include <sys/sid.h> |
| 789 | 37 |
#include <sys/file.h> |
38 |
#include <sys/stat.h> |
|
39 |
#include <sys/kmem.h> |
|
40 |
#include <sys/cmn_err.h> |
|
41 |
#include <sys/errno.h> |
|
42 |
#include <sys/unistd.h> |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
43 |
#include <sys/sdt.h> |
| 789 | 44 |
#include <sys/fs/zfs.h> |
45 |
#include <sys/mode.h> |
|
46 |
#include <sys/policy.h> |
|
47 |
#include <sys/zfs_znode.h> |
|
| 5331 | 48 |
#include <sys/zfs_fuid.h> |
| 789 | 49 |
#include <sys/zfs_acl.h> |
50 |
#include <sys/zfs_dir.h> |
|
51 |
#include <sys/zfs_vfsops.h> |
|
52 |
#include <sys/dmu.h> |
|
| 5331 | 53 |
#include <sys/dnode.h> |
| 789 | 54 |
#include <sys/zap.h> |
55 |
#include "fs/fs_subr.h" |
|
56 |
#include <acl/acl_common.h> |
|
57 |
||
58 |
#define ALLOW ACE_ACCESS_ALLOWED_ACE_TYPE |
|
59 |
#define DENY ACE_ACCESS_DENIED_ACE_TYPE |
|
| 5331 | 60 |
#define MAX_ACE_TYPE ACE_SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE |
| 789 | 61 |
|
62 |
#define OWNING_GROUP (ACE_GROUP|ACE_IDENTIFIER_GROUP) |
|
63 |
#define EVERYONE_ALLOW_MASK (ACE_READ_ACL|ACE_READ_ATTRIBUTES | \ |
|
64 |
ACE_READ_NAMED_ATTRS|ACE_SYNCHRONIZE) |
|
65 |
#define EVERYONE_DENY_MASK (ACE_WRITE_ACL|ACE_WRITE_OWNER | \ |
|
66 |
ACE_WRITE_ATTRIBUTES|ACE_WRITE_NAMED_ATTRS) |
|
67 |
#define OWNER_ALLOW_MASK (ACE_WRITE_ACL | ACE_WRITE_OWNER | \ |
|
68 |
ACE_WRITE_ATTRIBUTES|ACE_WRITE_NAMED_ATTRS) |
|
| 5331 | 69 |
#define WRITE_MASK_DATA (ACE_WRITE_DATA|ACE_APPEND_DATA|ACE_WRITE_NAMED_ATTRS) |
70 |
||
71 |
#define ZFS_CHECKED_MASKS (ACE_READ_ACL|ACE_READ_ATTRIBUTES|ACE_READ_DATA| \ |
|
72 |
ACE_READ_NAMED_ATTRS|ACE_WRITE_DATA|ACE_WRITE_ATTRIBUTES| \ |
|
73 |
ACE_WRITE_NAMED_ATTRS|ACE_APPEND_DATA|ACE_EXECUTE|ACE_WRITE_OWNER| \ |
|
74 |
ACE_WRITE_ACL|ACE_DELETE|ACE_DELETE_CHILD|ACE_SYNCHRONIZE) |
|
75 |
||
76 |
#define WRITE_MASK (WRITE_MASK_DATA|ACE_WRITE_ATTRIBUTES|ACE_WRITE_ACL|\ |
|
77 |
ACE_WRITE_OWNER) |
|
| 789 | 78 |
|
79 |
#define OGE_CLEAR (ACE_READ_DATA|ACE_LIST_DIRECTORY|ACE_WRITE_DATA| \ |
|
80 |
ACE_ADD_FILE|ACE_APPEND_DATA|ACE_ADD_SUBDIRECTORY|ACE_EXECUTE) |
|
81 |
||
82 |
#define OKAY_MASK_BITS (ACE_READ_DATA|ACE_LIST_DIRECTORY|ACE_WRITE_DATA| \ |
|
83 |
ACE_ADD_FILE|ACE_APPEND_DATA|ACE_ADD_SUBDIRECTORY|ACE_EXECUTE) |
|
84 |
||
85 |
#define ALL_INHERIT (ACE_FILE_INHERIT_ACE|ACE_DIRECTORY_INHERIT_ACE | \ |
|
| 5331 | 86 |
ACE_NO_PROPAGATE_INHERIT_ACE|ACE_INHERIT_ONLY_ACE|ACE_INHERITED_ACE) |
| 789 | 87 |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
88 |
#define SECURE_CLEAR (ACE_WRITE_ACL|ACE_WRITE_OWNER) |
| 789 | 89 |
|
| 5331 | 90 |
#define V4_ACL_WIDE_FLAGS (ZFS_ACL_AUTO_INHERIT|ZFS_ACL_DEFAULTED|\ |
91 |
ZFS_ACL_PROTECTED) |
|
92 |
||
93 |
#define ZFS_ACL_WIDE_FLAGS (V4_ACL_WIDE_FLAGS|ZFS_ACL_TRIVIAL|ZFS_INHERIT_ACE|\ |
|
94 |
ZFS_ACL_OBJ_ACE) |
|
95 |
||
96 |
static uint16_t |
|
97 |
zfs_ace_v0_get_type(void *acep) |
|
98 |
{
|
|
99 |
return (((zfs_oldace_t *)acep)->z_type); |
|
100 |
} |
|
101 |
||
102 |
static uint16_t |
|
103 |
zfs_ace_v0_get_flags(void *acep) |
|
104 |
{
|
|
105 |
return (((zfs_oldace_t *)acep)->z_flags); |
|
106 |
} |
|
107 |
||
108 |
static uint32_t |
|
109 |
zfs_ace_v0_get_mask(void *acep) |
|
110 |
{
|
|
111 |
return (((zfs_oldace_t *)acep)->z_access_mask); |
|
112 |
} |
|
113 |
||
114 |
static uint64_t |
|
115 |
zfs_ace_v0_get_who(void *acep) |
|
116 |
{
|
|
117 |
return (((zfs_oldace_t *)acep)->z_fuid); |
|
118 |
} |
|
119 |
||
120 |
static void |
|
121 |
zfs_ace_v0_set_type(void *acep, uint16_t type) |
|
122 |
{
|
|
123 |
((zfs_oldace_t *)acep)->z_type = type; |
|
124 |
} |
|
125 |
||
126 |
static void |
|
127 |
zfs_ace_v0_set_flags(void *acep, uint16_t flags) |
|
128 |
{
|
|
129 |
((zfs_oldace_t *)acep)->z_flags = flags; |
|
130 |
} |
|
131 |
||
132 |
static void |
|
133 |
zfs_ace_v0_set_mask(void *acep, uint32_t mask) |
|
134 |
{
|
|
135 |
((zfs_oldace_t *)acep)->z_access_mask = mask; |
|
136 |
} |
|
137 |
||
138 |
static void |
|
139 |
zfs_ace_v0_set_who(void *acep, uint64_t who) |
|
140 |
{
|
|
141 |
((zfs_oldace_t *)acep)->z_fuid = who; |
|
142 |
} |
|
143 |
||
144 |
/*ARGSUSED*/ |
|
145 |
static size_t |
|
146 |
zfs_ace_v0_size(void *acep) |
|
147 |
{
|
|
148 |
return (sizeof (zfs_oldace_t)); |
|
149 |
} |
|
150 |
||
151 |
static size_t |
|
152 |
zfs_ace_v0_abstract_size(void) |
|
153 |
{
|
|
154 |
return (sizeof (zfs_oldace_t)); |
|
155 |
} |
|
156 |
||
157 |
static int |
|
158 |
zfs_ace_v0_mask_off(void) |
|
159 |
{
|
|
160 |
return (offsetof(zfs_oldace_t, z_access_mask)); |
|
161 |
} |
|
162 |
||
163 |
/*ARGSUSED*/ |
|
164 |
static int |
|
165 |
zfs_ace_v0_data(void *acep, void **datap) |
|
166 |
{
|
|
167 |
*datap = NULL; |
|
168 |
return (0); |
|
169 |
} |
|
170 |
||
171 |
static acl_ops_t zfs_acl_v0_ops = {
|
|
172 |
zfs_ace_v0_get_mask, |
|
173 |
zfs_ace_v0_set_mask, |
|
174 |
zfs_ace_v0_get_flags, |
|
175 |
zfs_ace_v0_set_flags, |
|
176 |
zfs_ace_v0_get_type, |
|
177 |
zfs_ace_v0_set_type, |
|
178 |
zfs_ace_v0_get_who, |
|
179 |
zfs_ace_v0_set_who, |
|
180 |
zfs_ace_v0_size, |
|
181 |
zfs_ace_v0_abstract_size, |
|
182 |
zfs_ace_v0_mask_off, |
|
183 |
zfs_ace_v0_data |
|
184 |
}; |
|
185 |
||
186 |
static uint16_t |
|
187 |
zfs_ace_fuid_get_type(void *acep) |
|
188 |
{
|
|
189 |
return (((zfs_ace_hdr_t *)acep)->z_type); |
|
190 |
} |
|
191 |
||
192 |
static uint16_t |
|
193 |
zfs_ace_fuid_get_flags(void *acep) |
|
194 |
{
|
|
195 |
return (((zfs_ace_hdr_t *)acep)->z_flags); |
|
196 |
} |
|
197 |
||
198 |
static uint32_t |
|
199 |
zfs_ace_fuid_get_mask(void *acep) |
|
200 |
{
|
|
201 |
return (((zfs_ace_hdr_t *)acep)->z_access_mask); |
|
202 |
} |
|
203 |
||
204 |
static uint64_t |
|
205 |
zfs_ace_fuid_get_who(void *args) |
|
206 |
{
|
|
207 |
uint16_t entry_type; |
|
208 |
zfs_ace_t *acep = args; |
|
209 |
||
210 |
entry_type = acep->z_hdr.z_flags & ACE_TYPE_FLAGS; |
|
| 789 | 211 |
|
| 5331 | 212 |
if (entry_type == ACE_OWNER || entry_type == OWNING_GROUP || |
213 |
entry_type == ACE_EVERYONE) |
|
214 |
return (-1); |
|
215 |
return (((zfs_ace_t *)acep)->z_fuid); |
|
216 |
} |
|
217 |
||
218 |
static void |
|
219 |
zfs_ace_fuid_set_type(void *acep, uint16_t type) |
|
220 |
{
|
|
221 |
((zfs_ace_hdr_t *)acep)->z_type = type; |
|
222 |
} |
|
223 |
||
224 |
static void |
|
225 |
zfs_ace_fuid_set_flags(void *acep, uint16_t flags) |
|
226 |
{
|
|
227 |
((zfs_ace_hdr_t *)acep)->z_flags = flags; |
|
228 |
} |
|
229 |
||
230 |
static void |
|
231 |
zfs_ace_fuid_set_mask(void *acep, uint32_t mask) |
|
232 |
{
|
|
233 |
((zfs_ace_hdr_t *)acep)->z_access_mask = mask; |
|
234 |
} |
|
235 |
||
236 |
static void |
|
237 |
zfs_ace_fuid_set_who(void *arg, uint64_t who) |
|
238 |
{
|
|
239 |
zfs_ace_t *acep = arg; |
|
240 |
||
241 |
uint16_t entry_type = acep->z_hdr.z_flags & ACE_TYPE_FLAGS; |
|
242 |
||
243 |
if (entry_type == ACE_OWNER || entry_type == OWNING_GROUP || |
|
244 |
entry_type == ACE_EVERYONE) |
|
245 |
return; |
|
246 |
acep->z_fuid = who; |
|
247 |
} |
|
248 |
||
249 |
static size_t |
|
250 |
zfs_ace_fuid_size(void *acep) |
|
251 |
{
|
|
252 |
zfs_ace_hdr_t *zacep = acep; |
|
253 |
uint16_t entry_type; |
|
254 |
||
255 |
switch (zacep->z_type) {
|
|
256 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
257 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
258 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
259 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
260 |
return (sizeof (zfs_object_ace_t)); |
|
261 |
case ALLOW: |
|
262 |
case DENY: |
|
263 |
entry_type = |
|
264 |
(((zfs_ace_hdr_t *)acep)->z_flags & ACE_TYPE_FLAGS); |
|
265 |
if (entry_type == ACE_OWNER || |
|
266 |
entry_type == (ACE_GROUP | ACE_IDENTIFIER_GROUP) || |
|
267 |
entry_type == ACE_EVERYONE) |
|
268 |
return (sizeof (zfs_ace_hdr_t)); |
|
269 |
/*FALLTHROUGH*/ |
|
270 |
default: |
|
271 |
return (sizeof (zfs_ace_t)); |
|
272 |
} |
|
273 |
} |
|
274 |
||
275 |
static size_t |
|
276 |
zfs_ace_fuid_abstract_size(void) |
|
277 |
{
|
|
278 |
return (sizeof (zfs_ace_hdr_t)); |
|
279 |
} |
|
280 |
||
281 |
static int |
|
282 |
zfs_ace_fuid_mask_off(void) |
|
283 |
{
|
|
284 |
return (offsetof(zfs_ace_hdr_t, z_access_mask)); |
|
285 |
} |
|
286 |
||
287 |
static int |
|
288 |
zfs_ace_fuid_data(void *acep, void **datap) |
|
289 |
{
|
|
290 |
zfs_ace_t *zacep = acep; |
|
291 |
zfs_object_ace_t *zobjp; |
|
292 |
||
293 |
switch (zacep->z_hdr.z_type) {
|
|
294 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
295 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
296 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
297 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
298 |
zobjp = acep; |
|
299 |
*datap = (caddr_t)zobjp + sizeof (zfs_ace_t); |
|
300 |
return (sizeof (zfs_object_ace_t) - sizeof (zfs_ace_t)); |
|
301 |
default: |
|
302 |
*datap = NULL; |
|
303 |
return (0); |
|
304 |
} |
|
305 |
} |
|
306 |
||
307 |
static acl_ops_t zfs_acl_fuid_ops = {
|
|
308 |
zfs_ace_fuid_get_mask, |
|
309 |
zfs_ace_fuid_set_mask, |
|
310 |
zfs_ace_fuid_get_flags, |
|
311 |
zfs_ace_fuid_set_flags, |
|
312 |
zfs_ace_fuid_get_type, |
|
313 |
zfs_ace_fuid_set_type, |
|
314 |
zfs_ace_fuid_get_who, |
|
315 |
zfs_ace_fuid_set_who, |
|
316 |
zfs_ace_fuid_size, |
|
317 |
zfs_ace_fuid_abstract_size, |
|
318 |
zfs_ace_fuid_mask_off, |
|
319 |
zfs_ace_fuid_data |
|
320 |
}; |
|
321 |
||
322 |
static int |
|
323 |
zfs_acl_version(int version) |
|
324 |
{
|
|
325 |
if (version < ZPL_VERSION_FUID) |
|
326 |
return (ZFS_ACL_VERSION_INITIAL); |
|
327 |
else |
|
328 |
return (ZFS_ACL_VERSION_FUID); |
|
329 |
} |
|
330 |
||
331 |
static int |
|
332 |
zfs_acl_version_zp(znode_t *zp) |
|
333 |
{
|
|
334 |
return (zfs_acl_version(zp->z_zfsvfs->z_version)); |
|
335 |
} |
|
| 789 | 336 |
|
337 |
static zfs_acl_t * |
|
| 5331 | 338 |
zfs_acl_alloc(int vers) |
| 789 | 339 |
{
|
340 |
zfs_acl_t *aclp; |
|
341 |
||
342 |
aclp = kmem_zalloc(sizeof (zfs_acl_t), KM_SLEEP); |
|
| 5331 | 343 |
list_create(&aclp->z_acl, sizeof (zfs_acl_node_t), |
344 |
offsetof(zfs_acl_node_t, z_next)); |
|
345 |
aclp->z_version = vers; |
|
346 |
if (vers == ZFS_ACL_VERSION_FUID) |
|
347 |
aclp->z_ops = zfs_acl_fuid_ops; |
|
348 |
else |
|
349 |
aclp->z_ops = zfs_acl_v0_ops; |
|
350 |
return (aclp); |
|
351 |
} |
|
352 |
||
353 |
static zfs_acl_node_t * |
|
354 |
zfs_acl_node_alloc(size_t bytes) |
|
355 |
{
|
|
356 |
zfs_acl_node_t *aclnode; |
|
357 |
||
358 |
aclnode = kmem_zalloc(sizeof (zfs_acl_node_t), KM_SLEEP); |
|
359 |
if (bytes) {
|
|
360 |
aclnode->z_acldata = kmem_alloc(bytes, KM_SLEEP); |
|
361 |
aclnode->z_allocdata = aclnode->z_acldata; |
|
362 |
aclnode->z_allocsize = bytes; |
|
363 |
aclnode->z_size = bytes; |
|
| 789 | 364 |
} |
| 5331 | 365 |
|
366 |
return (aclnode); |
|
367 |
} |
|
368 |
||
369 |
static void |
|
370 |
zfs_acl_node_free(zfs_acl_node_t *aclnode) |
|
371 |
{
|
|
372 |
if (aclnode->z_allocsize) |
|
373 |
kmem_free(aclnode->z_allocdata, aclnode->z_allocsize); |
|
374 |
kmem_free(aclnode, sizeof (zfs_acl_node_t)); |
|
| 789 | 375 |
} |
376 |
||
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
377 |
static void |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
378 |
zfs_acl_release_nodes(zfs_acl_t *aclp) |
| 789 | 379 |
{
|
| 5331 | 380 |
zfs_acl_node_t *aclnode; |
381 |
||
382 |
while (aclnode = list_head(&aclp->z_acl)) {
|
|
383 |
list_remove(&aclp->z_acl, aclnode); |
|
384 |
zfs_acl_node_free(aclnode); |
|
| 789 | 385 |
} |
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
386 |
aclp->z_acl_count = 0; |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
387 |
aclp->z_acl_bytes = 0; |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
388 |
} |
| 5331 | 389 |
|
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
390 |
void |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
391 |
zfs_acl_free(zfs_acl_t *aclp) |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
392 |
{
|
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
393 |
zfs_acl_release_nodes(aclp); |
| 5331 | 394 |
list_destroy(&aclp->z_acl); |
| 789 | 395 |
kmem_free(aclp, sizeof (zfs_acl_t)); |
396 |
} |
|
397 |
||
| 5331 | 398 |
static boolean_t |
399 |
zfs_ace_valid(vtype_t obj_type, zfs_acl_t *aclp, uint16_t type, uint16_t iflags) |
|
| 789 | 400 |
{
|
| 5331 | 401 |
/* |
402 |
* first check type of entry |
|
403 |
*/ |
|
404 |
||
405 |
switch (iflags & ACE_TYPE_FLAGS) {
|
|
406 |
case ACE_OWNER: |
|
407 |
case (ACE_IDENTIFIER_GROUP | ACE_GROUP): |
|
408 |
case ACE_IDENTIFIER_GROUP: |
|
409 |
case ACE_EVERYONE: |
|
410 |
case 0: /* User entry */ |
|
411 |
break; |
|
412 |
default: |
|
413 |
return (B_FALSE); |
|
414 |
||
415 |
} |
|
416 |
||
417 |
/* |
|
418 |
* next check inheritance level flags |
|
419 |
*/ |
|
420 |
||
421 |
if (type != ALLOW && type > MAX_ACE_TYPE) {
|
|
422 |
return (B_FALSE); |
|
423 |
} |
|
424 |
||
425 |
switch (type) {
|
|
426 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
427 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
428 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
429 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
430 |
if (aclp->z_version < ZFS_ACL_VERSION_FUID) |
|
431 |
return (B_FALSE); |
|
432 |
aclp->z_hints |= ZFS_ACL_OBJ_ACE; |
|
433 |
} |
|
| 789 | 434 |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
435 |
/* |
| 5331 | 436 |
* Only directories should have inheritance flags. |
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
437 |
*/ |
| 5331 | 438 |
if (obj_type != VDIR && (iflags & |
439 |
(ACE_FILE_INHERIT_ACE|ACE_DIRECTORY_INHERIT_ACE| |
|
440 |
ACE_INHERIT_ONLY_ACE|ACE_NO_PROPAGATE_INHERIT_ACE))) {
|
|
441 |
return (B_FALSE); |
|
442 |
} |
|
443 |
||
444 |
if (iflags & (ACE_FILE_INHERIT_ACE|ACE_DIRECTORY_INHERIT_ACE)) |
|
445 |
aclp->z_hints |= ZFS_INHERIT_ACE; |
|
446 |
||
447 |
if (iflags & (ACE_INHERIT_ONLY_ACE|ACE_NO_PROPAGATE_INHERIT_ACE)) {
|
|
448 |
if ((iflags & (ACE_FILE_INHERIT_ACE| |
|
449 |
ACE_DIRECTORY_INHERIT_ACE)) == 0) {
|
|
450 |
return (B_FALSE); |
|
451 |
} |
|
452 |
} |
|
453 |
||
454 |
return (B_TRUE); |
|
455 |
} |
|
456 |
||
457 |
static void * |
|
458 |
zfs_acl_next_ace(zfs_acl_t *aclp, void *start, uint64_t *who, |
|
459 |
uint32_t *access_mask, uint16_t *iflags, uint16_t *type) |
|
460 |
{
|
|
461 |
zfs_acl_node_t *aclnode; |
|
462 |
||
463 |
if (start == NULL) {
|
|
464 |
aclnode = list_head(&aclp->z_acl); |
|
465 |
if (aclnode == NULL) |
|
466 |
return (NULL); |
|
467 |
||
468 |
aclp->z_next_ace = aclnode->z_acldata; |
|
469 |
aclp->z_curr_node = aclnode; |
|
470 |
aclnode->z_ace_idx = 0; |
|
471 |
} |
|
472 |
||
473 |
aclnode = aclp->z_curr_node; |
|
474 |
||
475 |
if (aclnode == NULL) |
|
476 |
return (NULL); |
|
477 |
||
478 |
if (aclnode->z_ace_idx >= aclnode->z_ace_count) {
|
|
479 |
aclnode = list_next(&aclp->z_acl, aclnode); |
|
480 |
if (aclnode == NULL) |
|
481 |
return (NULL); |
|
482 |
else {
|
|
483 |
aclp->z_curr_node = aclnode; |
|
484 |
aclnode->z_ace_idx = 0; |
|
485 |
aclp->z_next_ace = aclnode->z_acldata; |
|
486 |
} |
|
487 |
} |
|
488 |
||
489 |
if (aclnode->z_ace_idx < aclnode->z_ace_count) {
|
|
490 |
void *acep = aclp->z_next_ace; |
|
491 |
*iflags = aclp->z_ops.ace_flags_get(acep); |
|
492 |
*type = aclp->z_ops.ace_type_get(acep); |
|
493 |
*access_mask = aclp->z_ops.ace_mask_get(acep); |
|
494 |
*who = aclp->z_ops.ace_who_get(acep); |
|
495 |
aclp->z_next_ace = (caddr_t)aclp->z_next_ace + |
|
496 |
aclp->z_ops.ace_size(acep); |
|
497 |
aclnode->z_ace_idx++; |
|
498 |
return ((void *)acep); |
|
499 |
} |
|
500 |
return (NULL); |
|
501 |
} |
|
502 |
||
503 |
/*ARGSUSED*/ |
|
504 |
static uint64_t |
|
505 |
zfs_ace_walk(void *datap, uint64_t cookie, int aclcnt, |
|
506 |
uint16_t *flags, uint16_t *type, uint32_t *mask) |
|
507 |
{
|
|
508 |
zfs_acl_t *aclp = datap; |
|
509 |
zfs_ace_hdr_t *acep = (zfs_ace_hdr_t *)(uintptr_t)cookie; |
|
510 |
uint64_t who; |
|
511 |
||
512 |
acep = zfs_acl_next_ace(aclp, acep, &who, mask, |
|
513 |
flags, type); |
|
514 |
return ((uint64_t)(uintptr_t)acep); |
|
515 |
} |
|
516 |
||
517 |
static zfs_acl_node_t * |
|
518 |
zfs_acl_curr_node(zfs_acl_t *aclp) |
|
519 |
{
|
|
520 |
ASSERT(aclp->z_curr_node); |
|
521 |
return (aclp->z_curr_node); |
|
522 |
} |
|
523 |
||
524 |
/* |
|
525 |
* Copy ACE to internal ZFS format. |
|
526 |
* While processing the ACL each ACE will be validated for correctness. |
|
527 |
* ACE FUIDs will be created later. |
|
528 |
*/ |
|
529 |
int |
|
530 |
zfs_copy_ace_2_fuid(vtype_t obj_type, zfs_acl_t *aclp, void *datap, |
|
531 |
zfs_ace_t *z_acl, int aclcnt, size_t *size) |
|
532 |
{
|
|
533 |
int i; |
|
534 |
uint16_t entry_type; |
|
535 |
zfs_ace_t *aceptr = z_acl; |
|
536 |
ace_t *acep = datap; |
|
537 |
zfs_object_ace_t *zobjacep; |
|
538 |
ace_object_t *aceobjp; |
|
539 |
||
540 |
for (i = 0; i != aclcnt; i++) {
|
|
541 |
aceptr->z_hdr.z_access_mask = acep->a_access_mask; |
|
542 |
aceptr->z_hdr.z_flags = acep->a_flags; |
|
543 |
aceptr->z_hdr.z_type = acep->a_type; |
|
544 |
entry_type = aceptr->z_hdr.z_flags & ACE_TYPE_FLAGS; |
|
545 |
if (entry_type != ACE_OWNER && entry_type != OWNING_GROUP && |
|
| 5824 | 546 |
entry_type != ACE_EVERYONE) {
|
547 |
if (!aclp->z_has_fuids) |
|
548 |
aclp->z_has_fuids = IS_EPHEMERAL(acep->a_who) ? |
|
549 |
B_TRUE : B_FALSE; |
|
| 5331 | 550 |
aceptr->z_fuid = (uint64_t)acep->a_who; |
| 5824 | 551 |
} |
552 |
||
| 5331 | 553 |
/* |
554 |
* Make sure ACE is valid |
|
555 |
*/ |
|
556 |
if (zfs_ace_valid(obj_type, aclp, aceptr->z_hdr.z_type, |
|
557 |
aceptr->z_hdr.z_flags) != B_TRUE) |
|
558 |
return (EINVAL); |
|
559 |
||
560 |
switch (acep->a_type) {
|
|
561 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
562 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
563 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
564 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
565 |
zobjacep = (zfs_object_ace_t *)aceptr; |
|
566 |
aceobjp = (ace_object_t *)acep; |
|
567 |
||
568 |
bcopy(aceobjp->a_obj_type, zobjacep->z_object_type, |
|
569 |
sizeof (aceobjp->a_obj_type)); |
|
570 |
bcopy(aceobjp->a_inherit_obj_type, |
|
571 |
zobjacep->z_inherit_type, |
|
572 |
sizeof (aceobjp->a_inherit_obj_type)); |
|
573 |
acep = (ace_t *)((caddr_t)acep + sizeof (ace_object_t)); |
|
574 |
break; |
|
575 |
default: |
|
576 |
acep = (ace_t *)((caddr_t)acep + sizeof (ace_t)); |
|
577 |
} |
|
578 |
||
579 |
aceptr = (zfs_ace_t *)((caddr_t)aceptr + |
|
580 |
aclp->z_ops.ace_size(aceptr)); |
|
581 |
} |
|
582 |
||
583 |
*size = (caddr_t)aceptr - (caddr_t)z_acl; |
|
| 789 | 584 |
|
| 5331 | 585 |
return (0); |
586 |
} |
|
587 |
||
588 |
/* |
|
589 |
* Copy ZFS ACEs to fixed size ace_t layout |
|
590 |
*/ |
|
591 |
static void |
|
| 5771 | 592 |
zfs_copy_fuid_2_ace(zfsvfs_t *zfsvfs, zfs_acl_t *aclp, cred_t *cr, |
593 |
void *datap, int filter) |
|
| 5331 | 594 |
{
|
595 |
uint64_t who; |
|
596 |
uint32_t access_mask; |
|
597 |
uint16_t iflags, type; |
|
598 |
zfs_ace_hdr_t *zacep = NULL; |
|
599 |
ace_t *acep = datap; |
|
600 |
ace_object_t *objacep; |
|
601 |
zfs_object_ace_t *zobjacep; |
|
602 |
zfs_fuid_hdl_t hdl = { 0 };
|
|
603 |
size_t ace_size; |
|
604 |
uint16_t entry_type; |
|
605 |
||
606 |
while (zacep = zfs_acl_next_ace(aclp, zacep, |
|
607 |
&who, &access_mask, &iflags, &type)) {
|
|
608 |
||
609 |
switch (type) {
|
|
610 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
611 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
612 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
613 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
614 |
if (filter) {
|
|
615 |
continue; |
|
616 |
} |
|
617 |
zobjacep = (zfs_object_ace_t *)zacep; |
|
618 |
objacep = (ace_object_t *)acep; |
|
619 |
bcopy(zobjacep->z_object_type, |
|
620 |
objacep->a_obj_type, |
|
621 |
sizeof (zobjacep->z_object_type)); |
|
622 |
bcopy(zobjacep->z_inherit_type, |
|
623 |
objacep->a_inherit_obj_type, |
|
624 |
sizeof (zobjacep->z_inherit_type)); |
|
625 |
ace_size = sizeof (ace_object_t); |
|
626 |
break; |
|
627 |
default: |
|
628 |
ace_size = sizeof (ace_t); |
|
629 |
break; |
|
630 |
} |
|
631 |
||
632 |
entry_type = (iflags & ACE_TYPE_FLAGS); |
|
633 |
if ((entry_type != ACE_OWNER && |
|
634 |
entry_type != (ACE_GROUP | ACE_IDENTIFIER_GROUP) && |
|
635 |
entry_type != ACE_EVERYONE)) |
|
| 5771 | 636 |
zfs_fuid_queue_map_id(zfsvfs, &hdl, who, cr, |
| 5331 | 637 |
(entry_type & ACE_IDENTIFIER_GROUP) ? |
638 |
ZFS_ACE_GROUP : ZFS_ACE_USER, &acep->a_who); |
|
639 |
else |
|
640 |
acep->a_who = (uid_t)(int64_t)who; |
|
641 |
acep->a_access_mask = access_mask; |
|
642 |
acep->a_flags = iflags; |
|
643 |
acep->a_type = type; |
|
644 |
acep = (ace_t *)((caddr_t)acep + ace_size); |
|
645 |
} |
|
646 |
zfs_fuid_get_mappings(&hdl); |
|
647 |
} |
|
648 |
||
649 |
static int |
|
650 |
zfs_copy_ace_2_oldace(vtype_t obj_type, zfs_acl_t *aclp, ace_t *acep, |
|
651 |
zfs_oldace_t *z_acl, int aclcnt, size_t *size) |
|
652 |
{
|
|
653 |
int i; |
|
654 |
zfs_oldace_t *aceptr = z_acl; |
|
655 |
||
656 |
for (i = 0; i != aclcnt; i++, aceptr++) {
|
|
657 |
aceptr->z_access_mask = acep[i].a_access_mask; |
|
658 |
aceptr->z_type = acep[i].a_type; |
|
659 |
aceptr->z_flags = acep[i].a_flags; |
|
660 |
aceptr->z_fuid = acep[i].a_who; |
|
661 |
/* |
|
662 |
* Make sure ACE is valid |
|
663 |
*/ |
|
664 |
if (zfs_ace_valid(obj_type, aclp, aceptr->z_type, |
|
665 |
aceptr->z_flags) != B_TRUE) |
|
666 |
return (EINVAL); |
|
667 |
} |
|
668 |
*size = (caddr_t)aceptr - (caddr_t)z_acl; |
|
669 |
return (0); |
|
670 |
} |
|
671 |
||
672 |
/* |
|
673 |
* convert old ACL format to new |
|
674 |
*/ |
|
675 |
void |
|
676 |
zfs_acl_xform(znode_t *zp, zfs_acl_t *aclp) |
|
677 |
{
|
|
678 |
zfs_oldace_t *oldaclp; |
|
679 |
int i; |
|
680 |
uint16_t type, iflags; |
|
681 |
uint32_t access_mask; |
|
682 |
uint64_t who; |
|
683 |
void *cookie = NULL; |
|
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
684 |
zfs_acl_node_t *newaclnode; |
| 5331 | 685 |
|
686 |
ASSERT(aclp->z_version == ZFS_ACL_VERSION_INITIAL); |
|
687 |
/* |
|
688 |
* First create the ACE in a contiguous piece of memory |
|
689 |
* for zfs_copy_ace_2_fuid(). |
|
690 |
* |
|
691 |
* We only convert an ACL once, so this won't happen |
|
692 |
* everytime. |
|
693 |
*/ |
|
694 |
oldaclp = kmem_alloc(sizeof (zfs_oldace_t) * aclp->z_acl_count, |
|
695 |
KM_SLEEP); |
|
696 |
i = 0; |
|
697 |
while (cookie = zfs_acl_next_ace(aclp, cookie, &who, |
|
698 |
&access_mask, &iflags, &type)) {
|
|
699 |
oldaclp[i].z_flags = iflags; |
|
700 |
oldaclp[i].z_type = type; |
|
701 |
oldaclp[i].z_fuid = who; |
|
702 |
oldaclp[i++].z_access_mask = access_mask; |
|
703 |
} |
|
704 |
||
705 |
newaclnode = zfs_acl_node_alloc(aclp->z_acl_count * |
|
706 |
sizeof (zfs_object_ace_t)); |
|
707 |
aclp->z_ops = zfs_acl_fuid_ops; |
|
708 |
VERIFY(zfs_copy_ace_2_fuid(ZTOV(zp)->v_type, aclp, oldaclp, |
|
709 |
newaclnode->z_acldata, aclp->z_acl_count, |
|
710 |
&newaclnode->z_size) == 0); |
|
711 |
newaclnode->z_ace_count = aclp->z_acl_count; |
|
712 |
aclp->z_version = ZFS_ACL_VERSION; |
|
713 |
kmem_free(oldaclp, aclp->z_acl_count * sizeof (zfs_oldace_t)); |
|
714 |
||
715 |
/* |
|
716 |
* Release all previous ACL nodes |
|
717 |
*/ |
|
718 |
||
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
719 |
zfs_acl_release_nodes(aclp); |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
720 |
|
| 5331 | 721 |
list_insert_head(&aclp->z_acl, newaclnode); |
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
722 |
|
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
723 |
aclp->z_acl_bytes = newaclnode->z_size; |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
724 |
aclp->z_acl_count = newaclnode->z_ace_count; |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
725 |
|
| 789 | 726 |
} |
727 |
||
728 |
/* |
|
729 |
* Convert unix access mask to v4 access mask |
|
730 |
*/ |
|
731 |
static uint32_t |
|
732 |
zfs_unix_to_v4(uint32_t access_mask) |
|
733 |
{
|
|
734 |
uint32_t new_mask = 0; |
|
735 |
||
| 5331 | 736 |
if (access_mask & S_IXOTH) |
737 |
new_mask |= ACE_EXECUTE; |
|
738 |
if (access_mask & S_IWOTH) |
|
739 |
new_mask |= ACE_WRITE_DATA; |
|
740 |
if (access_mask & S_IROTH) |
|
| 789 | 741 |
new_mask |= ACE_READ_DATA; |
742 |
return (new_mask); |
|
743 |
} |
|
744 |
||
745 |
static void |
|
| 5331 | 746 |
