From owner-p4-projects@FreeBSD.ORG Sat Aug 9 11:52:26 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id BEDB01065672; Sat, 9 Aug 2008 11:52:26 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 823DD1065677 for ; Sat, 9 Aug 2008 11:52:26 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 7116C8FC19 for ; Sat, 9 Aug 2008 11:52:26 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m79BqQ5P064770 for ; Sat, 9 Aug 2008 11:52:26 GMT (envelope-from trasz@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m79BqQMc064768 for perforce@freebsd.org; Sat, 9 Aug 2008 11:52:26 GMT (envelope-from trasz@freebsd.org) Date: Sat, 9 Aug 2008 11:52:26 GMT Message-Id: <200808091152.m79BqQMc064768@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to trasz@freebsd.org using -f From: Edward Tomasz Napierala To: Perforce Change Reviews Cc: Subject: PERFORCE change 146979 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Aug 2008 11:52:27 -0000 http://perforce.freebsd.org/chv.cgi?CH=146979 Change 146979 by trasz@trasz_traszkan on 2008/08/09 11:51:37 Make it possible to change ACL_MAX_ENTRIES without breaking compatibility with pre-nfs4acl userland. Don't allocate "struct acl" on the stack, it may be big. Affected files ... .. //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#7 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/sys/acl.h#16 edit Differences ... ==== //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#7 (text+ko) ==== @@ -71,8 +71,8 @@ { int i; - if (source->acl_cnt < 0 || source->acl_cnt >= ACL_MAX_ENTRIES) - return (-1); + if (source->acl_cnt < 0 || source->acl_cnt >= OLDACL_MAX_ENTRIES) + return (EINVAL); bzero(dest, sizeof(*dest)); @@ -95,8 +95,8 @@ { int i; - if (source->acl_cnt < 0 || source->acl_cnt >= ACL_MAX_ENTRIES) - return (-1); + if (source->acl_cnt < 0 || source->acl_cnt >= OLDACL_MAX_ENTRIES) + return (EINVAL); bzero(dest, sizeof(*dest)); @@ -198,29 +198,32 @@ vacl_set_acl(struct thread *td, struct vnode *vp, acl_type_t type, struct acl *aclp) { - struct acl inkernacl; + struct acl *inkernelacl; struct mount *mp; int error; - error = copyin_acl(aclp, &inkernacl, type); + inkernelacl = uma_zalloc(acl_zone, M_WAITOK); + error = copyin_acl(aclp, inkernelacl, type); if (error) - return(error); + goto out_free; error = vn_start_write(vp, &mp, V_WAIT | PCATCH); if (error != 0) - return (error); + goto out_free; VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); #ifdef MAC - error = mac_vnode_check_setacl(td->td_ucred, vp, type, &inkernacl); + error = mac_vnode_check_setacl(td->td_ucred, vp, type, inkernelacl); if (error != 0) goto out; #endif - error = VOP_SETACL(vp, type_unold(type), &inkernacl, td->td_ucred, td); + error = VOP_SETACL(vp, type_unold(type), inkernelacl, td->td_ucred, td); #ifdef MAC out: #endif VOP_UNLOCK(vp, 0); vn_finished_write(mp); +out_free: + uma_zfree(acl_zone, inkernelacl); return(error); } @@ -231,9 +234,10 @@ vacl_get_acl(struct thread *td, struct vnode *vp, acl_type_t type, struct acl *aclp) { - struct acl inkernelacl; + struct acl *inkernelacl; int error; + inkernelacl = uma_zalloc(acl_zone, M_WAITOK); VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); #ifdef MAC @@ -245,13 +249,14 @@ if (error != 0) goto out; - error = VOP_GETACL(vp, type_unold(type), &inkernelacl, + error = VOP_GETACL(vp, type_unold(type), inkernelacl, td->td_ucred, td); out: VOP_UNLOCK(vp, 0); if (error == 0) - error = copyout_acl(&inkernelacl, aclp, type); + error = copyout_acl(inkernelacl, aclp, type); + uma_zfree(acl_zone, inkernelacl); return (error); } @@ -290,14 +295,17 @@ vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type, struct acl *aclp) { - struct acl inkernelacl; + struct acl *inkernelacl; int error; - error = copyin_acl(aclp, &inkernelacl, type); + inkernelacl = uma_zalloc(acl_zone, M_WAITOK); + error = copyin_acl(aclp, inkernelacl, type); if (error) - return(error); - error = VOP_ACLCHECK(vp, type_unold(type), &inkernelacl, + goto out_free; + error = VOP_ACLCHECK(vp, type_unold(type), inkernelacl, td->td_ucred, td); +out_free: + uma_zfree(acl_zone, inkernelacl); return (error); } ==== //depot/projects/soc2008/trasz_nfs4acl/sys/sys/acl.h#16 (text+ko) ==== @@ -49,7 +49,8 @@ #define POSIX1E_ACL_DEFAULT_EXTATTR_NAME "posix1e.acl_default" #define NFS4_ACL_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM #define NFS4_ACL_EXTATTR_NAME "nfs4.acl" -#define ACL_MAX_ENTRIES 32 /* maximum entries in an ACL */ +#define OLDACL_MAX_ENTRIES 32 +#define ACL_MAX_ENTRIES OLDACL_MAX_ENTRIES /* * "struct oldacl" is used in compatibility ACL syscalls and for on-disk @@ -68,7 +69,7 @@ /* internal ACL structure */ struct oldacl { int acl_cnt; - struct oldacl_entry acl_entry[ACL_MAX_ENTRIES]; + struct oldacl_entry acl_entry[OLDACL_MAX_ENTRIES]; }; /*