From owner-p4-projects@FreeBSD.ORG Tue Aug 12 06:13:43 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EFA881065683; Tue, 12 Aug 2008 06:13:42 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B3CF71065671 for ; Tue, 12 Aug 2008 06:13:42 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 9EB4B8FC30 for ; Tue, 12 Aug 2008 06:13:42 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m7C6Dg4X060768 for ; Tue, 12 Aug 2008 06:13:42 GMT (envelope-from trasz@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m7C6DglR060766 for perforce@freebsd.org; Tue, 12 Aug 2008 06:13:42 GMT (envelope-from trasz@freebsd.org) Date: Tue, 12 Aug 2008 06:13:42 GMT Message-Id: <200808120613.m7C6DglR060766@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to trasz@freebsd.org using -f From: Edward Tomasz Napierala To: Perforce Change Reviews Cc: Subject: PERFORCE change 147212 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2008 06:13:43 -0000 http://perforce.freebsd.org/chv.cgi?CH=147212 Change 147212 by trasz@trasz_traszkan on 2008/08/12 06:12:48 Variable size ACL on-disk storage and some misc fixes. Affected files ... .. //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#11 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ufs/ufs_acl.c#8 edit Differences ... ==== //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_acl.c#11 (text+ko) ==== @@ -125,9 +125,11 @@ static int copyin_acl(void *user_acl, struct acl *kernel_acl, acl_type_t type) { - int error; + int error, acl_length; struct oldacl old; + acl_length = kernel_acl->acl_length; + switch (type) { case ACL_TYPE_ACCESS_OLD: case ACL_TYPE_DEFAULT_OLD: @@ -141,6 +143,8 @@ error = copyin(user_acl, kernel_acl, sizeof(struct acl)); } + kernel_acl->acl_length = acl_length; + return (error); } ==== //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ufs/ufs_acl.c#8 (text+ko) ==== @@ -142,26 +142,28 @@ static int ufs_getacl_nfs4(struct vop_getacl_args *ap) { - int error, len; + int error, len, acl_length; struct inode *ip = VTOI(ap->a_vp); if ((ap->a_vp->v_mount->mnt_flag & MNT_NFS4ACLS) == 0) return (EOPNOTSUPP); - bzero(ap->a_aclp, sizeof(*ap->a_aclp)); + acl_length = ap->a_aclp->acl_length; len = sizeof(*ap->a_aclp); + bzero(ap->a_aclp, len); error = vn_extattr_get(ap->a_vp, IO_NODELOCKED, NFS4_ACL_EXTATTR_NAMESPACE, NFS4_ACL_EXTATTR_NAME, &len, (char *) ap->a_aclp, ap->a_td); - + ap->a_aclp->acl_length = acl_length; if (error == ENOATTR) { /* * Legitimately no ACL set on object, purely * emulate it through the inode. */ - error = acl_nfs4_sync_acl_from_mode(ap->a_aclp, ip->i_mode, ip->i_uid); + error = acl_nfs4_sync_acl_from_mode(ap->a_aclp, ip->i_mode, + ip->i_uid); return (error); } @@ -169,7 +171,7 @@ if (error) return (error); - if (len != sizeof(*ap->a_aclp)) { + if (len != acl_size_for_cnt(ap->a_aclp->acl_cnt)) { /* * A short (or long) read, meaning that for * some reason the ACL is corrupted. Return @@ -182,6 +184,20 @@ return (EPERM); } + if (ap->a_aclp->acl_magic != ACL_MAGIC) { + printf("ufs_getacl_nfs4(): Loaded invalid ACL " + "(wrong acl_magic: 0x%x)\n", ap->a_aclp->acl_magic); + + return (EPERM); + } + + if (ap->a_aclp->acl_cnt > ap->a_aclp->acl_length) { + printf("ufs_getacl_nfs4(): Loaded invalid ACL " + "(wrong acl_cnt: %c)\n", ap->a_aclp->acl_cnt); + + return (EPERM); + } + return (0); } @@ -261,8 +277,8 @@ * EPERM since the object DAC protections * are unsafe. */ - printf("ufs_getacl_posix1e(): Loaded invalid ACL (" - "%d bytes)\n", len); + printf("ufs_getacl_posix1e(): Loaded invalid " + "ACL (%d bytes)\n", len); return (EPERM); } @@ -367,7 +383,8 @@ if (ap->a_aclp == NULL) return (EINVAL); - error = VOP_ACLCHECK(ap->a_vp, ap->a_type, ap->a_aclp, ap->a_cred, ap->a_td); + error = VOP_ACLCHECK(ap->a_vp, ap->a_type, ap->a_aclp, ap->a_cred, + ap->a_td); if (error) return (error); @@ -389,9 +406,11 @@ NFS4_ACL_EXTATTR_NAME, ap->a_td); } else { + ap->a_aclp->acl_magic = ACL_MAGIC; error = vn_extattr_set(ap->a_vp, IO_NODELOCKED, NFS4_ACL_EXTATTR_NAMESPACE, - NFS4_ACL_EXTATTR_NAME, sizeof(*ap->a_aclp), + NFS4_ACL_EXTATTR_NAME, + acl_size_for_cnt(ap->a_aclp->acl_cnt), (char *) ap->a_aclp, ap->a_td); }