zfs_set_ace(zfs_acl_t *aclp, void *acep, uint32_t access_mask, |
747 |
uint16_t access_type, uint64_t fuid, uint16_t entry_type) |
|
| 789 | 748 |
{
|
| 5331 | 749 |
uint16_t type = entry_type & ACE_TYPE_FLAGS; |
750 |
||
751 |
aclp->z_ops.ace_mask_set(acep, access_mask); |
|
752 |
aclp->z_ops.ace_type_set(acep, access_type); |
|
753 |
aclp->z_ops.ace_flags_set(acep, entry_type); |
|
754 |
if ((type != ACE_OWNER && type != (ACE_GROUP | ACE_IDENTIFIER_GROUP) && |
|
755 |
type != ACE_EVERYONE)) |
|
756 |
aclp->z_ops.ace_who_set(acep, fuid); |
|
| 789 | 757 |
} |
758 |
||
| 5331 | 759 |
/* |
760 |
* Determine mode of file based on ACL. |
|
761 |
* Also, create FUIDs for any User/Group ACEs |
|
762 |
*/ |
|
| 789 | 763 |
static uint64_t |
| 5771 | 764 |
zfs_mode_fuid_compute(znode_t *zp, zfs_acl_t *aclp, cred_t *cr, |
765 |
zfs_fuid_info_t **fuidp, dmu_tx_t *tx) |
|
| 789 | 766 |
{
|
| 5331 | 767 |
int entry_type; |
768 |
mode_t mode; |
|
769 |
mode_t seen = 0; |
|
770 |
zfs_ace_hdr_t *acep = NULL; |
|
771 |
uint64_t who; |
|
772 |
uint16_t iflags, type; |
|
773 |
uint32_t access_mask; |
|
| 789 | 774 |
|
| 5331 | 775 |
mode = (zp->z_phys->zp_mode & (S_IFMT | S_ISUID | S_ISGID | S_ISVTX)); |
776 |
||
777 |
while (acep = zfs_acl_next_ace(aclp, acep, &who, |
|
778 |
&access_mask, &iflags, &type)) {
|
|
|
4869
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
779 |
|
|
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
780 |
/* |
|
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
781 |
* Skip over inherit only ACEs |
|
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
782 |
*/ |
| 5762 | 783 |
if (iflags & ACE_INHERIT_ONLY_ACE) |
|
4869
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
784 |
continue; |
|
f123f22fc641
6590376 Fails to chmod on a zfs volume with windows ACL
marks
parents:
4321
diff
changeset
|
785 |
|
| 5762 | 786 |
entry_type = (iflags & ACE_TYPE_FLAGS); |
787 |
||
| 789 | 788 |
if (entry_type == ACE_OWNER) {
|
| 5331 | 789 |
if ((access_mask & ACE_READ_DATA) && |
| 789 | 790 |
(!(seen & S_IRUSR))) {
|
791 |
seen |= S_IRUSR; |
|
| 5331 | 792 |
if (type == ALLOW) {
|
| 789 | 793 |
mode |= S_IRUSR; |
794 |
} |
|
795 |
} |
|
| 5331 | 796 |
if ((access_mask & ACE_WRITE_DATA) && |
| 789 | 797 |
(!(seen & S_IWUSR))) {
|
798 |
seen |= S_IWUSR; |
|
| 5331 | 799 |
if (type == ALLOW) {
|
| 789 | 800 |
mode |= S_IWUSR; |
801 |
} |
|
802 |
} |
|
| 5331 | 803 |
if ((access_mask & ACE_EXECUTE) && |
| 789 | 804 |
(!(seen & S_IXUSR))) {
|
805 |
seen |= S_IXUSR; |
|
| 5331 | 806 |
if (type == ALLOW) {
|
| 789 | 807 |
mode |= S_IXUSR; |
808 |
} |
|
809 |
} |
|
810 |
} else if (entry_type == OWNING_GROUP) {
|
|
| 5331 | 811 |
if ((access_mask & ACE_READ_DATA) && |
| 789 | 812 |
(!(seen & S_IRGRP))) {
|
813 |
seen |= S_IRGRP; |
|
| 5331 | 814 |
if (type == ALLOW) {
|
| 789 | 815 |
mode |= S_IRGRP; |
816 |
} |
|
817 |
} |
|
| 5331 | 818 |
if ((access_mask & ACE_WRITE_DATA) && |
| 789 | 819 |
(!(seen & S_IWGRP))) {
|
820 |
seen |= S_IWGRP; |
|
| 5331 | 821 |
if (type == ALLOW) {
|
| 789 | 822 |
mode |= S_IWGRP; |
823 |
} |
|
824 |
} |
|
| 5331 | 825 |
if ((access_mask & ACE_EXECUTE) && |
| 789 | 826 |
(!(seen & S_IXGRP))) {
|
827 |
seen |= S_IXGRP; |
|
| 5331 | 828 |
if (type == ALLOW) {
|
| 789 | 829 |
mode |= S_IXGRP; |
830 |
} |
|
831 |
} |
|
832 |
} else if (entry_type == ACE_EVERYONE) {
|
|
| 5331 | 833 |
if ((access_mask & ACE_READ_DATA)) {
|
| 789 | 834 |
if (!(seen & S_IRUSR)) {
|
835 |
seen |= S_IRUSR; |
|
| 5331 | 836 |
if (type == ALLOW) {
|
| 789 | 837 |
mode |= S_IRUSR; |
838 |
} |
|
839 |
} |
|
840 |
if (!(seen & S_IRGRP)) {
|
|
841 |
seen |= S_IRGRP; |
|
| 5331 | 842 |
if (type == ALLOW) {
|
| 789 | 843 |
mode |= S_IRGRP; |
844 |
} |
|
845 |
} |
|
846 |
if (!(seen & S_IROTH)) {
|
|
847 |
seen |= S_IROTH; |
|
| 5331 | 848 |
if (type == ALLOW) {
|
| 789 | 849 |
mode |= S_IROTH; |
850 |
} |
|
851 |
} |
|
852 |
} |
|
| 5331 | 853 |
if ((access_mask & ACE_WRITE_DATA)) {
|
| 789 | 854 |
if (!(seen & S_IWUSR)) {
|
855 |
seen |= S_IWUSR; |
|
| 5331 | 856 |
if (type == ALLOW) {
|
| 789 | 857 |
mode |= S_IWUSR; |
858 |
} |
|
859 |
} |
|
860 |
if (!(seen & S_IWGRP)) {
|
|
861 |
seen |= S_IWGRP; |
|
| 5331 | 862 |
if (type == ALLOW) {
|
| 789 | 863 |
mode |= S_IWGRP; |
864 |
} |
|
865 |
} |
|
866 |
if (!(seen & S_IWOTH)) {
|
|
867 |
seen |= S_IWOTH; |
|
| 5331 | 868 |
if (type == ALLOW) {
|
| 789 | 869 |
mode |= S_IWOTH; |
870 |
} |
|
871 |
} |
|
872 |
} |
|
| 5331 | 873 |
if ((access_mask & ACE_EXECUTE)) {
|
| 789 | 874 |
if (!(seen & S_IXUSR)) {
|
875 |
seen |= S_IXUSR; |
|
| 5331 | 876 |
if (type == ALLOW) {
|
| 789 | 877 |
mode |= S_IXUSR; |
878 |
} |
|
879 |
} |
|
880 |
if (!(seen & S_IXGRP)) {
|
|
881 |
seen |= S_IXGRP; |
|
| 5331 | 882 |
if (type == ALLOW) {
|
| 789 | 883 |
mode |= S_IXGRP; |
884 |
} |
|
885 |
} |
|
886 |
if (!(seen & S_IXOTH)) {
|
|
887 |
seen |= S_IXOTH; |
|
| 5331 | 888 |
if (type == ALLOW) {
|
| 789 | 889 |
mode |= S_IXOTH; |
890 |
} |
|
891 |
} |
|
892 |
} |
|
893 |
} |
|
| 5331 | 894 |
/* |
895 |
* Now handle FUID create for user/group ACEs |
|
896 |
*/ |
|
897 |
if (entry_type == 0 || entry_type == ACE_IDENTIFIER_GROUP) {
|
|
898 |
aclp->z_ops.ace_who_set(acep, |
|
| 5771 | 899 |
zfs_fuid_create(zp->z_zfsvfs, who, cr, |
| 5331 | 900 |
entry_type == 0 ? ZFS_ACE_USER : ZFS_ACE_GROUP, tx, |
901 |
fuidp)); |
|
902 |
} |
|
| 789 | 903 |
} |
904 |
return (mode); |
|
905 |
} |
|
906 |
||
907 |
static zfs_acl_t * |
|
| 5331 | 908 |
zfs_acl_node_read_internal(znode_t *zp, boolean_t will_modify) |
| 789 | 909 |
{
|
910 |
zfs_acl_t *aclp; |
|
| 5331 | 911 |
zfs_acl_node_t *aclnode; |
| 789 | 912 |
|
| 5331 | 913 |
aclp = zfs_acl_alloc(zp->z_phys->zp_acl.z_acl_version); |
914 |
||
915 |
/* |
|
916 |
* Version 0 to 1 znode_acl_phys has the size/count fields swapped. |
|
917 |
* Version 0 didn't have a size field, only a count. |
|
918 |
*/ |
|
919 |
if (zp->z_phys->zp_acl.z_acl_version == ZFS_ACL_VERSION_INITIAL) {
|
|
920 |
aclp->z_acl_count = zp->z_phys->zp_acl.z_acl_size; |
|
921 |
aclp->z_acl_bytes = ZFS_ACL_SIZE(aclp->z_acl_count); |
|
922 |
} else {
|
|
923 |
aclp->z_acl_count = zp->z_phys->zp_acl.z_acl_count; |
|
924 |
aclp->z_acl_bytes = zp->z_phys->zp_acl.z_acl_size; |
|
925 |
} |
|
926 |
||
927 |
aclnode = zfs_acl_node_alloc(will_modify ? aclp->z_acl_bytes : 0); |
|
928 |
aclnode->z_ace_count = aclp->z_acl_count; |
|
929 |
if (will_modify) {
|
|
930 |
bcopy(zp->z_phys->zp_acl.z_ace_data, aclnode->z_acldata, |
|
931 |
aclp->z_acl_bytes); |
|
932 |
} else {
|
|
933 |
aclnode->z_size = aclp->z_acl_bytes; |
|
934 |
aclnode->z_acldata = &zp->z_phys->zp_acl.z_ace_data[0]; |
|
935 |
} |
|
936 |
||
937 |
list_insert_head(&aclp->z_acl, aclnode); |
|
| 789 | 938 |
|
939 |
return (aclp); |
|
940 |
} |
|
941 |
||
942 |
/* |
|
943 |
* Read an external acl object. |
|
944 |
*/ |
|
| 1544 | 945 |
static int |
| 5331 | 946 |
zfs_acl_node_read(znode_t *zp, zfs_acl_t **aclpp, boolean_t will_modify) |
| 789 | 947 |
{
|
948 |
uint64_t extacl = zp->z_phys->zp_acl.z_acl_extern_obj; |
|
949 |
zfs_acl_t *aclp; |
|
| 5331 | 950 |
size_t aclsize; |
951 |
size_t acl_count; |
|
952 |
zfs_acl_node_t *aclnode; |
|
| 1544 | 953 |
int error; |
| 789 | 954 |
|
955 |
ASSERT(MUTEX_HELD(&zp->z_acl_lock)); |
|
956 |
||
| 1544 | 957 |
if (zp->z_phys->zp_acl.z_acl_extern_obj == 0) {
|
| 5331 | 958 |
*aclpp = zfs_acl_node_read_internal(zp, will_modify); |
| 1544 | 959 |
return (0); |
960 |
} |
|
| 789 | 961 |
|
| 5331 | 962 |
aclp = zfs_acl_alloc(zp->z_phys->zp_acl.z_acl_version); |
963 |
if (zp->z_phys->zp_acl.z_acl_version == ZFS_ACL_VERSION_INITIAL) {
|
|
964 |
zfs_acl_phys_v0_t *zacl0 = |
|
965 |
(zfs_acl_phys_v0_t *)&zp->z_phys->zp_acl; |
|
| 789 | 966 |
|
| 5331 | 967 |
aclsize = ZFS_ACL_SIZE(zacl0->z_acl_count); |
968 |
acl_count = zacl0->z_acl_count; |
|
969 |
} else {
|
|
970 |
aclsize = zp->z_phys->zp_acl.z_acl_size; |
|
971 |
acl_count = zp->z_phys->zp_acl.z_acl_count; |
|
972 |
if (aclsize == 0) |
|
973 |
aclsize = acl_count * sizeof (zfs_ace_t); |
|
974 |
} |
|
975 |
aclnode = zfs_acl_node_alloc(aclsize); |
|
976 |
list_insert_head(&aclp->z_acl, aclnode); |
|
| 1544 | 977 |
error = dmu_read(zp->z_zfsvfs->z_os, extacl, 0, |
| 5331 | 978 |
aclsize, aclnode->z_acldata); |
979 |
aclnode->z_ace_count = acl_count; |
|
980 |
aclp->z_acl_count = acl_count; |
|
981 |
aclp->z_acl_bytes = aclsize; |
|
982 |
||
| 1544 | 983 |
if (error != 0) {
|
984 |
zfs_acl_free(aclp); |
|
985 |
return (error); |
|
986 |
} |
|
| 789 | 987 |
|
| 1544 | 988 |
*aclpp = aclp; |
989 |
return (0); |
|
| 789 | 990 |
} |
991 |
||
992 |
/* |
|
| 5331 | 993 |
* common code for setting ACLs. |
| 789 | 994 |
* |
995 |
* This function is called from zfs_mode_update, zfs_perm_init, and zfs_setacl. |
|
996 |
* zfs_setacl passes a non-NULL inherit pointer (ihp) to indicate that it's |
|
997 |
* already checked the acl and knows whether to inherit. |
|
998 |
*/ |
|
999 |
int |
|
| 5771 | 1000 |
zfs_aclset_common(znode_t *zp, zfs_acl_t *aclp, cred_t *cr, |
1001 |
zfs_fuid_info_t **fuidp, dmu_tx_t *tx) |
|
| 789 | 1002 |
{
|
1003 |
int error; |
|
1004 |
znode_phys_t *zphys = zp->z_phys; |
|
| 5331 | 1005 |
zfs_acl_phys_t *zacl = &zphys->zp_acl; |
| 789 | 1006 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
1007 |
uint64_t aoid = zphys->zp_acl.z_acl_extern_obj; |
|
| 5331 | 1008 |
uint64_t off = 0; |
1009 |
dmu_object_type_t otype; |
|
1010 |
zfs_acl_node_t *aclnode; |
|
| 789 | 1011 |
|
1012 |
ASSERT(MUTEX_HELD(&zp->z_lock)); |
|
1013 |
ASSERT(MUTEX_HELD(&zp->z_acl_lock)); |
|
1014 |
||
| 5331 | 1015 |
dmu_buf_will_dirty(zp->z_dbuf, tx); |
| 789 | 1016 |
|
| 5771 | 1017 |
zphys->zp_mode = zfs_mode_fuid_compute(zp, aclp, cr, fuidp, tx); |
| 789 | 1018 |
|
1019 |
/* |
|
| 5331 | 1020 |
* Decide which opbject type to use. If we are forced to |
1021 |
* use old ACL format than transform ACL into zfs_oldace_t |
|
1022 |
* layout. |
|
| 789 | 1023 |
*/ |
| 5331 | 1024 |
if (!zfsvfs->z_use_fuids) {
|
1025 |
otype = DMU_OT_OLDACL; |
|
1026 |
} else {
|
|
1027 |
if ((aclp->z_version == ZFS_ACL_VERSION_INITIAL) && |
|
1028 |
(zfsvfs->z_version >= ZPL_VERSION_FUID)) |
|
1029 |
zfs_acl_xform(zp, aclp); |
|
1030 |
ASSERT(aclp->z_version >= ZFS_ACL_VERSION_FUID); |
|
1031 |
otype = DMU_OT_ACL; |
|
1032 |
} |
|
1033 |
||
1034 |
if (aclp->z_acl_bytes > ZFS_ACE_SPACE) {
|
|
1035 |
/* |
|
1036 |
* If ACL was previously external and we are now |
|
1037 |
* converting to new ACL format then release old |
|
1038 |
* ACL object and create a new one. |
|
1039 |
*/ |
|
1040 |
if (aoid && aclp->z_version != zacl->z_acl_version) {
|
|
1041 |
error = dmu_object_free(zfsvfs->z_os, |
|
1042 |
zp->z_phys->zp_acl.z_acl_extern_obj, tx); |
|
1043 |
if (error) |
|
1044 |
return (error); |
|
1045 |
aoid = 0; |
|
1046 |
} |
|
| 789 | 1047 |
if (aoid == 0) {
|
1048 |
aoid = dmu_object_alloc(zfsvfs->z_os, |
|
| 5331 | 1049 |
otype, aclp->z_acl_bytes, |
1050 |
otype == DMU_OT_ACL ? DMU_OT_SYSACL : DMU_OT_NONE, |
|
1051 |
otype == DMU_OT_ACL ? DN_MAX_BONUSLEN : 0, tx); |
|
| 789 | 1052 |
} else {
|
1053 |
(void) dmu_object_set_blocksize(zfsvfs->z_os, aoid, |
|
| 5331 | 1054 |
aclp->z_acl_bytes, 0, tx); |
| 789 | 1055 |
} |
1056 |
zphys->zp_acl.z_acl_extern_obj = aoid; |
|
| 5331 | 1057 |
for (aclnode = list_head(&aclp->z_acl); aclnode; |
1058 |
aclnode = list_next(&aclp->z_acl, aclnode)) {
|
|
1059 |
if (aclnode->z_ace_count == 0) |
|
1060 |
continue; |
|
1061 |
dmu_write(zfsvfs->z_os, aoid, off, |
|
1062 |
aclnode->z_size, aclnode->z_acldata, tx); |
|
1063 |
off += aclnode->z_size; |
|
1064 |
} |
|
| 789 | 1065 |
} else {
|
| 5331 | 1066 |
void *start = zacl->z_ace_data; |
| 789 | 1067 |
/* |
1068 |
* Migrating back embedded? |
|
1069 |
*/ |
|
1070 |
if (zphys->zp_acl.z_acl_extern_obj) {
|
|
1071 |
error = dmu_object_free(zfsvfs->z_os, |
|
|
4300
d74de773d6e6
6528189 cp -p invalid argument issue on Redhat linux AS 3.0 NFS client against ZFS NFS directory
marks
parents:
2676
diff
changeset
|
1072 |
zp->z_phys->zp_acl.z_acl_extern_obj, tx); |
| 789 | 1073 |
if (error) |
1074 |
return (error); |
|
1075 |
zphys->zp_acl.z_acl_extern_obj = 0; |
|
1076 |
} |
|
| 5331 | 1077 |
|
1078 |
for (aclnode = list_head(&aclp->z_acl); aclnode; |
|
1079 |
aclnode = list_next(&aclp->z_acl, aclnode)) {
|
|
1080 |
if (aclnode->z_ace_count == 0) |
|
1081 |
continue; |
|
1082 |
bcopy(aclnode->z_acldata, start, aclnode->z_size); |
|
1083 |
start = (caddr_t)start + aclnode->z_size; |
|
1084 |
} |
|
| 789 | 1085 |
} |
|
905
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1086 |
|
| 5331 | 1087 |
/* |
1088 |
* If Old version then swap count/bytes to match old |
|
1089 |
* layout of znode_acl_phys_t. |
|
1090 |
*/ |
|
1091 |
if (aclp->z_version == ZFS_ACL_VERSION_INITIAL) {
|
|
1092 |
zphys->zp_acl.z_acl_size = aclp->z_acl_count; |
|
1093 |
zphys->zp_acl.z_acl_count = aclp->z_acl_bytes; |
|
1094 |
} else {
|
|
1095 |
zphys->zp_acl.z_acl_size = aclp->z_acl_bytes; |
|
1096 |
zphys->zp_acl.z_acl_count = aclp->z_acl_count; |
|
|
905
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1097 |
} |
| 789 | 1098 |
|
| 5331 | 1099 |
zphys->zp_acl.z_acl_version = aclp->z_version; |
1100 |
||
1101 |
/* |
|
1102 |
* Replace ACL wide bits, but first clear them. |
|
1103 |
*/ |
|
1104 |
zp->z_phys->zp_flags &= ~ZFS_ACL_WIDE_FLAGS; |
|
1105 |
||
1106 |
zp->z_phys->zp_flags |= aclp->z_hints; |
|
1107 |
||
1108 |
if (ace_trivial_common(aclp, 0, zfs_ace_walk) == 0) |
|
1109 |
zp->z_phys->zp_flags |= ZFS_ACL_TRIVIAL; |
|
1110 |
||
| 789 | 1111 |
zfs_time_stamper_locked(zp, STATE_CHANGED, tx); |
1112 |
return (0); |
|
1113 |
} |
|
1114 |
||
1115 |
/* |
|
1116 |
* Update access mask for prepended ACE |
|
1117 |
* |
|
1118 |
* This applies the "groupmask" value for aclmode property. |
|
1119 |
*/ |
|
1120 |
static void |
|
| 5331 | 1121 |
zfs_acl_prepend_fixup(zfs_acl_t *aclp, void *acep, void *origacep, |
1122 |
mode_t mode, uint64_t owner) |
|
| 789 | 1123 |
{
|
1124 |
int rmask, wmask, xmask; |
|
1125 |
int user_ace; |
|
| 5331 | 1126 |
uint16_t aceflags; |
1127 |
uint32_t origmask, acepmask; |
|
1128 |
uint64_t fuid; |
|
| 789 | 1129 |
|
| 5331 | 1130 |
aceflags = aclp->z_ops.ace_flags_get(acep); |
1131 |
fuid = aclp->z_ops.ace_who_get(acep); |
|
1132 |
origmask = aclp->z_ops.ace_mask_get(origacep); |
|
1133 |
acepmask = aclp->z_ops.ace_mask_get(acep); |
|
1134 |
||
1135 |
user_ace = (!(aceflags & |
|
| 789 | 1136 |
(ACE_OWNER|ACE_GROUP|ACE_IDENTIFIER_GROUP))); |
1137 |
||
| 5331 | 1138 |
if (user_ace && (fuid == owner)) {
|
| 789 | 1139 |
rmask = S_IRUSR; |
1140 |
wmask = S_IWUSR; |
|
1141 |
xmask = S_IXUSR; |
|
1142 |
} else {
|
|
1143 |
rmask = S_IRGRP; |
|
1144 |
wmask = S_IWGRP; |
|
1145 |
xmask = S_IXGRP; |
|
1146 |
} |
|
1147 |
||
| 5331 | 1148 |
if (origmask & ACE_READ_DATA) {
|
1149 |
if (mode & rmask) {
|
|
1150 |
acepmask &= ~ACE_READ_DATA; |
|
1151 |
} else {
|
|
1152 |
acepmask |= ACE_READ_DATA; |
|
1153 |
} |
|
| 789 | 1154 |
} |
1155 |
||
| 5331 | 1156 |
if (origmask & ACE_WRITE_DATA) {
|
1157 |
if (mode & wmask) {
|
|
1158 |
acepmask &= ~ACE_WRITE_DATA; |
|
1159 |
} else {
|
|
1160 |
acepmask |= ACE_WRITE_DATA; |
|
1161 |
} |
|
| 789 | 1162 |
} |
1163 |
||
| 5331 | 1164 |
if (origmask & ACE_APPEND_DATA) {
|
1165 |
if (mode & wmask) {
|
|
1166 |
acepmask &= ~ACE_APPEND_DATA; |
|
1167 |
} else {
|
|
1168 |
acepmask |= ACE_APPEND_DATA; |
|
1169 |
} |
|
| 789 | 1170 |
} |
1171 |
||
| 5331 | 1172 |
if (origmask & ACE_EXECUTE) {
|
1173 |
if (mode & xmask) {
|
|
1174 |
acepmask &= ~ACE_EXECUTE; |
|
1175 |
} else {
|
|
1176 |
acepmask |= ACE_EXECUTE; |
|
1177 |
} |
|
| 789 | 1178 |
} |
| 5331 | 1179 |
aclp->z_ops.ace_mask_set(acep, acepmask); |
| 789 | 1180 |
} |
1181 |
||
1182 |
/* |
|
1183 |
* Apply mode to canonical six ACEs. |
|
1184 |
*/ |
|
1185 |
static void |
|
1186 |
zfs_acl_fixup_canonical_six(zfs_acl_t *aclp, mode_t mode) |
|
1187 |
{
|
|
| 5331 | 1188 |
zfs_acl_node_t *aclnode = list_tail(&aclp->z_acl); |
1189 |
void *acep; |
|
1190 |
int maskoff = aclp->z_ops.ace_mask_off(); |
|
1191 |
size_t abstract_size = aclp->z_ops.ace_abstract_size(); |
|
| 789 | 1192 |
|
| 5331 | 1193 |
ASSERT(aclnode != NULL); |
1194 |
||
1195 |
acep = (void *)((caddr_t)aclnode->z_acldata + |
|
1196 |
aclnode->z_size - (abstract_size * 6)); |
|
| 789 | 1197 |
|
1198 |
/* |
|
1199 |
* Fixup final ACEs to match the mode |
|
1200 |
*/ |
|
1201 |
||
| 5331 | 1202 |
adjust_ace_pair_common(acep, maskoff, abstract_size, |
1203 |
(mode & 0700) >> 6); /* owner@ */ |
|
1204 |
||
1205 |
acep = (caddr_t)acep + (abstract_size * 2); |
|
1206 |
||
1207 |
adjust_ace_pair_common(acep, maskoff, abstract_size, |
|
1208 |
(mode & 0070) >> 3); /* group@ */ |
|
1209 |
||
1210 |
acep = (caddr_t)acep + (abstract_size * 2); |
|
1211 |
adjust_ace_pair_common(acep, maskoff, |
|
1212 |
abstract_size, mode); /* everyone@ */ |
|
| 789 | 1213 |
} |
1214 |
||
1215 |
||
1216 |
static int |
|
| 5331 | 1217 |
zfs_acl_ace_match(zfs_acl_t *aclp, void *acep, int allow_deny, |
1218 |
int entry_type, int accessmask) |
|
| 789 | 1219 |
{
|
| 5331 | 1220 |
uint32_t mask = aclp->z_ops.ace_mask_get(acep); |
1221 |
uint16_t type = aclp->z_ops.ace_type_get(acep); |
|
1222 |
uint16_t flags = aclp->z_ops.ace_flags_get(acep); |
|
1223 |
||
1224 |
return (mask == accessmask && type == allow_deny && |
|
1225 |
((flags & ACE_TYPE_FLAGS) == entry_type)); |
|
| 789 | 1226 |
} |
1227 |
||
1228 |
/* |
|
1229 |
* Can prepended ACE be reused? |
|
1230 |
*/ |
|
1231 |
static int |
|
| 5331 | 1232 |
zfs_reuse_deny(zfs_acl_t *aclp, void *acep, void *prevacep) |
| 789 | 1233 |
{
|
1234 |
int okay_masks; |
|
| 5331 | 1235 |
uint16_t prevtype; |
1236 |
uint16_t prevflags; |
|
1237 |
uint16_t flags; |
|
1238 |
uint32_t mask, prevmask; |
|
| 789 | 1239 |
|
| 5331 | 1240 |
if (prevacep == NULL) |
| 789 | 1241 |
return (B_FALSE); |
1242 |
||
| 5331 | 1243 |
prevtype = aclp->z_ops.ace_type_get(prevacep); |
1244 |
prevflags = aclp->z_ops.ace_flags_get(prevacep); |
|
1245 |
flags = aclp->z_ops.ace_flags_get(acep); |
|
1246 |
mask = aclp->z_ops.ace_mask_get(acep); |
|
1247 |
prevmask = aclp->z_ops.ace_mask_get(prevacep); |
|
1248 |
||
1249 |
if (prevtype != DENY) |
|
| 789 | 1250 |
return (B_FALSE); |
1251 |
||
| 5331 | 1252 |
if (prevflags != (flags & ACE_IDENTIFIER_GROUP)) |
| 789 | 1253 |
return (B_FALSE); |
1254 |
||
| 5331 | 1255 |
okay_masks = (mask & OKAY_MASK_BITS); |
| 789 | 1256 |
|
| 5331 | 1257 |
if (prevmask & ~okay_masks) |
| 789 | 1258 |
return (B_FALSE); |
1259 |
||
1260 |
return (B_TRUE); |
|
1261 |
} |
|
1262 |
||
1263 |
||
| 5331 | 1264 |
/* |
1265 |
* Insert new ACL node into chain of zfs_acl_node_t's |
|
1266 |
* |
|
1267 |
* This will result in two possible results. |
|
1268 |
* 1. If the ACL is currently just a single zfs_acl_node and |
|
1269 |
* we are prepending the entry then current acl node will have |
|
1270 |
* a new node inserted above it. |
|
1271 |
* |
|
1272 |
* 2. If we are inserting in the middle of current acl node then |
|
1273 |
* the current node will be split in two and new node will be inserted |
|
1274 |
* in between the two split nodes. |
|
1275 |
*/ |
|
1276 |
static zfs_acl_node_t * |
|
1277 |
zfs_acl_ace_insert(zfs_acl_t *aclp, void *acep) |
|
1278 |
{
|
|
1279 |
zfs_acl_node_t *newnode; |
|
1280 |
zfs_acl_node_t *trailernode = NULL; |
|
1281 |
zfs_acl_node_t *currnode = zfs_acl_curr_node(aclp); |
|
1282 |
int curr_idx = aclp->z_curr_node->z_ace_idx; |
|
1283 |
int trailer_count; |
|
1284 |
size_t oldsize; |
|
| 789 | 1285 |
|
| 5331 | 1286 |
newnode = zfs_acl_node_alloc(aclp->z_ops.ace_size(acep)); |
1287 |
newnode->z_ace_count = 1; |
|
1288 |
||
1289 |
oldsize = currnode->z_size; |
|
1290 |
||
1291 |
if (curr_idx != 1) {
|
|
1292 |
trailernode = zfs_acl_node_alloc(0); |
|
1293 |
trailernode->z_acldata = acep; |
|
1294 |
||
1295 |
trailer_count = currnode->z_ace_count - curr_idx + 1; |
|
1296 |
currnode->z_ace_count = curr_idx - 1; |
|
1297 |
currnode->z_size = (caddr_t)acep - (caddr_t)currnode->z_acldata; |
|
1298 |
trailernode->z_size = oldsize - currnode->z_size; |
|
1299 |
trailernode->z_ace_count = trailer_count; |
|
| 789 | 1300 |
} |
1301 |
||
| 5331 | 1302 |
aclp->z_acl_count += 1; |
1303 |
aclp->z_acl_bytes += aclp->z_ops.ace_size(acep); |
|
| 789 | 1304 |
|
| 5331 | 1305 |
if (curr_idx == 1) |
1306 |
list_insert_before(&aclp->z_acl, currnode, newnode); |
|
1307 |
else |
|
1308 |
list_insert_after(&aclp->z_acl, currnode, newnode); |
|
1309 |
if (trailernode) {
|
|
1310 |
list_insert_after(&aclp->z_acl, newnode, trailernode); |
|
1311 |
aclp->z_curr_node = trailernode; |
|
1312 |
trailernode->z_ace_idx = 1; |
|
| 789 | 1313 |
} |
1314 |
||
| 5331 | 1315 |
return (newnode); |
| 789 | 1316 |
} |
1317 |
||
1318 |
/* |
|
1319 |
* Prepend deny ACE |
|
1320 |
*/ |
|
| 5331 | 1321 |
static void * |
1322 |
zfs_acl_prepend_deny(znode_t *zp, zfs_acl_t *aclp, void *acep, |
|
| 789 | 1323 |
mode_t mode) |
1324 |
{
|
|
| 5331 | 1325 |
zfs_acl_node_t *aclnode; |
1326 |
void *newacep; |
|
1327 |
uint64_t fuid; |
|
1328 |
uint16_t flags; |
|
| 789 | 1329 |
|
| 5331 | 1330 |
aclnode = zfs_acl_ace_insert(aclp, acep); |
1331 |
newacep = aclnode->z_acldata; |
|
1332 |
fuid = aclp->z_ops.ace_who_get(acep); |
|
1333 |
flags = aclp->z_ops.ace_flags_get(acep); |
|
1334 |
zfs_set_ace(aclp, newacep, 0, DENY, fuid, (flags & ACE_TYPE_FLAGS)); |
|
1335 |
zfs_acl_prepend_fixup(aclp, newacep, acep, mode, zp->z_phys->zp_uid); |
|
1336 |
||
1337 |
return (newacep); |
|
| 789 | 1338 |
} |
1339 |
||
1340 |
/* |
|
1341 |
* Split an inherited ACE into inherit_only ACE |
|
1342 |
* and original ACE with inheritance flags stripped off. |
|
1343 |
*/ |
|
1344 |
static void |
|
| 5331 | 1345 |
zfs_acl_split_ace(zfs_acl_t *aclp, zfs_ace_hdr_t *acep) |
| 789 | 1346 |
{
|
| 5331 | 1347 |
zfs_acl_node_t *aclnode; |
| 5435 | 1348 |
zfs_acl_node_t *currnode; |
| 5331 | 1349 |
void *newacep; |
1350 |
uint16_t type, flags; |
|
1351 |
uint32_t mask; |
|
1352 |
uint64_t fuid; |
|
| 789 | 1353 |
|
| 5331 | 1354 |
type = aclp->z_ops.ace_type_get(acep); |
1355 |
flags = aclp->z_ops.ace_flags_get(acep); |
|
1356 |
mask = aclp->z_ops.ace_mask_get(acep); |
|
1357 |
fuid = aclp->z_ops.ace_who_get(acep); |
|
1358 |
||
1359 |
aclnode = zfs_acl_ace_insert(aclp, acep); |
|
1360 |
newacep = aclnode->z_acldata; |
|
1361 |
||
1362 |
aclp->z_ops.ace_type_set(newacep, type); |
|
1363 |
aclp->z_ops.ace_flags_set(newacep, flags | ACE_INHERIT_ONLY_ACE); |
|
1364 |
aclp->z_ops.ace_mask_set(newacep, mask); |
|
1365 |
aclp->z_ops.ace_type_set(newacep, type); |
|
1366 |
aclp->z_ops.ace_who_set(newacep, fuid); |
|
1367 |
aclp->z_next_ace = acep; |
|
1368 |
flags &= ~ALL_INHERIT; |
|
1369 |
aclp->z_ops.ace_flags_set(acep, flags); |
|
| 5435 | 1370 |
currnode = zfs_acl_curr_node(aclp); |
1371 |
ASSERT(currnode->z_ace_idx >= 1); |
|
| 5331 | 1372 |
currnode->z_ace_idx -= 1; |
| 789 | 1373 |
} |
1374 |
||
1375 |
/* |
|
1376 |
* Are ACES started at index i, the canonical six ACES? |
|
1377 |
*/ |
|
1378 |
static int |
|
| 5331 | 1379 |
zfs_have_canonical_six(zfs_acl_t *aclp) |
| 789 | 1380 |
{
|
| 5331 | 1381 |
void *acep; |
1382 |
zfs_acl_node_t *aclnode = list_tail(&aclp->z_acl); |
|
1383 |
int i = 0; |
|
1384 |
size_t abstract_size = aclp->z_ops.ace_abstract_size(); |
|
1385 |
||
1386 |
ASSERT(aclnode != NULL); |
|
| 789 | 1387 |
|
| 5331 | 1388 |
if (aclnode->z_ace_count < 6) |
1389 |
return (0); |
|
1390 |
||
1391 |
acep = (void *)((caddr_t)aclnode->z_acldata + |
|
1392 |
aclnode->z_size - (aclp->z_ops.ace_abstract_size() * 6)); |
|
1393 |
||
1394 |
if ((zfs_acl_ace_match(aclp, (caddr_t)acep + (abstract_size * i++), |
|
| 789 | 1395 |
DENY, ACE_OWNER, 0) && |
| 5331 | 1396 |
zfs_acl_ace_match(aclp, (caddr_t)acep + (abstract_size * i++), |
1397 |
ALLOW, ACE_OWNER, OWNER_ALLOW_MASK) && |
|
1398 |
zfs_acl_ace_match(aclp, (caddr_t)acep + (abstract_size * i++), DENY, |
|
1399 |
OWNING_GROUP, 0) && zfs_acl_ace_match(aclp, (caddr_t)acep + |
|
1400 |
(abstract_size * i++), |
|
1401 |
ALLOW, OWNING_GROUP, 0) && |
|
1402 |
zfs_acl_ace_match(aclp, (caddr_t)acep + (abstract_size * i++), |
|
| 789 | 1403 |
DENY, ACE_EVERYONE, EVERYONE_DENY_MASK) && |
| 5331 | 1404 |
zfs_acl_ace_match(aclp, (caddr_t)acep + (abstract_size * i++), |
1405 |
ALLOW, ACE_EVERYONE, EVERYONE_ALLOW_MASK))) {
|
|
| 789 | 1406 |
return (1); |
1407 |
} else {
|
|
1408 |
return (0); |
|
1409 |
} |
|
1410 |
} |
|
1411 |
||
| 5331 | 1412 |
|
| 789 | 1413 |
/* |
1414 |
* Apply step 1g, to group entries |
|
1415 |
* |
|
1416 |
* Need to deal with corner case where group may have |
|
1417 |
* greater permissions than owner. If so then limit |
|
1418 |
* group permissions, based on what extra permissions |
|
1419 |
* group has. |
|
1420 |
*/ |
|
1421 |
static void |
|
| 5331 | 1422 |
zfs_fixup_group_entries(zfs_acl_t *aclp, void *acep, void *prevacep, |
1423 |
mode_t mode) |
|
| 789 | 1424 |
{
|
| 5331 | 1425 |
uint32_t prevmask = aclp->z_ops.ace_mask_get(prevacep); |
1426 |
uint32_t mask = aclp->z_ops.ace_mask_get(acep); |
|
1427 |
uint16_t prevflags = aclp->z_ops.ace_flags_get(prevacep); |
|
| 789 | 1428 |
mode_t extramode = (mode >> 3) & 07; |
1429 |
mode_t ownermode = (mode >> 6); |
|
1430 |
||
| 5331 | 1431 |
if (prevflags & ACE_IDENTIFIER_GROUP) {
|
| 789 | 1432 |
|
1433 |
extramode &= ~ownermode; |
|
1434 |
||
1435 |
if (extramode) {
|
|
| 5331 | 1436 |
if (extramode & S_IROTH) {
|
1437 |
prevmask &= ~ACE_READ_DATA; |
|
1438 |
mask &= ~ACE_READ_DATA; |
|
| 789 | 1439 |
} |
| 5331 | 1440 |
if (extramode & S_IWOTH) {
|
1441 |
prevmask &= ~(ACE_WRITE_DATA|ACE_APPEND_DATA); |
|
1442 |
mask &= ~(ACE_WRITE_DATA|ACE_APPEND_DATA); |
|
| 789 | 1443 |
} |
| 5331 | 1444 |
if (extramode & S_IXOTH) {
|
1445 |
prevmask &= ~ACE_EXECUTE; |
|
1446 |
mask &= ~ACE_EXECUTE; |
|
| 789 | 1447 |
} |
1448 |
} |
|
1449 |
} |
|
| 5331 | 1450 |
aclp->z_ops.ace_mask_set(acep, mask); |
1451 |
aclp->z_ops.ace_mask_set(prevacep, prevmask); |
|
| 789 | 1452 |
} |
1453 |
||
1454 |
/* |
|
1455 |
* Apply the chmod algorithm as described |
|
1456 |
* in PSARC/2002/240 |
|
1457 |
*/ |
|
| 5824 | 1458 |
static void |
1459 |
zfs_acl_chmod(znode_t *zp, uint64_t mode, zfs_acl_t *aclp) |
|
| 789 | 1460 |
{
|
1461 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
| 5331 | 1462 |
void *acep = NULL, *prevacep = NULL; |
1463 |
uint64_t who; |
|
| 789 | 1464 |
int i; |
1465 |
int entry_type; |
|
1466 |
int reuse_deny; |
|
1467 |
int need_canonical_six = 1; |
|
| 5331 | 1468 |
uint16_t iflags, type; |
1469 |
uint32_t access_mask; |
|
| 789 | 1470 |
|
1471 |
ASSERT(MUTEX_HELD(&zp->z_acl_lock)); |
|
1472 |
ASSERT(MUTEX_HELD(&zp->z_lock)); |
|
1473 |
||
| 5331 | 1474 |
aclp->z_hints = (zp->z_phys->zp_flags & V4_ACL_WIDE_FLAGS); |
|
5489
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1475 |
|
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1476 |
/* |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1477 |
* If discard then just discard all ACL nodes which |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1478 |
* represent the ACEs. |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1479 |
* |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1480 |
* New owner@/group@/everone@ ACEs will be added |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1481 |
* later. |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1482 |
*/ |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1483 |
if (zfsvfs->z_acl_mode == ZFS_ACL_DISCARD) |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1484 |
zfs_acl_release_nodes(aclp); |
|
25bfaf065197
6601830 mismatch between zfs_mount() behavior and comment
marks
parents:
5435
diff
changeset
|
1485 |
|
| 5331 | 1486 |
while (acep = zfs_acl_next_ace(aclp, acep, &who, &access_mask, |
1487 |
&iflags, &type)) {
|
|
1488 |
||
1489 |
entry_type = (iflags & ACE_TYPE_FLAGS); |
|
1490 |
iflags = (iflags & ALL_INHERIT); |
|
| 789 | 1491 |
|
| 5331 | 1492 |
if ((type != ALLOW && type != DENY) || |
|
905
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1493 |
(iflags & ACE_INHERIT_ONLY_ACE)) {
|
|
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1494 |
if (iflags) |
| 5331 | 1495 |
aclp->z_hints |= ZFS_INHERIT_ACE; |
1496 |
switch (type) {
|
|
1497 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
1498 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
1499 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
1500 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
1501 |
aclp->z_hints |= ZFS_ACL_OBJ_ACE; |
|
1502 |
break; |
|
1503 |
} |
|
1504 |
goto nextace; |
|
| 789 | 1505 |
} |
1506 |
||
1507 |
/* |
|
1508 |
* Need to split ace into two? |
|
1509 |
*/ |
|
|
905
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1510 |
if ((iflags & (ACE_FILE_INHERIT_ACE| |
| 789 | 1511 |
ACE_DIRECTORY_INHERIT_ACE)) && |
|
905
920e9b2e0899
6347134 zfs_zaccess() is killing ZFS stat() performance
marks
parents:
865
diff
changeset
|
1512 |
(!(iflags & ACE_INHERIT_ONLY_ACE))) {
|
| 5331 | 1513 |
zfs_acl_split_ace(aclp, acep); |
1514 |
aclp->z_hints |= ZFS_INHERIT_ACE; |
|
1515 |
goto nextace; |
|
| 789 | 1516 |
} |
1517 |
||
1518 |
if (entry_type == ACE_OWNER || entry_type == ACE_EVERYONE || |
|
1519 |
(entry_type == OWNING_GROUP)) {
|
|
| 5331 | 1520 |
access_mask &= ~OGE_CLEAR; |
1521 |
aclp->z_ops.ace_mask_set(acep, access_mask); |
|
1522 |
goto nextace; |
|
| 789 | 1523 |
} else {
|
| 5331 | 1524 |
reuse_deny = B_TRUE; |
1525 |
if (type == ALLOW) {
|
|
| 789 | 1526 |
|
1527 |
/* |
|
1528 |
* Check preceding ACE if any, to see |
|
1529 |
* if we need to prepend a DENY ACE. |
|
1530 |
* This is only applicable when the acl_mode |
|
1531 |
* property == groupmask. |
|
1532 |
*/ |
|
| 2676 | 1533 |
if (zfsvfs->z_acl_mode == ZFS_ACL_GROUPMASK) {
|
| 789 | 1534 |
|
| 5331 | 1535 |
reuse_deny = zfs_reuse_deny(aclp, acep, |
1536 |
prevacep); |
|
| 789 | 1537 |
|
1538 |
if (reuse_deny == B_FALSE) {
|
|
| 5331 | 1539 |
prevacep = |
1540 |
zfs_acl_prepend_deny(zp, |
|
1541 |
aclp, acep, mode); |
|
| 789 | 1542 |
} else {
|
1543 |
zfs_acl_prepend_fixup( |
|
| 5331 | 1544 |
aclp, prevacep, |
1545 |
acep, mode, |
|
| 789 | 1546 |
zp->z_phys->zp_uid); |
1547 |
} |
|
| 5331 | 1548 |
zfs_fixup_group_entries(aclp, acep, |
1549 |
prevacep, mode); |
|
1550 |
||
| 789 | 1551 |
} |
1552 |
} |
|
1553 |
} |
|
| 5331 | 1554 |
nextace: |
1555 |
prevacep = acep; |
|
| 789 | 1556 |
} |
1557 |
||
1558 |
/* |
|
1559 |
* Check out last six aces, if we have six. |
|
1560 |
*/ |
|
1561 |
||
1562 |
if (aclp->z_acl_count >= 6) {
|
|
| 5331 | 1563 |
if (zfs_have_canonical_six(aclp)) {
|
| 789 | 1564 |
need_canonical_six = 0; |
1565 |
} |
|
1566 |
} |
|
1567 |
||
1568 |
if (need_canonical_six) {
|
|
| 5331 | 1569 |
size_t abstract_size = aclp->z_ops.ace_abstract_size(); |
1570 |
void *zacep; |
|
1571 |
zfs_acl_node_t *aclnode = |
|
1572 |
zfs_acl_node_alloc(abstract_size * 6); |
|
| 789 | 1573 |
|
| 5331 | 1574 |
aclnode->z_size = abstract_size * 6; |
1575 |
aclnode->z_ace_count = 6; |
|
1576 |
aclp->z_acl_bytes += aclnode->z_size; |
|
1577 |
list_insert_tail(&aclp->z_acl, aclnode); |
|
1578 |
||
1579 |
zacep = aclnode->z_acldata; |
|
1580 |
||
1581 |
i = 0; |
|
1582 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), |
|
1583 |
0, DENY, -1, ACE_OWNER); |
|
1584 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), |
|
1585 |
OWNER_ALLOW_MASK, ALLOW, -1, ACE_OWNER); |
|
1586 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), 0, |
|
1587 |
DENY, -1, OWNING_GROUP); |
|
1588 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), 0, |
|
1589 |
ALLOW, -1, OWNING_GROUP); |
|
1590 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), |
|
1591 |
EVERYONE_DENY_MASK, DENY, -1, ACE_EVERYONE); |
|
1592 |
zfs_set_ace(aclp, (caddr_t)zacep + (abstract_size * i++), |
|
1593 |
EVERYONE_ALLOW_MASK, ALLOW, -1, ACE_EVERYONE); |
|
| 789 | 1594 |
aclp->z_acl_count += 6; |
1595 |
} |
|
1596 |
||
1597 |
zfs_acl_fixup_canonical_six(aclp, mode); |
|
1598 |
} |
|
1599 |
||
1600 |
int |
|
| 5824 | 1601 |
zfs_acl_chmod_setattr(znode_t *zp, zfs_acl_t **aclp, uint64_t mode) |
| 789 | 1602 |
{
|
1603 |
int error; |
|
1604 |
||
| 5824 | 1605 |
mutex_enter(&zp->z_lock); |
| 789 | 1606 |
mutex_enter(&zp->z_acl_lock); |
| 5824 | 1607 |
*aclp = NULL; |
1608 |
error = zfs_acl_node_read(zp, aclp, B_TRUE); |
|
| 1544 | 1609 |
if (error == 0) |
| 5824 | 1610 |
zfs_acl_chmod(zp, mode, *aclp); |
| 789 | 1611 |
mutex_exit(&zp->z_acl_lock); |
| 5824 | 1612 |
mutex_exit(&zp->z_lock); |
| 789 | 1613 |
return (error); |
1614 |
} |
|
1615 |
||
1616 |
/* |
|
1617 |
* strip off write_owner and write_acl |
|
1618 |
*/ |
|
1619 |
static void |
|
| 5331 | 1620 |
zfs_securemode_update(zfsvfs_t *zfsvfs, zfs_acl_t *aclp, void *acep) |
| 789 | 1621 |
{
|
| 5331 | 1622 |
uint32_t mask = aclp->z_ops.ace_mask_get(acep); |
1623 |
||
| 2676 | 1624 |
if ((zfsvfs->z_acl_inherit == ZFS_ACL_SECURE) && |
| 5331 | 1625 |
(aclp->z_ops.ace_type_get(acep) == ALLOW)) {
|
1626 |
mask &= ~SECURE_CLEAR; |
|
1627 |
aclp->z_ops.ace_mask_set(acep, mask); |
|
1628 |
} |
|
1629 |
} |
|
1630 |
||
1631 |
/* |
|
1632 |
* Should ACE be inherited? |
|
1633 |
*/ |
|
1634 |
static int |
|
1635 |
zfs_ace_can_use(znode_t *zp, uint16_t acep_flags) |
|
1636 |
{
|
|
1637 |
int vtype = ZTOV(zp)->v_type; |
|
1638 |
int iflags = (acep_flags & 0xf); |
|
1639 |
||
1640 |
if ((vtype == VDIR) && (iflags & ACE_DIRECTORY_INHERIT_ACE)) |
|
1641 |
return (1); |
|
1642 |
else if (iflags & ACE_FILE_INHERIT_ACE) |
|
1643 |
return (!((vtype == VDIR) && |
|
1644 |
(iflags & ACE_NO_PROPAGATE_INHERIT_ACE))); |
|
1645 |
return (0); |
|
| 789 | 1646 |
} |
1647 |
||
1648 |
/* |
|
1649 |
* inherit inheritable ACEs from parent |
|
1650 |
*/ |
|
1651 |
static zfs_acl_t * |
|
1652 |
zfs_acl_inherit(znode_t *zp, zfs_acl_t *paclp) |
|
1653 |
{
|
|
1654 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
| 5331 | 1655 |
void *pacep; |
1656 |
void *acep, *acep2; |
|
1657 |
zfs_acl_node_t *aclnode, *aclnode2; |
|
| 789 | 1658 |
zfs_acl_t *aclp = NULL; |
| 5331 | 1659 |
uint64_t who; |
1660 |
uint32_t access_mask; |
|
1661 |
uint16_t iflags, newflags, type; |
|
1662 |
size_t ace_size; |
|
1663 |
void *data1, *data2; |
|
1664 |
size_t data1sz, data2sz; |
|
| 789 | 1665 |
|
| 5331 | 1666 |
pacep = NULL; |
1667 |
aclp = zfs_acl_alloc(zfs_acl_version_zp(zp)); |
|
| 2676 | 1668 |
if (zfsvfs->z_acl_inherit != ZFS_ACL_DISCARD) {
|
| 5331 | 1669 |
while (pacep = zfs_acl_next_ace(paclp, pacep, &who, |
1670 |
&access_mask, &iflags, &type)) {
|
|
| 789 | 1671 |
|
| 2676 | 1672 |
if (zfsvfs->z_acl_inherit == ZFS_ACL_NOALLOW && |
| 5331 | 1673 |
type == ALLOW) |
| 789 | 1674 |
continue; |
1675 |
||
| 5331 | 1676 |
ace_size = aclp->z_ops.ace_size(pacep); |
| 789 | 1677 |
|
| 5331 | 1678 |
if (zfs_ace_can_use(zp, iflags)) {
|
1679 |
aclnode = |
|
1680 |
zfs_acl_node_alloc(ace_size); |
|
| 789 | 1681 |
|
| 5331 | 1682 |
list_insert_tail(&aclp->z_acl, aclnode); |
1683 |
acep = aclnode->z_acldata; |
|
1684 |
zfs_set_ace(aclp, acep, access_mask, type, |
|
1685 |
who, iflags|ACE_INHERITED_ACE); |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
1686 |
|
| 789 | 1687 |
/* |
| 5331 | 1688 |
* Copy special opaque data if any |
| 789 | 1689 |
*/ |
| 5331 | 1690 |
if ((data1sz = paclp->z_ops.ace_data(pacep, |
1691 |
&data1)) != 0) {
|
|
1692 |
VERIFY((data2sz = |
|
1693 |
aclp->z_ops.ace_data(acep, |
|
1694 |
&data2)) == data1sz); |
|
1695 |
bcopy(data1, data2, data2sz); |
|
1696 |
} |
|
1697 |
aclp->z_acl_count++; |
|
1698 |
aclnode->z_ace_count++; |
|
1699 |
aclp->z_acl_bytes += aclnode->z_size; |
|
1700 |
newflags = aclp->z_ops.ace_flags_get(acep); |
|
1701 |
if ((iflags & |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
1702 |
ACE_NO_PROPAGATE_INHERIT_ACE) || |
|
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
1703 |
(ZTOV(zp)->v_type != VDIR)) {
|
| 5331 | 1704 |
newflags &= ~ALL_INHERIT; |
1705 |
aclp->z_ops.ace_flags_set(acep, |
|
1706 |
newflags|ACE_INHERITED_ACE); |
|
1707 |
zfs_securemode_update(zfsvfs, |
|
1708 |
aclp, acep); |
|
| 789 | 1709 |
continue; |
1710 |
} |
|
1711 |
||
1712 |
ASSERT(ZTOV(zp)->v_type == VDIR); |
|
1713 |
||
| 5331 | 1714 |
newflags = aclp->z_ops.ace_flags_get(acep); |
1715 |
if ((iflags & (ACE_FILE_INHERIT_ACE | |
|
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
1716 |
ACE_DIRECTORY_INHERIT_ACE)) != |
|
865
4223fbdac5f3
6344681 chmod file_inherit should not added the specified ACE to new create subdirectores.
