1345 zfs_acl_node_t *newnode;
1346 size_t abstract_size = aclp->z_ops.ace_abstract_size();
1347 void *zacep;
1348 boolean_t isdir;
1349 trivial_acl_t masks;
1350
1351 new_count = new_bytes = 0;
1352
1353 isdir = (vtype == VDIR);
1354
1355 acl_trivial_access_masks((mode_t)mode, isdir, &masks);
1356
1357 newnode = zfs_acl_node_alloc((abstract_size * 6) + aclp->z_acl_bytes);
1358
1359 zacep = newnode->z_acldata;
1360 if (masks.allow0) {
1361 zfs_set_ace(aclp, zacep, masks.allow0, ALLOW, -1, ACE_OWNER);
1362 zacep = (void *)((uintptr_t)zacep + abstract_size);
1363 new_count++;
1364 new_bytes += abstract_size;
1365 } if (masks.deny1) {
1366 zfs_set_ace(aclp, zacep, masks.deny1, DENY, -1, ACE_OWNER);
1367 zacep = (void *)((uintptr_t)zacep + abstract_size);
1368 new_count++;
1369 new_bytes += abstract_size;
1370 }
1371 if (masks.deny2) {
1372 zfs_set_ace(aclp, zacep, masks.deny2, DENY, -1, OWNING_GROUP);
1373 zacep = (void *)((uintptr_t)zacep + abstract_size);
1374 new_count++;
1375 new_bytes += abstract_size;
1376 }
1377
1378 while (acep = zfs_acl_next_ace(aclp, acep, &who, &access_mask,
1379 &iflags, &type)) {
1380 uint16_t inherit_flags;
1381
1382 entry_type = (iflags & ACE_TYPE_FLAGS);
1383 inherit_flags = (iflags & ALL_INHERIT);
1384
1385 if ((entry_type == ACE_OWNER || entry_type == ACE_EVERYONE ||
1749 */
1750 void
1751 zfs_acl_ids_free(zfs_acl_ids_t *acl_ids)
1752 {
1753 if (acl_ids->z_aclp)
1754 zfs_acl_free(acl_ids->z_aclp);
1755 if (acl_ids->z_fuidp)
1756 zfs_fuid_info_free(acl_ids->z_fuidp);
1757 acl_ids->z_aclp = NULL;
1758 acl_ids->z_fuidp = NULL;
1759 }
1760
1761 boolean_t
1762 zfs_acl_ids_overquota(zfsvfs_t *zfsvfs, zfs_acl_ids_t *acl_ids)
1763 {
1764 return (zfs_fuid_overquota(zfsvfs, B_FALSE, acl_ids->z_fuid) ||
1765 zfs_fuid_overquota(zfsvfs, B_TRUE, acl_ids->z_fgid));
1766 }
1767
1768 /*
1769 * Retrieve a files ACL
1770 */
1771 int
1772 zfs_getacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
1773 {
1774 zfs_acl_t *aclp;
1775 ulong_t mask;
1776 int error;
1777 int count = 0;
1778 int largeace = 0;
1779
1780 mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT |
1781 VSA_ACE_ACLFLAGS | VSA_ACE_ALLTYPES);
1782
1783 if (mask == 0)
1784 return (SET_ERROR(ENOSYS));
1785
1786 if (error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr))
1787 return (error);
1788
1789 mutex_enter(&zp->z_acl_lock);
1904 list_insert_head(&aclp->z_acl, aclnode);
1905
1906 /*
1907 * If flags are being set then add them to z_hints
1908 */
1909 if (vsecp->vsa_mask & VSA_ACE_ACLFLAGS) {
1910 if (vsecp->vsa_aclflags & ACL_PROTECTED)
1911 aclp->z_hints |= ZFS_ACL_PROTECTED;
1912 if (vsecp->vsa_aclflags & ACL_DEFAULTED)
1913 aclp->z_hints |= ZFS_ACL_DEFAULTED;
1914 if (vsecp->vsa_aclflags & ACL_AUTO_INHERIT)
1915 aclp->z_hints |= ZFS_ACL_AUTO_INHERIT;
1916 }
1917
1918 *zaclp = aclp;
1919
1920 return (0);
1921 }
1922
1923 /*
1924 * Set a files ACL
1925 */
1926 int
1927 zfs_setacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
1928 {
1929 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
1930 zilog_t *zilog = zfsvfs->z_log;
1931 ulong_t mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT);
1932 dmu_tx_t *tx;
1933 int error;
1934 zfs_acl_t *aclp;
1935 zfs_fuid_info_t *fuidp = NULL;
1936 boolean_t fuid_dirtied;
1937 uint64_t acl_obj;
1938
1939 if (mask == 0)
1940 return (SET_ERROR(ENOSYS));
1941
1942 if (zp->z_pflags & ZFS_IMMUTABLE)
1943 return (SET_ERROR(EPERM));
1944
2325 }
2326 if (!owner && !groupmbr) {
2327 if (zdp->z_mode & S_IXOTH) {
2328 mutex_exit(&zdp->z_acl_lock);
2329 return (0);
2330 }
2331 }
2332
2333 mutex_exit(&zdp->z_acl_lock);
2334
2335 slow:
2336 DTRACE_PROBE(zfs__fastpath__execute__access__miss);
2337 ZFS_ENTER(zdp->z_zfsvfs);
2338 error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr);
2339 ZFS_EXIT(zdp->z_zfsvfs);
2340 return (error);
2341 }
2342
2343 /*
2344 * Determine whether Access should be granted/denied.
2345 * The least priv subsytem is always consulted as a basic privilege
2346 * can define any form of access.
2347 */
2348 int
2349 zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr)
2350 {
2351 uint32_t working_mode;
2352 int error;
2353 int is_attr;
2354 boolean_t check_privs;
2355 znode_t *xzp;
2356 znode_t *check_zp = zp;
2357 mode_t needed_bits;
2358 uid_t owner;
2359
2360 is_attr = ((zp->z_pflags & ZFS_XATTR) && (ZTOV(zp)->v_type == VDIR));
2361
2362 /*
2363 * If attribute then validate against base file
2364 */
2520 mode_t available_perms, cred_t *cr)
2521 {
2522 int error;
2523 uid_t downer;
2524
2525 downer = zfs_fuid_map_id(dzp->z_zfsvfs, dzp->z_uid, cr, ZFS_OWNER);
2526
2527 error = secpolicy_vnode_access2(cr, ZTOV(dzp),
2528 downer, available_perms, VWRITE|VEXEC);
2529
2530 if (error == 0)
2531 error = zfs_sticky_remove_access(dzp, zp, cr);
2532
2533 return (error);
2534 }
2535
2536 /*
2537 * Determine whether Access should be granted/deny, without
2538 * consulting least priv subsystem.
2539 *
2540 *
2541 * The following chart is the recommended NFSv4 enforcement for
2542 * ability to delete an object.
2543 *
2544 * -------------------------------------------------------
2545 * | Parent Dir | Target Object Permissions |
2546 * | permissions | |
2547 * -------------------------------------------------------
2548 * | | ACL Allows | ACL Denies| Delete |
2549 * | | Delete | Delete | unspecified|
2550 * -------------------------------------------------------
2551 * | ACL Allows | Permit | Permit | Permit |
2552 * | DELETE_CHILD | |
2553 * -------------------------------------------------------
2554 * | ACL Denies | Permit | Deny | Deny |
2555 * | DELETE_CHILD | | | |
2556 * -------------------------------------------------------
2557 * | ACL specifies | | | |
2558 * | only allow | Permit | Permit | Permit |
2559 * | write and | | | |
2560 * | execute | | | |
|
1345 zfs_acl_node_t *newnode;
1346 size_t abstract_size = aclp->z_ops.ace_abstract_size();
1347 void *zacep;
1348 boolean_t isdir;
1349 trivial_acl_t masks;
1350
1351 new_count = new_bytes = 0;
1352
1353 isdir = (vtype == VDIR);
1354
1355 acl_trivial_access_masks((mode_t)mode, isdir, &masks);
1356
1357 newnode = zfs_acl_node_alloc((abstract_size * 6) + aclp->z_acl_bytes);
1358
1359 zacep = newnode->z_acldata;
1360 if (masks.allow0) {
1361 zfs_set_ace(aclp, zacep, masks.allow0, ALLOW, -1, ACE_OWNER);
1362 zacep = (void *)((uintptr_t)zacep + abstract_size);
1363 new_count++;
1364 new_bytes += abstract_size;
1365 }
1366 if (masks.deny1) {
1367 zfs_set_ace(aclp, zacep, masks.deny1, DENY, -1, ACE_OWNER);
1368 zacep = (void *)((uintptr_t)zacep + abstract_size);
1369 new_count++;
1370 new_bytes += abstract_size;
1371 }
1372 if (masks.deny2) {
1373 zfs_set_ace(aclp, zacep, masks.deny2, DENY, -1, OWNING_GROUP);
1374 zacep = (void *)((uintptr_t)zacep + abstract_size);
1375 new_count++;
1376 new_bytes += abstract_size;
1377 }
1378
1379 while (acep = zfs_acl_next_ace(aclp, acep, &who, &access_mask,
1380 &iflags, &type)) {
1381 uint16_t inherit_flags;
1382
1383 entry_type = (iflags & ACE_TYPE_FLAGS);
1384 inherit_flags = (iflags & ALL_INHERIT);
1385
1386 if ((entry_type == ACE_OWNER || entry_type == ACE_EVERYONE ||
1750 */
1751 void
1752 zfs_acl_ids_free(zfs_acl_ids_t *acl_ids)
1753 {
1754 if (acl_ids->z_aclp)
1755 zfs_acl_free(acl_ids->z_aclp);
1756 if (acl_ids->z_fuidp)
1757 zfs_fuid_info_free(acl_ids->z_fuidp);
1758 acl_ids->z_aclp = NULL;
1759 acl_ids->z_fuidp = NULL;
1760 }
1761
1762 boolean_t
1763 zfs_acl_ids_overquota(zfsvfs_t *zfsvfs, zfs_acl_ids_t *acl_ids)
1764 {
1765 return (zfs_fuid_overquota(zfsvfs, B_FALSE, acl_ids->z_fuid) ||
1766 zfs_fuid_overquota(zfsvfs, B_TRUE, acl_ids->z_fgid));
1767 }
1768
1769 /*
1770 * Retrieve a file's ACL
1771 */
1772 int
1773 zfs_getacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
1774 {
1775 zfs_acl_t *aclp;
1776 ulong_t mask;
1777 int error;
1778 int count = 0;
1779 int largeace = 0;
1780
1781 mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT |
1782 VSA_ACE_ACLFLAGS | VSA_ACE_ALLTYPES);
1783
1784 if (mask == 0)
1785 return (SET_ERROR(ENOSYS));
1786
1787 if (error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr))
1788 return (error);
1789
1790 mutex_enter(&zp->z_acl_lock);
1905 list_insert_head(&aclp->z_acl, aclnode);
1906
1907 /*
1908 * If flags are being set then add them to z_hints
1909 */
1910 if (vsecp->vsa_mask & VSA_ACE_ACLFLAGS) {
