From owner-p4-projects@FreeBSD.ORG  Tue Aug 12 06:13:43 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id EFA881065683; Tue, 12 Aug 2008 06:13:42 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B3CF71065671
	for <perforce@freebsd.org>; Tue, 12 Aug 2008 06:13:42 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 9EB4B8FC30
	for <perforce@freebsd.org>; Tue, 12 Aug 2008 06:13:42 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m7C6Dg4X060768
	for <perforce@freebsd.org>; Tue, 12 Aug 2008 06:13:42 GMT
	(envelope-from trasz@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m7C6DglR060766
	for perforce@freebsd.org; Tue, 12 Aug 2008 06:13:42 GMT
	(envelope-from trasz@freebsd.org)
Date: Tue, 12 Aug 2008 06:13:42 GMT
Message-Id: <200808120613.m7C6DglR060766@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	trasz@freebsd.org using -f
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 147212 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Aug 2008 06:13:43 -0000

http://perforce.freebsd.org/chv.cgi?CH=147212

Change 147212 by trasz@trasz_traszkan on 2008/08/12 06:12:48

	Variable size ACL on-disk storage and some misc fixes.

Affected files ...

.. //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#11 edit
.. //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ufs/ufs_acl.c#8 edit

Differences ...

==== //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#11 (text+ko) ====

@@ -125,9 +125,11 @@
 static int
 copyin_acl(void *user_acl, struct acl *kernel_acl, acl_type_t type)
 {
-	int error;
+	int error, acl_length;
 	struct oldacl old;
 
+	acl_length = kernel_acl->acl_length;
+
 	switch (type) {
 	case ACL_TYPE_ACCESS_OLD:
 	case ACL_TYPE_DEFAULT_OLD:
@@ -141,6 +143,8 @@
 		error = copyin(user_acl, kernel_acl, sizeof(struct acl));
 	}
 
+	kernel_acl->acl_length = acl_length;
+
 	return (error);
 }
 

==== //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ufs/ufs_acl.c#8 (text+ko) ====

@@ -142,26 +142,28 @@
 static int
 ufs_getacl_nfs4(struct vop_getacl_args *ap)
 {
-	int error, len;
+	int error, len, acl_length;
 	struct inode *ip = VTOI(ap->a_vp);
 
 	if ((ap->a_vp->v_mount->mnt_flag & MNT_NFS4ACLS) == 0)
 		return (EOPNOTSUPP);
 
-	bzero(ap->a_aclp, sizeof(*ap->a_aclp));
+	acl_length = ap->a_aclp->acl_length;
 	len = sizeof(*ap->a_aclp);
+	bzero(ap->a_aclp, len);
 
 	error = vn_extattr_get(ap->a_vp, IO_NODELOCKED,
 	    NFS4_ACL_EXTATTR_NAMESPACE,
 	    NFS4_ACL_EXTATTR_NAME, &len, (char *) ap->a_aclp,
 	    ap->a_td);
-
+	ap->a_aclp->acl_length = acl_length;
 	if (error == ENOATTR) {
 		/*
 		 * Legitimately no ACL set on object, purely
 		 * emulate it through the inode.
 		 */
-		error = acl_nfs4_sync_acl_from_mode(ap->a_aclp, ip->i_mode, ip->i_uid);
+		error = acl_nfs4_sync_acl_from_mode(ap->a_aclp, ip->i_mode,
+		    ip->i_uid);
 
 		return (error);
 	}
@@ -169,7 +171,7 @@
 	if (error)
 		return (error);
 
-	if (len != sizeof(*ap->a_aclp)) {
+	if (len != acl_size_for_cnt(ap->a_aclp->acl_cnt)) {
 		/*
 		 * A short (or long) read, meaning that for
 		 * some reason the ACL is corrupted.  Return
@@ -182,6 +184,20 @@
 		return (EPERM);
 	}
 
+	if (ap->a_aclp->acl_magic != ACL_MAGIC) {
+		printf("ufs_getacl_nfs4(): Loaded invalid ACL "
+		    "(wrong acl_magic: 0x%x)\n", ap->a_aclp->acl_magic);
+		
+		return (EPERM);
+	}
+
+	if (ap->a_aclp->acl_cnt > ap->a_aclp->acl_length) {
+		printf("ufs_getacl_nfs4(): Loaded invalid ACL "
+		    "(wrong acl_cnt: %c)\n", ap->a_aclp->acl_cnt);
+
+		return (EPERM);
+	}
+
 	return (0);
 }
 
@@ -261,8 +277,8 @@
 				 * EPERM since the object DAC protections
 				 * are unsafe.
 				 */
-				printf("ufs_getacl_posix1e(): Loaded invalid ACL ("
-				    "%d bytes)\n", len);
+				printf("ufs_getacl_posix1e(): Loaded invalid "
+				    "ACL (%d bytes)\n", len);
 				return (EPERM);
 			}
 
@@ -367,7 +383,8 @@
 	if (ap->a_aclp == NULL)
 		return (EINVAL);
 
-	error = VOP_ACLCHECK(ap->a_vp, ap->a_type, ap->a_aclp, ap->a_cred, ap->a_td);
+	error = VOP_ACLCHECK(ap->a_vp, ap->a_type, ap->a_aclp, ap->a_cred,
+	    ap->a_td);
 	if (error)
 		return (error);
 
@@ -389,9 +406,11 @@
 		    NFS4_ACL_EXTATTR_NAME, ap->a_td);
 
 	} else {
+		ap->a_aclp->acl_magic = ACL_MAGIC;
 		error = vn_extattr_set(ap->a_vp, IO_NODELOCKED,
 		    NFS4_ACL_EXTATTR_NAMESPACE,
-		    NFS4_ACL_EXTATTR_NAME, sizeof(*ap->a_aclp),
+		    NFS4_ACL_EXTATTR_NAME,
+		    acl_size_for_cnt(ap->a_aclp->acl_cnt),
 		    (char *) ap->a_aclp, ap->a_td);
 	}