marks
parents:
789
diff
changeset
|
1717 |
ACE_FILE_INHERIT_ACE) {
|
| 5331 | 1718 |
aclnode2 = zfs_acl_node_alloc(ace_size); |
1719 |
list_insert_tail(&aclp->z_acl, |
|
1720 |
aclnode2); |
|
1721 |
acep2 = aclnode2->z_acldata; |
|
1722 |
zfs_set_ace(aclp, acep2, |
|
1723 |
access_mask, type, who, |
|
1724 |
iflags|ACE_INHERITED_ACE); |
|
1725 |
newflags |= ACE_INHERIT_ONLY_ACE; |
|
1726 |
aclp->z_ops.ace_flags_set(acep, |
|
1727 |
newflags); |
|
1728 |
newflags &= ~ALL_INHERIT; |
|
1729 |
aclp->z_ops.ace_flags_set(acep2, |
|
1730 |
newflags|ACE_INHERITED_ACE); |
|
1731 |
||
1732 |
/* |
|
1733 |
* Copy special opaque data if any |
|
1734 |
*/ |
|
1735 |
if ((data1sz = |
|
1736 |
aclp->z_ops.ace_data(acep, |
|
1737 |
&data1)) != 0) {
|
|
1738 |
VERIFY((data2sz = |
|
1739 |
aclp->z_ops.ace_data(acep2, |
|
1740 |
&data2)) == data1sz); |
|
1741 |
bcopy(data1, data2, data1sz); |
|
1742 |
} |
|
1743 |
aclp->z_acl_count++; |
|
1744 |
aclnode2->z_ace_count++; |
|
1745 |
aclp->z_acl_bytes += aclnode->z_size; |
|
1746 |
zfs_securemode_update(zfsvfs, |
|
1747 |
aclp, acep2); |
|
|
865
4223fbdac5f3
6344681 chmod file_inherit should not added the specified ACE to new create subdirectores.
marks
parents:
789
diff
changeset
|
1748 |
} else {
|
| 5331 | 1749 |
newflags |= ACE_INHERIT_ONLY_ACE; |
1750 |
aclp->z_ops.ace_flags_set(acep, |
|
1751 |
newflags|ACE_INHERITED_ACE); |
|
|
865
4223fbdac5f3
6344681 chmod file_inherit should not added the specified ACE to new create subdirectores.
marks
parents:
789
diff
changeset
|
1752 |
} |
| 5331 | 1753 |
|
| 789 | 1754 |
} |
1755 |
} |
|
1756 |
} |
|
1757 |
return (aclp); |
|
1758 |
} |
|
1759 |
||
1760 |
/* |
|
1761 |
* Create file system object initial permissions |
|
1762 |
* including inheritable ACEs. |
|
1763 |
*/ |
|
1764 |
void |
|
1765 |
zfs_perm_init(znode_t *zp, znode_t *parent, int flag, |
|
| 5331 | 1766 |
vattr_t *vap, dmu_tx_t *tx, cred_t *cr, |
1767 |
zfs_acl_t *setaclp, zfs_fuid_info_t **fuidp) |
|
| 789 | 1768 |
{
|
1769 |
uint64_t mode; |
|
| 5331 | 1770 |
uint64_t uid; |
1771 |
uint64_t gid; |
|
| 789 | 1772 |
int error; |
1773 |
int pull_down; |
|
| 5331 | 1774 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
1775 |
zfs_acl_t *aclp = NULL; |
|
1776 |
zfs_acl_t *paclp; |
|
1777 |
xvattr_t *xvap = (xvattr_t *)vap; |
|
1778 |
||
1779 |
if (setaclp) |
|
1780 |
aclp = setaclp; |
|
| 789 | 1781 |
|
1782 |
mode = MAKEIMODE(vap->va_type, vap->va_mode); |
|
1783 |
||
1784 |
/* |
|
1785 |
* Determine uid and gid. |
|
1786 |
*/ |
|
1787 |
if ((flag & (IS_ROOT_NODE | IS_REPLAY)) || |
|
1788 |
((flag & IS_XATTR) && (vap->va_type == VDIR))) {
|
|
| 5771 | 1789 |
uid = zfs_fuid_create(zfsvfs, vap->va_uid, cr, |
| 5331 | 1790 |
ZFS_OWNER, tx, fuidp); |
| 5771 | 1791 |
gid = zfs_fuid_create(zfsvfs, vap->va_gid, cr, |
| 5331 | 1792 |
ZFS_GROUP, tx, fuidp); |
| 789 | 1793 |
} else {
|
| 5331 | 1794 |
uid = zfs_fuid_create_cred(zfsvfs, crgetuid(cr), |
1795 |
ZFS_OWNER, tx, cr, fuidp); |
|
| 789 | 1796 |
if ((vap->va_mask & AT_GID) && |
1797 |
((vap->va_gid == parent->z_phys->zp_gid) || |
|
1798 |
groupmember(vap->va_gid, cr) || |
|
| 5331 | 1799 |
secpolicy_vnode_create_gid(cr) == 0)) {
|
1800 |
gid = zfs_fuid_create_cred(zfsvfs, vap->va_gid, |
|
1801 |
ZFS_GROUP, tx, cr, fuidp); |
|
1802 |
} else {
|
|
| 789 | 1803 |
gid = (parent->z_phys->zp_mode & S_ISGID) ? |
1804 |
parent->z_phys->zp_gid : crgetgid(cr); |
|
| 5331 | 1805 |
gid = zfs_fuid_create_cred(zfsvfs, gid, |
1806 |
ZFS_GROUP, tx, cr, fuidp); |
|
1807 |
} |
|
| 789 | 1808 |
} |
1809 |
||
1810 |
/* |
|
1811 |
* If we're creating a directory, and the parent directory has the |
|
1812 |
* set-GID bit set, set in on the new directory. |
|
1813 |
* Otherwise, if the user is neither privileged nor a member of the |
|
1814 |
* file's new group, clear the file's set-GID bit. |
|
1815 |
*/ |
|
1816 |
||
1817 |
if ((parent->z_phys->zp_mode & S_ISGID) && (vap->va_type == VDIR)) |
|
1818 |
mode |= S_ISGID; |
|
1819 |
else {
|
|
1820 |
if ((mode & S_ISGID) && |
|
1821 |
secpolicy_vnode_setids_setgids(cr, gid) != 0) |
|
1822 |
mode &= ~S_ISGID; |
|
1823 |
} |
|
1824 |
||
1825 |
zp->z_phys->zp_uid = uid; |
|
1826 |
zp->z_phys->zp_gid = gid; |
|
1827 |
zp->z_phys->zp_mode = mode; |
|
1828 |
||
| 5331 | 1829 |
if (aclp == NULL) {
|
1830 |
mutex_enter(&parent->z_lock); |
|
1831 |
pull_down = (parent->z_phys->zp_flags & ZFS_INHERIT_ACE); |
|
1832 |
if (pull_down) {
|
|
1833 |
mutex_enter(&parent->z_acl_lock); |
|
1834 |
VERIFY(0 == zfs_acl_node_read(parent, &paclp, B_FALSE)); |
|
1835 |
mutex_exit(&parent->z_acl_lock); |
|
1836 |
aclp = zfs_acl_inherit(zp, paclp); |
|
1837 |
zfs_acl_free(paclp); |
|
1838 |
} else {
|
|
1839 |
aclp = zfs_acl_alloc(zfs_acl_version_zp(zp)); |
|
1840 |
} |
|
1841 |
mutex_exit(&parent->z_lock); |
|
1842 |
mutex_enter(&zp->z_lock); |
|
1843 |
mutex_enter(&zp->z_acl_lock); |
|
| 5824 | 1844 |
zfs_acl_chmod(zp, mode, aclp); |
| 789 | 1845 |
} else {
|
| 5331 | 1846 |
mutex_enter(&zp->z_lock); |
1847 |
mutex_enter(&zp->z_acl_lock); |
|
| 789 | 1848 |
} |
| 5331 | 1849 |
|
1850 |
/* Force auto_inherit on all new directory objects */ |
|
1851 |
if (vap->va_type == VDIR) |
|
1852 |
aclp->z_hints |= ZFS_ACL_AUTO_INHERIT; |
|
1853 |
||
| 5771 | 1854 |
error = zfs_aclset_common(zp, aclp, cr, fuidp, tx); |
| 5331 | 1855 |
|
1856 |
/* Set optional attributes if any */ |
|
1857 |
if (vap->va_mask & AT_XVATTR) |
|
1858 |
zfs_xvattr_set(zp, xvap); |
|
1859 |
||
| 789 | 1860 |
mutex_exit(&zp->z_lock); |
1861 |
mutex_exit(&zp->z_acl_lock); |
|
1862 |
ASSERT3U(error, ==, 0); |
|
1863 |
||
| 5331 | 1864 |
if (aclp != setaclp) {
|
1865 |
zfs_acl_free(aclp); |
|
1866 |
} |
|
| 789 | 1867 |
} |
1868 |
||
1869 |
/* |
|
1870 |
* Retrieve a files ACL |
|
1871 |
*/ |
|
1872 |
int |
|
| 5331 | 1873 |
zfs_getacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr) |
| 789 | 1874 |
{
|
1875 |
zfs_acl_t *aclp; |
|
| 5331 | 1876 |
ulong_t mask; |
| 789 | 1877 |
int error; |
| 5331 | 1878 |
int count = 0; |
1879 |
int largeace = 0; |
|
| 789 | 1880 |
|
| 5331 | 1881 |
mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT | |
1882 |
VSA_ACE_ACLFLAGS | VSA_ACE_ALLTYPES); |
|
1883 |
||
1884 |
if (error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr)) |
|
1885 |
return (error); |
|
| 789 | 1886 |
|
1887 |
if (mask == 0) |
|
1888 |
return (ENOSYS); |
|
1889 |
||
1890 |
mutex_enter(&zp->z_acl_lock); |
|
1891 |
||
| 5331 | 1892 |
error = zfs_acl_node_read(zp, &aclp, B_FALSE); |
| 1544 | 1893 |
if (error != 0) {
|
1894 |
mutex_exit(&zp->z_acl_lock); |
|
1895 |
return (error); |
|
1896 |
} |
|
1897 |
||
| 5331 | 1898 |
/* |
1899 |
* Scan ACL to determine number of ACEs |
|
1900 |
*/ |
|
1901 |
if ((zp->z_phys->zp_flags & ZFS_ACL_OBJ_ACE) && |
|
1902 |
!(mask & VSA_ACE_ALLTYPES)) {
|
|
1903 |
void *zacep = NULL; |
|
1904 |
uint64_t who; |
|
1905 |
uint32_t access_mask; |
|
1906 |
uint16_t type, iflags; |
|
1907 |
||
1908 |
while (zacep = zfs_acl_next_ace(aclp, zacep, |
|
1909 |
&who, &access_mask, &iflags, &type)) {
|
|
1910 |
switch (type) {
|
|
1911 |
case ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE: |
|
1912 |
case ACE_ACCESS_DENIED_OBJECT_ACE_TYPE: |
|
1913 |
case ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE: |
|
1914 |
case ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE: |
|
1915 |
largeace++; |
|
1916 |
continue; |
|
1917 |
default: |
|
1918 |
count++; |
|
1919 |
} |
|
1920 |
} |
|
1921 |
vsecp->vsa_aclcnt = count; |
|
1922 |
} else |
|
1923 |
count = aclp->z_acl_count; |
|
| 789 | 1924 |
|
1925 |
if (mask & VSA_ACECNT) {
|
|
| 5331 | 1926 |
vsecp->vsa_aclcnt = count; |
| 789 | 1927 |
} |
1928 |
||
1929 |
if (mask & VSA_ACE) {
|
|
| 5331 | 1930 |
size_t aclsz; |
1931 |
||
1932 |
zfs_acl_node_t *aclnode = list_head(&aclp->z_acl); |
|
1933 |
||
1934 |
aclsz = count * sizeof (ace_t) + |
|
1935 |
sizeof (ace_object_t) * largeace; |
|
1936 |
||
1937 |
vsecp->vsa_aclentp = kmem_alloc(aclsz, KM_SLEEP); |
|
1938 |
vsecp->vsa_aclentsz = aclsz; |
|
1939 |
||
1940 |
if (aclp->z_version == ZFS_ACL_VERSION_FUID) |
|
| 5771 | 1941 |
zfs_copy_fuid_2_ace(zp->z_zfsvfs, aclp, cr, |
| 5331 | 1942 |
vsecp->vsa_aclentp, !(mask & VSA_ACE_ALLTYPES)); |
1943 |
else {
|
|
1944 |
bcopy(aclnode->z_acldata, vsecp->vsa_aclentp, |
|
1945 |
count * sizeof (ace_t)); |
|
1946 |
} |
|
1947 |
} |
|
1948 |
if (mask & VSA_ACE_ACLFLAGS) {
|
|
1949 |
vsecp->vsa_aclflags = 0; |
|
1950 |
if (zp->z_phys->zp_flags & ZFS_ACL_DEFAULTED) |
|
1951 |
vsecp->vsa_aclflags |= ACL_DEFAULTED; |
|
1952 |
if (zp->z_phys->zp_flags & ZFS_ACL_PROTECTED) |
|
1953 |
vsecp->vsa_aclflags |= ACL_PROTECTED; |
|
1954 |
if (zp->z_phys->zp_flags & ZFS_ACL_AUTO_INHERIT) |
|
1955 |
vsecp->vsa_aclflags |= ACL_AUTO_INHERIT; |
|
| 789 | 1956 |
} |
1957 |
||
1958 |
mutex_exit(&zp->z_acl_lock); |
|
1959 |
||
1960 |
zfs_acl_free(aclp); |
|
1961 |
||
1962 |
return (0); |
|
1963 |
} |
|
1964 |
||
| 5331 | 1965 |
int |
1966 |
zfs_vsec_2_aclp(zfsvfs_t *zfsvfs, vtype_t obj_type, |
|
1967 |
vsecattr_t *vsecp, zfs_acl_t **zaclp) |
|
1968 |
{
|
|
1969 |
zfs_acl_t *aclp; |
|
1970 |
zfs_acl_node_t *aclnode; |
|
1971 |
int aclcnt = vsecp->vsa_aclcnt; |
|
1972 |
int error; |
|
1973 |
||
1974 |
if (vsecp->vsa_aclcnt > MAX_ACL_ENTRIES || vsecp->vsa_aclcnt <= 0) |
|
1975 |
return (EINVAL); |
|
1976 |
||
1977 |
aclp = zfs_acl_alloc(zfs_acl_version(zfsvfs->z_version)); |
|
1978 |
||
1979 |
aclp->z_hints = 0; |
|
1980 |
aclnode = zfs_acl_node_alloc(aclcnt * sizeof (zfs_object_ace_t)); |
|
1981 |
if (aclp->z_version == ZFS_ACL_VERSION_INITIAL) {
|
|
1982 |
if ((error = zfs_copy_ace_2_oldace(obj_type, aclp, |
|
1983 |
(ace_t *)vsecp->vsa_aclentp, aclnode->z_acldata, |
|
1984 |
aclcnt, &aclnode->z_size)) != 0) {
|
|
1985 |
zfs_acl_free(aclp); |
|
1986 |
zfs_acl_node_free(aclnode); |
|
1987 |
return (error); |
|
1988 |
} |
|
1989 |
} else {
|
|
1990 |
if ((error = zfs_copy_ace_2_fuid(obj_type, aclp, |
|
1991 |
vsecp->vsa_aclentp, aclnode->z_acldata, aclcnt, |
|
1992 |
&aclnode->z_size)) != 0) {
|
|
1993 |
zfs_acl_free(aclp); |
|
1994 |
zfs_acl_node_free(aclnode); |
|
1995 |
return (error); |
|
1996 |
} |
|
1997 |
} |
|
1998 |
aclp->z_acl_bytes = aclnode->z_size; |
|
1999 |
aclnode->z_ace_count = aclcnt; |
|
2000 |
aclp->z_acl_count = aclcnt; |
|
2001 |
list_insert_head(&aclp->z_acl, aclnode); |
|
2002 |
||
2003 |
/* |
|
2004 |
* If flags are being set then add them to z_hints |
|
2005 |
*/ |
|
2006 |
if (vsecp->vsa_mask & VSA_ACE_ACLFLAGS) {
|
|
2007 |
if (vsecp->vsa_aclflags & ACL_PROTECTED) |
|
2008 |
aclp->z_hints |= ZFS_ACL_PROTECTED; |
|
2009 |
if (vsecp->vsa_aclflags & ACL_DEFAULTED) |
|
2010 |
aclp->z_hints |= ZFS_ACL_DEFAULTED; |
|
2011 |
if (vsecp->vsa_aclflags & ACL_AUTO_INHERIT) |
|
2012 |
aclp->z_hints |= ZFS_ACL_AUTO_INHERIT; |
|
2013 |
} |
|
2014 |
||
2015 |
*zaclp = aclp; |
|
2016 |
||
2017 |
return (0); |
|
2018 |
} |
|
2019 |
||
| 789 | 2020 |
/* |
2021 |
* Set a files ACL |
|
2022 |
*/ |
|
2023 |
int |
|
| 5331 | 2024 |
zfs_setacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr) |
| 789 | 2025 |
{
|
2026 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
2027 |
zilog_t *zilog = zfsvfs->z_log; |
|
2028 |
ulong_t mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT); |
|
2029 |
dmu_tx_t *tx; |
|
2030 |
int error; |
|
2031 |
zfs_acl_t *aclp; |
|
| 5331 | 2032 |
zfs_fuid_info_t *fuidp = NULL; |
| 789 | 2033 |
|
2034 |
if (mask == 0) |
|
|
4300
d74de773d6e6
6528189 cp -p invalid argument issue on Redhat linux AS 3.0 NFS client against ZFS NFS directory
marks
parents:
2676
diff
changeset
|
2035 |
return (ENOSYS); |
| 789 | 2036 |
|
| 5331 | 2037 |
if (zp->z_phys->zp_flags & ZFS_IMMUTABLE) |
2038 |
