nfsd: take xattr bits into account for permission checks
Since the NFSv4.2 extended attributes extension defines 3 new access bits for xattr operations, take them in to account when validating what the client is asking for, and when checking permissions. Signed-off-by: Frank van der Linden <fllinden@amazon.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
This commit is contained in:
parent
32119446bb
commit
c11d7fd1b3
|
@ -566,8 +566,14 @@ nfsd4_access(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
|
||||||
union nfsd4_op_u *u)
|
union nfsd4_op_u *u)
|
||||||
{
|
{
|
||||||
struct nfsd4_access *access = &u->access;
|
struct nfsd4_access *access = &u->access;
|
||||||
|
u32 access_full;
|
||||||
|
|
||||||
if (access->ac_req_access & ~NFS3_ACCESS_FULL)
|
access_full = NFS3_ACCESS_FULL;
|
||||||
|
if (cstate->minorversion >= 2)
|
||||||
|
access_full |= NFS4_ACCESS_XALIST | NFS4_ACCESS_XAREAD |
|
||||||
|
NFS4_ACCESS_XAWRITE;
|
||||||
|
|
||||||
|
if (access->ac_req_access & ~access_full)
|
||||||
return nfserr_inval;
|
return nfserr_inval;
|
||||||
|
|
||||||
access->ac_resp_access = access->ac_req_access;
|
access->ac_resp_access = access->ac_req_access;
|
||||||
|
|
|
@ -612,6 +612,12 @@ static struct accessmap nfs3_regaccess[] = {
|
||||||
{ NFS3_ACCESS_MODIFY, NFSD_MAY_WRITE|NFSD_MAY_TRUNC },
|
{ NFS3_ACCESS_MODIFY, NFSD_MAY_WRITE|NFSD_MAY_TRUNC },
|
||||||
{ NFS3_ACCESS_EXTEND, NFSD_MAY_WRITE },
|
{ NFS3_ACCESS_EXTEND, NFSD_MAY_WRITE },
|
||||||
|
|
||||||
|
#ifdef CONFIG_NFSD_V4
|
||||||
|
{ NFS4_ACCESS_XAREAD, NFSD_MAY_READ },
|
||||||
|
{ NFS4_ACCESS_XAWRITE, NFSD_MAY_WRITE },
|
||||||
|
{ NFS4_ACCESS_XALIST, NFSD_MAY_READ },
|
||||||
|
#endif
|
||||||
|
|
||||||
{ 0, 0 }
|
{ 0, 0 }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -622,6 +628,12 @@ static struct accessmap nfs3_diraccess[] = {
|
||||||
{ NFS3_ACCESS_EXTEND, NFSD_MAY_EXEC|NFSD_MAY_WRITE },
|
{ NFS3_ACCESS_EXTEND, NFSD_MAY_EXEC|NFSD_MAY_WRITE },
|
||||||
{ NFS3_ACCESS_DELETE, NFSD_MAY_REMOVE },
|
{ NFS3_ACCESS_DELETE, NFSD_MAY_REMOVE },
|
||||||
|
|
||||||
|
#ifdef CONFIG_NFSD_V4
|
||||||
|
{ NFS4_ACCESS_XAREAD, NFSD_MAY_READ },
|
||||||
|
{ NFS4_ACCESS_XAWRITE, NFSD_MAY_WRITE },
|
||||||
|
{ NFS4_ACCESS_XALIST, NFSD_MAY_READ },
|
||||||
|
#endif
|
||||||
|
|
||||||
{ 0, 0 }
|
{ 0, 0 }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue