From nobody Sun Jun 29 16:12:16 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bVZ7N4H7Bz60Nr7;
	Sun, 29 Jun 2025 16:12:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4bVZ7N2b8jz3Gqm;
	Sun, 29 Jun 2025 16:12:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1751213536;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=peMilQqlkdtHJK0nwqmAaaoBeIw3R1OX8vd3gNiChKE=;
	b=x2eYwemQZH7VC9ObhSff88pErUmbE7ZlErp+MZbihcP5qkzycHggf7nA0o8nd9Io5QFlKm
	M6M/IaJTLUqxcq/rCNREtvNBbTXDlDZwW7HRmYyKJ2OT4hoWtdJkvpdpMYnQDCBbPxXmJm
	3WKHoxAHHSGL5SJiwgcWEkDJ5XwdFPdm8rwQIAuck/Pcwmz4iEv7DHnDPLq94zm6TMpdTJ
	YhejU4RavjoSONuJSYCnIbhVnUpAQfr1o0TtEdtPtEO20FZXwhAP7dCKbM5GdfUc14oQjb
	1x2aBmDAiS9s8CPBUlgLDZex6W5fZ61bFHxum7TvG8+uwVMctCHxtJpoUnkbxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1751213536;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=peMilQqlkdtHJK0nwqmAaaoBeIw3R1OX8vd3gNiChKE=;
	b=MlrxT67/QsjsRuovzgMvnV9DCoJS7C7MaWVdd5Xh2CnonWoxSFb3aA/eUyqMSYNgnqoNa8
	nlGZBsDlXGW+NK9FT/F1dqgjqtdqiyhBmMZFjRKgMxjJB7ackdyIBvBKc4ALRtSdIoVGYl
	M2NpZaEIHUvN8f4tBpOKkjFuvTHrYBZIszCKg7o+7YGPX4dIw393GjwOnjcdsdVtwFQoHp
	7aqRIzTcLwFMJLcbkeUnJCynq7qp808sUiEEeTqDOo4pTd7CzS1YQUz2Rt/voNHCEbXUou
	l9VDyly2/+OLDinpobyttJi7gMW1xHP4IJWB5PcPXTdK3/9vYGKF9La6FhyBLQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1751213536; a=rsa-sha256; cv=none;
	b=JZxMjtfou8L0iraLIRIQr3FLq/1IEeCenVekL7aWEGwBUun+notFZX4x9EiGvEZ0qAic7I
	CRRFAYW1KQBy8iL7f+2pnOMVK8Ej3bhTciu3/cAdfDqgrLdV9zBrzcAiM5zGpCHSoA9t8b
	2fq5rd4W5x1NsMi38uWH/J1oedqMfDEmzA5+Igl0rlqC3bSVQELP2y4MYLy9tajLwXPyXt
	25K74S6ncCRBiuupaGR1KLpPI3tPMApQ9CPMkDvp9tN18pL9FfnOTs5IVukAysYE6lTMHx
	o0m8/E1xkHAv2go79apFUr3tM2hM0CWxCP6sGsvaOhyczyywJ/3nUCSciJp5zg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bVZ7N1lYPz9j4;
	Sun, 29 Jun 2025 16:12:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 55TGCGei074506;
	Sun, 29 Jun 2025 16:12:16 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 55TGCGFi074503;
	Sun, 29 Jun 2025 16:12:16 GMT
	(envelope-from git)
Date: Sun, 29 Jun 2025 16:12:16 GMT
Message-Id: <202506291612.55TGCGFi074503@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 0d51adee3072 - main - nfsd: Use an NFSv4 ACL for the
  delegation ACE if available
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 0d51adee307296a8031afb75f95a013423f7c396
Auto-Submitted: auto-generated

The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=0d51adee307296a8031afb75f95a013423f7c396

commit 0d51adee307296a8031afb75f95a013423f7c396
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2025-06-29 16:09:23 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2025-06-29 16:09:23 +0000

    nfsd: Use an NFSv4 ACL for the delegation ACE if available
    
    Without this patch, the ACE in a NFSv4 delegation reply is
    generated from the file's user mode bits.  This is correct
    in most situations, but not if the file has certain NFSv4 ACLs.
    
    This patch uses the @OWNER ACE in the NFSv4 ACL if it comes
    before any deny ACE and returns a "nil access" ACE if a
    deny preceeds the @OWNER.
    
    This change affects few NFSv4 clients, since most clients
    ignore the delegation access ACE and it only affects cases
    where the NFSv4 server is issuing delegations.
    
    Fixes:  8e2a90ac8089 ("nfscommon: Factor out conversion of ae_perm to NFSv4 ACE flags")
---
 sys/fs/nfsserver/nfs_nfsdserv.c | 85 +++++++++++++++++++++++++++++++++++------
 1 file changed, 73 insertions(+), 12 deletions(-)

diff --git a/sys/fs/nfsserver/nfs_nfsdserv.c b/sys/fs/nfsserver/nfs_nfsdserv.c
index e54cc594d611..4e15d55eb312 100644
--- a/sys/fs/nfsserver/nfs_nfsdserv.c
+++ b/sys/fs/nfsserver/nfs_nfsdserv.c
@@ -64,6 +64,7 @@ extern u_long sb_max_adj;
 extern int nfsrv_pnfsatime;
 extern int nfsrv_maxpnfsmirror;
 extern uint32_t nfs_srvmaxio;
+extern int nfsrv_issuedelegs;
 
 static int	nfs_async = 0;
 SYSCTL_DECL(_vfs_nfsd);
@@ -2866,6 +2867,8 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram,
 	NFSACL_T *aclp = NULL;
 	struct thread *p = curthread;
 	bool done_namei;
+	__enum_uint8_decl(wdelegace) { USENONE, USEMODE, USENFSV4ACL }
+	    delegace;
 