return (EPERM); |
|
2039 |
||
2040 |
if (error = zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr)) |
|
2041 |
return (error); |
|
2042 |
||
2043 |
error = zfs_vsec_2_aclp(zfsvfs, ZTOV(zp)->v_type, vsecp, &aclp); |
|
2044 |
if (error) |
|
2045 |
return (error); |
|
2046 |
||
2047 |
/* |
|
2048 |
* If ACL wide flags aren't being set then preserve any |
|
2049 |
* existing flags. |
|
2050 |
*/ |
|
2051 |
if (!(vsecp->vsa_mask & VSA_ACE_ACLFLAGS)) {
|
|
2052 |
aclp->z_hints |= (zp->z_phys->zp_flags & V4_ACL_WIDE_FLAGS); |
|
2053 |
} |
|
| 789 | 2054 |
top: |
| 5331 | 2055 |
if (error = zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr)) {
|
2056 |
zfs_acl_free(aclp); |
|
2057 |
return (error); |
|
| 789 | 2058 |
} |
2059 |
||
2060 |
mutex_enter(&zp->z_lock); |
|
2061 |
mutex_enter(&zp->z_acl_lock); |
|
2062 |
||
2063 |
tx = dmu_tx_create(zfsvfs->z_os); |
|
2064 |
dmu_tx_hold_bonus(tx, zp->z_id); |
|
2065 |
||
2066 |
if (zp->z_phys->zp_acl.z_acl_extern_obj) {
|
|
| 5331 | 2067 |
/* Are we upgrading ACL? */ |
2068 |
if (zfsvfs->z_version <= ZPL_VERSION_FUID && |
|
2069 |
zp->z_phys->zp_acl.z_acl_version == |
|
2070 |
ZFS_ACL_VERSION_INITIAL) {
|
|
2071 |
dmu_tx_hold_free(tx, |
|
2072 |
zp->z_phys->zp_acl.z_acl_extern_obj, |
|
2073 |
0, DMU_OBJECT_END); |
|
2074 |
dmu_tx_hold_write(tx, DMU_NEW_OBJECT, |
|
| 5824 | 2075 |
0, aclp->z_acl_bytes); |
| 5331 | 2076 |
} else {
|
2077 |
dmu_tx_hold_write(tx, |
|
2078 |
zp->z_phys->zp_acl.z_acl_extern_obj, |
|
2079 |
0, aclp->z_acl_bytes); |
|
2080 |
} |
|
2081 |
} else if (aclp->z_acl_bytes > ZFS_ACE_SPACE) {
|
|
2082 |
dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0, aclp->z_acl_bytes); |
|
2083 |
} |
|
| 5824 | 2084 |
if (aclp->z_has_fuids) {
|
2085 |
if (zfsvfs->z_fuid_obj == 0) {
|
|
2086 |
dmu_tx_hold_bonus(tx, DMU_NEW_OBJECT); |
|
| 5331 | 2087 |
dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0, |
| 5824 | 2088 |
FUID_SIZE_ESTIMATE(zfsvfs)); |
2089 |
dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, FALSE, NULL); |
|
2090 |
} else {
|
|
2091 |
dmu_tx_hold_bonus(tx, zfsvfs->z_fuid_obj); |
|
2092 |
dmu_tx_hold_write(tx, zfsvfs->z_fuid_obj, 0, |
|
2093 |
FUID_SIZE_ESTIMATE(zfsvfs)); |
|
2094 |
} |
|
| 789 | 2095 |
} |
2096 |
||
2097 |
error = dmu_tx_assign(tx, zfsvfs->z_assign); |
|
2098 |
if (error) {
|
|
2099 |
mutex_exit(&zp->z_acl_lock); |
|
2100 |
mutex_exit(&zp->z_lock); |
|
2101 |
||
2102 |
if (error == ERESTART && zfsvfs->z_assign == TXG_NOWAIT) {
|
|
|
2113
0510bb40c993
6430121 3-way deadlock involving tc_lock within zfs
ahrens
parents:
2058
diff
changeset
|
2103 |
dmu_tx_wait(tx); |
|
0510bb40c993
6430121 3-way deadlock involving tc_lock within zfs
ahrens
parents:
2058
diff
changeset
|
2104 |
dmu_tx_abort(tx); |
| 789 | 2105 |
goto top; |
2106 |
} |
|
|
2113
0510bb40c993
6430121 3-way deadlock involving tc_lock within zfs
ahrens
parents:
2058
diff
changeset
|
2107 |
dmu_tx_abort(tx); |
| 5331 | 2108 |
zfs_acl_free(aclp); |
| 789 | 2109 |
return (error); |
2110 |
} |
|
2111 |
||
| 5771 | 2112 |
error = zfs_aclset_common(zp, aclp, cr, &fuidp, tx); |
| 789 | 2113 |
ASSERT(error == 0); |
2114 |
||
| 5331 | 2115 |
zfs_log_acl(zilog, tx, zp, vsecp, fuidp); |
2116 |
||
2117 |
if (fuidp) |
|
2118 |
zfs_fuid_info_free(fuidp); |
|
| 789 | 2119 |
zfs_acl_free(aclp); |
2120 |
dmu_tx_commit(tx); |
|
2121 |
done: |
|
2122 |
mutex_exit(&zp->z_acl_lock); |
|
2123 |
mutex_exit(&zp->z_lock); |
|
2124 |
||
2125 |
return (error); |
|
2126 |
} |
|
2127 |
||
| 5331 | 2128 |
/* |
2129 |
* working_mode returns the permissions that were not granted |
|
2130 |
*/ |
|
| 789 | 2131 |
static int |
| 5331 | 2132 |
zfs_zaccess_common(znode_t *zp, uint32_t v4_mode, uint32_t *working_mode, |
2133 |
boolean_t *check_privs, boolean_t skipaclchk, cred_t *cr) |
|
| 789 | 2134 |
{
|
2135 |
zfs_acl_t *aclp; |
|
2136 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
| 1544 | 2137 |
int error; |
| 789 | 2138 |
int access_deny = ACCESS_UNDETERMINED; |
2139 |
uid_t uid = crgetuid(cr); |
|
| 5331 | 2140 |
uint64_t who; |
2141 |
uint16_t type, iflags; |
|
2142 |
uint16_t entry_type; |
|
2143 |
uint32_t access_mask; |
|
2144 |
zfs_ace_hdr_t *acep = NULL; |
|
2145 |
boolean_t checkit; |
|
2146 |
uid_t fowner; |
|
2147 |
uid_t gowner; |
|
2148 |
||
2149 |
/* |
|
2150 |
* Short circuit empty requests |
|
2151 |
*/ |
|
2152 |
if (v4_mode == 0) |
|
2153 |
return (0); |
|
2154 |
||
2155 |
*check_privs = B_TRUE; |
|
| 789 | 2156 |
|
|
2638
4f583dfeae92
6413510 zfs: writing to ZFS filesystem slows down fsync() on other files in the same FS
perrin
parents:
2604
diff
changeset
|
2157 |
if (zfsvfs->z_assign >= TXG_INITIAL) { /* ZIL replay */
|
|
4f583dfeae92
6413510 zfs: writing to ZFS filesystem slows down fsync() on other files in the same FS
perrin
parents:
2604
diff
changeset
|
2158 |
*working_mode = 0; |
|
4f583dfeae92
6413510 zfs: writing to ZFS filesystem slows down fsync() on other files in the same FS
perrin
parents:
2604
diff
changeset
|
2159 |
return (0); |
|
4f583dfeae92
6413510 zfs: writing to ZFS filesystem slows down fsync() on other files in the same FS
perrin
parents:
2604
diff
changeset
|
2160 |
} |
| 789 | 2161 |
|
|
2638
4f583dfeae92
6413510 zfs: writing to ZFS filesystem slows down fsync() on other files in the same FS
perrin
parents:
2604
diff
changeset
|
2162 |
*working_mode = v4_mode; |
| 789 | 2163 |
|
2164 |
if ((v4_mode & WRITE_MASK) && |
|
2165 |
(zp->z_zfsvfs->z_vfs->vfs_flag & VFS_RDONLY) && |
|
2166 |
(!IS_DEVVP(ZTOV(zp)))) {
|
|
| 5331 | 2167 |
*check_privs = B_FALSE; |
| 789 | 2168 |
return (EROFS); |
2169 |
} |
|
2170 |
||
| 5331 | 2171 |
/* |
2172 |
* Only check for READONLY on non-directories. |
|
2173 |
*/ |
|
2174 |
if ((v4_mode & WRITE_MASK_DATA) && |
|
2175 |
(((ZTOV(zp)->v_type != VDIR) && |
|
2176 |
(zp->z_phys->zp_flags & (ZFS_READONLY | ZFS_IMMUTABLE))) || |
|
2177 |
(ZTOV(zp)->v_type == VDIR && |
|
2178 |
(zp->z_phys->zp_flags & ZFS_IMMUTABLE)))) {
|
|
2179 |
*check_privs = B_FALSE; |
|
2180 |
return (EPERM); |
|
2181 |
} |
|
2182 |
||
2183 |
if ((v4_mode & (ACE_DELETE | ACE_DELETE_CHILD)) && |
|
2184 |
(zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
|
|
2185 |
*check_privs = B_FALSE; |
|
2186 |
return (EPERM); |
|
2187 |
} |
|
2188 |
||
2189 |
if (((v4_mode & (ACE_READ_DATA|ACE_EXECUTE)) && |
|
2190 |
(zp->z_phys->zp_flags & ZFS_AV_QUARANTINED))) {
|
|
2191 |
*check_privs = B_FALSE; |
|
2192 |
return (EACCES); |
|
2193 |
} |
|
2194 |
||
2195 |
/* |
|
2196 |
* The caller requested that the ACL check be skipped. This |
|
2197 |
* would only happen if the caller checked VOP_ACCESS() with a |
|
2198 |
* 32 bit ACE mask and already had the appropriate permissions. |
|
2199 |
*/ |
|
2200 |
if (skipaclchk) {
|
|
2201 |
*working_mode = 0; |
|
2202 |
return (0); |
|
2203 |
} |
|
2204 |
||
| 5771 | 2205 |
zfs_fuid_map_ids(zp, cr, &fowner, &gowner); |
| 5331 | 2206 |
|
| 789 | 2207 |
mutex_enter(&zp->z_acl_lock); |
2208 |
||
| 5331 | 2209 |
error = zfs_acl_node_read(zp, &aclp, B_FALSE); |
| 1544 | 2210 |
if (error != 0) {
|
2211 |
mutex_exit(&zp->z_acl_lock); |
|
2212 |
return (error); |
|
2213 |
} |
|
2214 |
||
| 5331 | 2215 |
while (acep = zfs_acl_next_ace(aclp, acep, &who, &access_mask, |
2216 |
&iflags, &type)) {
|
|
| 789 | 2217 |
|
| 5331 | 2218 |
if (iflags & ACE_INHERIT_ONLY_ACE) |
| 789 | 2219 |
continue; |
2220 |
||
| 5331 | 2221 |
entry_type = (iflags & ACE_TYPE_FLAGS); |
2222 |
||
2223 |
checkit = B_FALSE; |
|
2224 |
||
| 789 | 2225 |
switch (entry_type) {
|
2226 |
case ACE_OWNER: |
|
| 5331 | 2227 |
if (uid == fowner) |
2228 |
checkit = B_TRUE; |
|
| 789 | 2229 |
break; |
| 5331 | 2230 |
case OWNING_GROUP: |
2231 |
who = gowner; |
|
2232 |
/*FALLTHROUGH*/ |
|
| 789 | 2233 |
case ACE_IDENTIFIER_GROUP: |
| 5331 | 2234 |
checkit = zfs_groupmember(zfsvfs, who, cr); |
| 789 | 2235 |
break; |
2236 |
case ACE_EVERYONE: |
|
| 5331 | 2237 |
checkit = B_TRUE; |
| 789 | 2238 |
break; |
2239 |
||
2240 |
/* USER Entry */ |
|
2241 |
default: |
|
2242 |
if (entry_type == 0) {
|
|
| 5331 | 2243 |
uid_t newid; |
2244 |
||
| 5771 | 2245 |
zfs_fuid_map_id(zfsvfs, who, cr, |
| 5331 | 2246 |
ZFS_ACE_USER, &newid); |
2247 |
if (newid != IDMAP_WK_CREATOR_OWNER_UID && |
|
2248 |
uid == newid) |
|
2249 |
checkit = B_TRUE; |
|
| 789 | 2250 |
break; |
| 5331 | 2251 |
} else {
|
2252 |
zfs_acl_free(aclp); |
|
2253 |
mutex_exit(&zp->z_acl_lock); |
|
2254 |
return (EIO); |
|
| 789 | 2255 |
} |
| 5331 | 2256 |
} |
2257 |
||
2258 |
if (checkit) {
|
|
2259 |
if (access_mask & *working_mode) {
|
|
2260 |
if (type == ALLOW) {
|
|
2261 |
*working_mode &= |
|
2262 |
~(*working_mode & access_mask); |
|
2263 |
if (*working_mode == 0) {
|
|
2264 |
access_deny = 0; |
|
2265 |
} |
|
2266 |
} else if (type == DENY) {
|
|
2267 |
access_deny = EACCES; |
|
2268 |
} |
|
2269 |
} |
|
| 789 | 2270 |
} |
2271 |
||
2272 |
if (access_deny != ACCESS_UNDETERMINED) |
|
2273 |
break; |
|
2274 |
} |
|
2275 |
||
2276 |
mutex_exit(&zp->z_acl_lock); |
|
2277 |
zfs_acl_free(aclp); |
|
| 5331 | 2278 |
out: |
| 789 | 2279 |
return (access_deny); |
2280 |
} |
|
2281 |
||
| 5331 | 2282 |
static int |
2283 |
zfs_zaccess_append(znode_t *zp, uint32_t *working_mode, boolean_t *check_privs, |
|
2284 |
cred_t *cr) |
|
2285 |
{
|
|
2286 |
if (*working_mode != ACE_WRITE_DATA) |
|
2287 |
return (EACCES); |
|
2288 |
||
2289 |
return (zfs_zaccess_common(zp, ACE_APPEND_DATA, working_mode, |
|
2290 |
check_privs, B_FALSE, cr)); |
|
2291 |
} |
|
| 789 | 2292 |
|
2293 |
/* |
|
2294 |
* Determine whether Access should be granted/denied, invoking least |
|
2295 |
* priv subsytem when a deny is determined. |
|
2296 |
*/ |
|
2297 |
int |
|
| 5331 | 2298 |
zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr) |
| 789 | 2299 |
{
|
| 5331 | 2300 |
uint32_t working_mode; |
2301 |
int error; |
|
2302 |
int is_attr; |
|
2303 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
2304 |
boolean_t check_privs; |
|
2305 |
znode_t *xzp; |
|
2306 |
znode_t *check_zp = zp; |
|
| 789 | 2307 |
|
2308 |
is_attr = ((zp->z_phys->zp_flags & ZFS_XATTR) && |
|
2309 |
(ZTOV(zp)->v_type == VDIR)); |
|
2310 |
||
2311 |
/* |
|
2312 |
* If attribute then validate against base file |
|
2313 |
*/ |
|
2314 |
if (is_attr) {
|
|
2315 |
if ((error = zfs_zget(zp->z_zfsvfs, |
|
2316 |
zp->z_phys->zp_parent, &xzp)) != 0) {
|
|
2317 |
return (error); |
|
2318 |
} |
|
| 5331 | 2319 |
|
| 789 | 2320 |
check_zp = xzp; |
| 5331 | 2321 |
|
| 789 | 2322 |
/* |
2323 |
* fixup mode to map to xattr perms |
|
2324 |
*/ |
|
2325 |
||
2326 |
if (mode & (ACE_WRITE_DATA|ACE_APPEND_DATA)) {
|
|
2327 |
mode &= ~(ACE_WRITE_DATA|ACE_APPEND_DATA); |
|
2328 |
mode |= ACE_WRITE_NAMED_ATTRS; |
|
2329 |
} |
|
2330 |
||
2331 |
if (mode & (ACE_READ_DATA|ACE_EXECUTE)) {
|
|
2332 |
mode &= ~(ACE_READ_DATA|ACE_EXECUTE); |
|
2333 |
mode |= ACE_READ_NAMED_ATTRS; |
|
2334 |
} |
|
2335 |
} |
|
2336 |
||
| 5331 | 2337 |
if ((error = zfs_zaccess_common(check_zp, mode, &working_mode, |
2338 |
&check_privs, skipaclchk, cr)) == 0) {
|
|
2339 |
if (is_attr) |
|
2340 |
VN_RELE(ZTOV(xzp)); |
|
2341 |
return (0); |
|
2342 |
} |
|
| 789 | 2343 |
|
| 5331 | 2344 |
if (error && check_privs == B_FALSE) {
|
| 789 | 2345 |
if (is_attr) |
2346 |
VN_RELE(ZTOV(xzp)); |
|
2347 |
return (error); |
|
2348 |
} |
|
2349 |
||
| 5331 | 2350 |
if (error && (flags & V_APPEND)) {
|
2351 |
error = zfs_zaccess_append(zp, &working_mode, &check_privs, cr); |
|
2352 |
} |
|
2353 |
||
2354 |
if (error && check_privs) {
|
|
2355 |
uid_t owner; |
|
2356 |
mode_t checkmode = 0; |
|
2357 |
||
| 5771 | 2358 |
zfs_fuid_map_id(zfsvfs, check_zp->z_phys->zp_uid, cr, |
| 5331 | 2359 |
ZFS_OWNER, &owner); |
2360 |
||
2361 |
/* |
|
2362 |