1911 if (vsecp->vsa_aclflags & ACL_PROTECTED)
1912 aclp->z_hints |= ZFS_ACL_PROTECTED;
1913 if (vsecp->vsa_aclflags & ACL_DEFAULTED)
1914 aclp->z_hints |= ZFS_ACL_DEFAULTED;
1915 if (vsecp->vsa_aclflags & ACL_AUTO_INHERIT)
1916 aclp->z_hints |= ZFS_ACL_AUTO_INHERIT;
1917 }
1918
1919 *zaclp = aclp;
1920
1921 return (0);
1922 }
1923
1924 /*
1925 * Set a file's ACL
1926 */
1927 int
1928 zfs_setacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
1929 {
1930 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
1931 zilog_t *zilog = zfsvfs->z_log;
1932 ulong_t mask = vsecp->vsa_mask & (VSA_ACE | VSA_ACECNT);
1933 dmu_tx_t *tx;
1934 int error;
1935 zfs_acl_t *aclp;
1936 zfs_fuid_info_t *fuidp = NULL;
1937 boolean_t fuid_dirtied;
1938 uint64_t acl_obj;
1939
1940 if (mask == 0)
1941 return (SET_ERROR(ENOSYS));
1942
1943 if (zp->z_pflags & ZFS_IMMUTABLE)
1944 return (SET_ERROR(EPERM));
1945
2326 }
2327 if (!owner && !groupmbr) {
2328 if (zdp->z_mode & S_IXOTH) {
2329 mutex_exit(&zdp->z_acl_lock);
2330 return (0);
2331 }
2332 }
2333
2334 mutex_exit(&zdp->z_acl_lock);
2335
2336 slow:
2337 DTRACE_PROBE(zfs__fastpath__execute__access__miss);
2338 ZFS_ENTER(zdp->z_zfsvfs);
2339 error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr);
2340 ZFS_EXIT(zdp->z_zfsvfs);
2341 return (error);
2342 }
2343
2344 /*
2345 * Determine whether Access should be granted/denied.
2346 *
2347 * The least priv subsytem is always consulted as a basic privilege
2348 * can define any form of access.
2349 */
2350 int
2351 zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr)
2352 {
2353 uint32_t working_mode;
2354 int error;
2355 int is_attr;
2356 boolean_t check_privs;
2357 znode_t *xzp;
2358 znode_t *check_zp = zp;
2359 mode_t needed_bits;
2360 uid_t owner;
2361
2362 is_attr = ((zp->z_pflags & ZFS_XATTR) && (ZTOV(zp)->v_type == VDIR));
2363
2364 /*
2365 * If attribute then validate against base file
2366 */
2522 mode_t available_perms, cred_t *cr)
2523 {
2524 int error;
2525 uid_t downer;
2526
2527 downer = zfs_fuid_map_id(dzp->z_zfsvfs, dzp->z_uid, cr, ZFS_OWNER);
2528
2529 error = secpolicy_vnode_access2(cr, ZTOV(dzp),
2530 downer, available_perms, VWRITE|VEXEC);
2531
2532 if (error == 0)
2533 error = zfs_sticky_remove_access(dzp, zp, cr);
2534
2535 return (error);
2536 }
2537
2538 /*
2539 * Determine whether Access should be granted/deny, without
2540 * consulting least priv subsystem.
2541 *
2542 * The following chart is the recommended NFSv4 enforcement for
2543 * ability to delete an object.
2544 *
2545 * -------------------------------------------------------
2546 * | Parent Dir | Target Object Permissions |
2547 * | permissions | |
2548 * -------------------------------------------------------
2549 * | | ACL Allows | ACL Denies| Delete |
2550 * | | Delete | Delete | unspecified|
2551 * -------------------------------------------------------
2552 * | ACL Allows | Permit | Permit | Permit |
2553 * | DELETE_CHILD | |
2554 * -------------------------------------------------------
2555 * | ACL Denies | Permit | Deny | Deny |
2556 * | DELETE_CHILD | | | |
2557 * -------------------------------------------------------
2558 * | ACL specifies | | | |
2559 * | only allow | Permit | Permit | Permit |
2560 * | write and | | | |
2561 * | execute | | | |
|