 #ifdef NFS4_ACL_EXTATTR_NAME
 	aclp = acl_alloc(M_WAITOK);
@@ -2873,6 +2876,7 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram,
 #endif
 	NFSZERO_ATTRBIT(&attrbits);
 	done_namei = false;
+	delegace = USEMODE;
 	named.ni_cnd.cn_nameiop = 0;
 	NFSM_DISSECT(tl, u_int32_t *, 6 * NFSX_UNSIGNED);
 	i = fxdr_unsigned(int, *(tl + 5));
@@ -3214,6 +3218,25 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram,
 
 	if (!nd->nd_repstat)
 		nd->nd_repstat = nfsvno_getattr(vp, &nva, nd, p, 1, NULL);
+
+	if (nd->nd_repstat == 0 && aclp != NULL && nfsrv_issuedelegs != 0 &&
+	    (dp->v_mount->mnt_flag & MNT_NFS4ACLS) != 0) {
+		if (aclp->acl_cnt == 0 && create == NFSV4OPEN_NOCREATE) {
+			int retacl;
+
+			/* We do not yet have an ACL, so try and get one. */
+			retacl = VOP_GETACL(vp, ACL_TYPE_NFS4, aclp,
+			    nd->nd_cred, p);
+			if (retacl != 0 && retacl != ENOATTR &&
+			    retacl != EOPNOTSUPP && retacl != EINVAL)
+				delegace = USENONE;
+			else if (retacl == 0 && aclp->acl_cnt > 0)
+				delegace = USENFSV4ACL;
+		} else if (aclp->acl_cnt > 0 && create == NFSV4OPEN_CREATE) {
+			delegace = USENFSV4ACL;
+		}
+	}
+
 	/*
 	 * Do the open locking/delegation stuff.
 	 */
@@ -3306,18 +3329,56 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram,
 				*tl++ = txdr_unsigned(NFSV4OPEN_LIMITSIZE);
 				txdr_hyper(nva.na_size, tl);
 			}
-			NFSM_BUILD(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
-			*tl++ = txdr_unsigned(NFSV4ACE_ALLOWEDTYPE);
-			*tl++ = txdr_unsigned(0x0);
-			acemask = NFSV4ACE_ALLFILESMASK;
-			if (nva.na_mode & S_IRUSR)
-			    acemask |= NFSV4ACE_READMASK;
-			if (nva.na_mode & S_IWUSR)
-			    acemask |= NFSV4ACE_WRITEMASK;
-			if (nva.na_mode & S_IXUSR)
-			    acemask |= NFSV4ACE_EXECUTEMASK;
-			*tl = txdr_unsigned(acemask);
-			(void) nfsm_strtom(nd, "OWNER@", 6);
+
+			/* Set up the write delegation ACE. */
+			NFSM_BUILD(tl, uint32_t *, 3 * NFSX_UNSIGNED);
+			if (delegace == USENFSV4ACL) {
+				int j;
+
+				for (j = 0; j < aclp->acl_cnt; j++) {
+					if (aclp->acl_entry[j].ae_tag ==
+					    ACL_USER_OBJ ||
+					    aclp->acl_entry[j].ae_entry_type !=
+					    ACL_ENTRY_TYPE_ALLOW)
+						break;
+				}
+				if (j < aclp->acl_cnt &&
+				    aclp->acl_entry[j].ae_tag ==
+				    ACL_USER_OBJ &&
+				    aclp->acl_entry[j].ae_entry_type ==
+				    ACL_ENTRY_TYPE_ALLOW) {
+					/* Use this ACE. */
+					*tl++ = txdr_unsigned(
+					    NFSV4ACE_ALLOWEDTYPE);
+					*tl++ = txdr_unsigned(0x0);
+					*tl = txdr_unsigned(
+					    nfs_aceperm(
+					    aclp->acl_entry[j].ae_perm));
+					(void)nfsm_strtom(nd, "OWNER@", 6);
+				} else
+					delegace = USENONE;
+			}
+			if (delegace == USENONE) {
+				/* Don't allow anything. */
+				*tl++ = 0x0;
+				*tl++ = 0x0;
+				*tl = 0x0;
+				NFSM_BUILD(tl, uint32_t *, NFSX_UNSIGNED);
+				*tl = 0;
+			} else if (delegace == USEMODE) {
+				/* Build from mode. */
+				*tl++ = txdr_unsigned(NFSV4ACE_ALLOWEDTYPE);
+				*tl++ = txdr_unsigned(0x0);
+				acemask = NFSV4ACE_ALLFILESMASK;
+				if (nva.na_mode & S_IRUSR)
+					acemask |= NFSV4ACE_READMASK;
+				if (nva.na_mode & S_IWUSR)
+					acemask |= NFSV4ACE_WRITEMASK;
+				if (nva.na_mode & S_IXUSR)
+					acemask |= NFSV4ACE_EXECUTEMASK;
+				*tl = txdr_unsigned(acemask);
+				(void)nfsm_strtom(nd, "OWNER@", 6);
+			}
 		}
 		*vpp = vp;
 	} else if (vp) {