* First check for implicit owner permission on |
|
2363 |
* read_acl/read_attributes |
|
2364 |
*/ |
|
2365 |
||
2366 |
error = 0; |
|
2367 |
ASSERT(working_mode != 0); |
|
2368 |
||
2369 |
if ((working_mode & (ACE_READ_ACL|ACE_READ_ATTRIBUTES) && |
|
2370 |
owner == crgetuid(cr))) |
|
2371 |
working_mode &= ~(ACE_READ_ACL|ACE_READ_ATTRIBUTES); |
|
2372 |
||
2373 |
if (working_mode & (ACE_READ_DATA|ACE_READ_NAMED_ATTRS| |
|
2374 |
ACE_READ_ACL|ACE_READ_ATTRIBUTES)) |
|
2375 |
checkmode |= VREAD; |
|
2376 |
if (working_mode & (ACE_WRITE_DATA|ACE_WRITE_NAMED_ATTRS| |
|
2377 |
ACE_APPEND_DATA|ACE_WRITE_ATTRIBUTES)) |
|
2378 |
checkmode |= VWRITE; |
|
2379 |
if (working_mode & ACE_EXECUTE) |
|
2380 |
checkmode |= VEXEC; |
|
2381 |
||
2382 |
if (checkmode) |
|
2383 |
error = secpolicy_vnode_access(cr, ZTOV(check_zp), |
|
2384 |
owner, checkmode); |
|
2385 |
||
2386 |
if (error == 0 && (working_mode & ACE_WRITE_OWNER)) |
|
2387 |
error = secpolicy_vnode_create_gid(cr); |
|
2388 |
if (error == 0 && (working_mode & ACE_WRITE_ACL)) |
|
2389 |
error = secpolicy_vnode_setdac(cr, owner); |
|
2390 |
||
2391 |
if (error == 0 && (working_mode & |
|
2392 |
(ACE_DELETE|ACE_DELETE_CHILD))) |
|
2393 |
error = secpolicy_vnode_remove(cr); |
|
2394 |
||
2395 |
if (error == 0 && (working_mode & ACE_SYNCHRONIZE)) |
|
2396 |
error = secpolicy_vnode_owner(cr, owner); |
|
2397 |
||
2398 |
if (error == 0) {
|
|
2399 |
/* |
|
2400 |
* See if any bits other than those already checked |
|
2401 |
* for are still present. If so then return EACCES |
|
2402 |
*/ |
|
2403 |
if (working_mode & ~(ZFS_CHECKED_MASKS)) {
|
|
2404 |
error = EACCES; |
|
2405 |
} |
|
2406 |
} |
|
| 789 | 2407 |
} |
2408 |
||
2409 |
if (is_attr) |
|
2410 |
VN_RELE(ZTOV(xzp)); |
|
2411 |
||
2412 |
return (error); |
|
2413 |
} |
|
2414 |
||
2415 |
/* |
|
| 5331 | 2416 |
* Translate traditional unix VREAD/VWRITE/VEXEC mode into |
2417 |
* native ACL format and call zfs_zaccess() |
|
| 789 | 2418 |
*/ |
2419 |
int |
|
| 5331 | 2420 |
zfs_zaccess_rwx(znode_t *zp, mode_t mode, int flags, cred_t *cr) |
| 789 | 2421 |
{
|
| 5331 | 2422 |
return (zfs_zaccess(zp, zfs_unix_to_v4(mode >> 6), flags, B_FALSE, cr)); |
| 789 | 2423 |
} |
2424 |
||
2425 |
/* |
|
| 5331 | 2426 |
* Access function for secpolicy_vnode_setattr |
| 789 | 2427 |
*/ |
2428 |
int |
|
| 5331 | 2429 |
zfs_zaccess_unix(znode_t *zp, mode_t mode, cred_t *cr) |
| 789 | 2430 |
{
|
2431 |
int v4_mode = zfs_unix_to_v4(mode >> 6); |
|
2432 |
||
| 5331 | 2433 |
return (zfs_zaccess(zp, v4_mode, 0, B_FALSE, cr)); |
| 789 | 2434 |
} |
2435 |
||
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2436 |
static int |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2437 |
zfs_delete_final_check(znode_t *zp, znode_t *dzp, cred_t *cr) |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2438 |
{
|
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2439 |
int error; |
| 5331 | 2440 |
uid_t downer; |
2441 |
zfsvfs_t *zfsvfs = zp->z_zfsvfs; |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2442 |
|
| 5771 | 2443 |
zfs_fuid_map_id(zfsvfs, dzp->z_phys->zp_uid, cr, ZFS_OWNER, &downer); |
| 5331 | 2444 |
|
2445 |
error = secpolicy_vnode_access(cr, ZTOV(zp), downer, S_IWRITE|S_IEXEC); |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2446 |
|
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2447 |
if (error == 0) |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2448 |
error = zfs_sticky_remove_access(dzp, zp, cr); |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2449 |
|
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2450 |
return (error); |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2451 |
} |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2452 |
|
| 789 | 2453 |
/* |
2454 |
* Determine whether Access should be granted/deny, without |
|
2455 |
* consulting least priv subsystem. |
|
2456 |
* |
|
2457 |
* |
|
2458 |
* The following chart is the recommended NFSv4 enforcement for |
|
2459 |
* ability to delete an object. |
|
2460 |
* |
|
2461 |
* ------------------------------------------------------- |
|
2462 |
* | Parent Dir | Target Object Permissions | |
|
2463 |
* | permissions | | |
|
2464 |
* ------------------------------------------------------- |
|
2465 |
* | | ACL Allows | ACL Denies| Delete | |
|
2466 |
* | | Delete | Delete | unspecified| |
|
2467 |
* ------------------------------------------------------- |
|
2468 |
* | ACL Allows | Permit | Permit | Permit | |
|
2469 |
* | DELETE_CHILD | | |
|
2470 |
* ------------------------------------------------------- |
|
2471 |
* | ACL Denies | Permit | Deny | Deny | |
|
2472 |
* | DELETE_CHILD | | | | |
|
2473 |
* ------------------------------------------------------- |
|
2474 |
* | ACL specifies | | | | |
|
2475 |
* | only allow | Permit | Permit | Permit | |
|
2476 |
* | write and | | | | |
|
2477 |
* | execute | | | | |
|
2478 |
* ------------------------------------------------------- |
|
2479 |
* | ACL denies | | | | |
|
2480 |
* | write and | Permit | Deny | Deny | |
|
2481 |
* | execute | | | | |
|
2482 |
* ------------------------------------------------------- |
|
2483 |
* ^ |
|
2484 |
* | |
|
2485 |
* No search privilege, can't even look up file? |
|
2486 |
* |
|
2487 |
*/ |
|
2488 |
int |
|
2489 |
zfs_zaccess_delete(znode_t *dzp, znode_t *zp, cred_t *cr) |
|
2490 |
{
|
|
| 5331 | 2491 |
uint32_t dzp_working_mode = 0; |
2492 |
uint32_t zp_working_mode = 0; |
|
| 789 | 2493 |
int dzp_error, zp_error; |
| 5331 | 2494 |
boolean_t dzpcheck_privs = B_TRUE; |
2495 |
boolean_t zpcheck_privs = B_TRUE; |
|
| 789 | 2496 |
|
2497 |
/* |
|
2498 |
* Arghh, this check is going to require a couple of questions |
|
2499 |
* to be asked. We want specific DELETE permissions to |
|
2500 |
* take precedence over WRITE/EXECUTE. We don't |
|
2501 |
* want an ACL such as this to mess us up. |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2502 |
* user:joe:write_data:deny,user:joe:delete:allow |
| 789 | 2503 |
* |
2504 |
* However, deny permissions may ultimately be overridden |
|
2505 |
* by secpolicy_vnode_access(). |
|
2506 |
*/ |
|
2507 |
||
| 5331 | 2508 |
if (zp->z_phys->zp_flags & (ZFS_IMMUTABLE | ZFS_NOUNLINK)) |
2509 |
return (EPERM); |
|
2510 |
||
| 789 | 2511 |
dzp_error = zfs_zaccess_common(dzp, ACE_DELETE_CHILD, |
| 5331 | 2512 |
&dzp_working_mode, &dzpcheck_privs, B_FALSE, cr); |
2513 |
zp_error = zfs_zaccess_common(zp, ACE_DELETE, &zp_working_mode, |
|
2514 |
&zpcheck_privs, B_FALSE, cr); |
|
| 789 | 2515 |
|
| 5331 | 2516 |
if ((dzp_error && dzpcheck_privs == B_FALSE) || |
2517 |
(zp_error && zpcheck_privs == B_FALSE)) |
|
| 789 | 2518 |
return (dzp_error); |
2519 |
||
2520 |
/* |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2521 |
* First check the first row. |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2522 |
* We only need to see if parent Allows delete_child |
| 789 | 2523 |
*/ |
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
2524 |
if ((dzp_working_mode & ACE_DELETE_CHILD) == 0) |
| 789 | 2525 |
return (0); |
2526 |
||
2527 |
/* |
|
2528 |
* Second row |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2529 |
* we already have the necessary information in |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2530 |
* zp_working_mode, zp_error and dzp_error. |
| 789 | 2531 |
*/ |
2532 |
||
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
2533 |
if ((zp_working_mode & ACE_DELETE) == 0) |
| 789 | 2534 |
return (0); |
2535 |
||
2536 |
/* |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2537 |
* Now zp_error should either be EACCES which indicates |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2538 |
* a "deny" delete entry or ACCESS_UNDETERMINED if the "delete" |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2539 |
* entry exists on the target. |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2540 |
* |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2541 |
* dzp_error should be either EACCES which indicates a "deny" |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2542 |
* entry for delete_child or ACCESS_UNDETERMINED if no delete_child |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2543 |
* entry exists. If value is EACCES then we are done |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2544 |
* and zfs_delete_final_check() will make the final decision |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2545 |
* regarding to allow the delete. |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2546 |
*/ |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2547 |
|
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2548 |
ASSERT(zp_error != 0 && dzp_error != 0); |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2549 |
if (dzp_error == EACCES) |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2550 |
return (zfs_delete_final_check(zp, dzp, cr)); |
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2551 |
|
|
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2552 |
/* |
| 789 | 2553 |
* Third Row |
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2554 |
* Only need to check for write/execute on parent |
| 789 | 2555 |
*/ |
2556 |
||
2557 |
dzp_error = zfs_zaccess_common(dzp, ACE_WRITE_DATA|ACE_EXECUTE, |
|
| 5331 | 2558 |
&dzp_working_mode, &dzpcheck_privs, B_FALSE, cr); |
| 789 | 2559 |
|
| 5331 | 2560 |
if (dzp_error && dzpcheck_privs == B_FALSE) |
| 789 | 2561 |
return (dzp_error); |
2562 |
||
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
2563 |
if ((dzp_working_mode & (ACE_WRITE_DATA|ACE_EXECUTE)) == 0) |
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2564 |
return (zfs_sticky_remove_access(dzp, zp, cr)); |
| 789 | 2565 |
|
2566 |
/* |
|
2567 |
* Fourth Row |
|
2568 |
*/ |
|
2569 |
||
|
1576
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
2570 |
if (((dzp_working_mode & (ACE_WRITE_DATA|ACE_EXECUTE)) != 0) && |
|
0364d1928a7f
6380036 zfs does not clear S_ISUID and S_ISGID bits on successful writes
marks
parents:
1544
diff
changeset
|
2571 |
((zp_working_mode & ACE_DELETE) == 0)) |
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2572 |
return (zfs_sticky_remove_access(dzp, zp, cr)); |
| 789 | 2573 |
|
|
2604
b2fb13f56fe7
6461609 zfs delete permissions are not working correctly
marks
parents:
2113
diff
changeset
|
2574 |
return (zfs_delete_final_check(zp, dzp, cr)); |
| 789 | 2575 |
} |
2576 |
||
2577 |
int |
|
2578 |
zfs_zaccess_rename(znode_t *sdzp, znode_t *szp, znode_t *tdzp, |
|
2579 |
znode_t *tzp, cred_t *cr) |
|
2580 |
{
|
|
2581 |
int add_perm; |
|
2582 |
int error; |
|
2583 |
||
| 5331 | 2584 |
if (szp->z_phys->zp_flags & ZFS_AV_QUARANTINED) |
2585 |
return (EACCES); |
|
2586 |
||
| 789 | 2587 |
add_perm = (ZTOV(szp)->v_type == VDIR) ? |
2588 |
ACE_ADD_SUBDIRECTORY : ACE_ADD_FILE; |
|
2589 |
||
2590 |
/* |
|
2591 |
* Rename permissions are combination of delete permission + |
|
2592 |
* add file/subdir permission. |
|
2593 |
*/ |
|
2594 |
||
2595 |
/* |
|
2596 |
* first make sure we do the delete portion. |
|
2597 |
* |
|
2598 |
* If that succeeds then check for add_file/add_subdir permissions |
|
2599 |
*/ |
|
2600 |
||
2601 |
if (error = zfs_zaccess_delete(sdzp, szp, cr)) |
|
2602 |
return (error); |
|
2603 |
||
2604 |
/* |
|
2605 |
* If we have a tzp, see if we can delete it? |
|
2606 |
*/ |
|
2607 |
if (tzp) {
|
|
2608 |
if (error = zfs_zaccess_delete(tdzp, tzp, cr)) |
|
2609 |
return (error); |
|
2610 |
} |
|
2611 |
||
2612 |
/* |
|
2613 |
* Now check for add permissions |
|
2614 |
*/ |
|
| 5331 | 2615 |
error = zfs_zaccess(tdzp, add_perm, 0, B_FALSE, cr); |
| 789 | 2616 |
|
2617 |
return (error); |
|
2618 |
} |