git: 8e2a90ac8089 - main - nfscommon: Factor out conversion of ae_perm to NFSv4 ACE flags
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 26 Jun 2025 20:25:51 UTC
The branch main has been updated by rmacklem:
URL: https://cgit.FreeBSD.org/src/commit/?id=8e2a90ac8089e168f71d797f8b3b67659f72c7af
commit 8e2a90ac8089e168f71d797f8b3b67659f72c7af
Author: Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2025-06-26 20:22:53 +0000
Commit: Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2025-06-26 20:22:53 +0000
nfscommon: Factor out conversion of ae_perm to NFSv4 ACE flags
This patch factors the code that converts the ae_perm bits in
an NFSv4 style ACL to the NFSv4 on-the-wire format into a
separate function.
This function will be used by the NFSv4 server in a future
commit.
This patch should not change NFSv4 semantics.
---
sys/fs/nfs/nfs_commonacl.c | 64 +++++++++++++++++++++++++++-------------------
sys/fs/nfs/nfs_var.h | 1 +
2 files changed, 39 insertions(+), 26 deletions(-)
diff --git a/sys/fs/nfs/nfs_commonacl.c b/sys/fs/nfs/nfs_commonacl.c
index 55e6f89dd8ec..69afa8d41712 100644
--- a/sys/fs/nfs/nfs_commonacl.c
+++ b/sys/fs/nfs/nfs_commonacl.c
@@ -352,32 +352,7 @@ nfsrv_buildace(struct nfsrv_descript *nd, u_char *name, int namelen,
if (ace->ae_perm & ACL_SYNCHRONIZE)
acemask |= NFSV4ACE_SYNCHRONIZE;
} else {
- if (ace->ae_perm & ACL_READ_DATA)
- acemask |= NFSV4ACE_READDATA;
- if (ace->ae_perm & ACL_WRITE_DATA)
- acemask |= NFSV4ACE_WRITEDATA;
- if (ace->ae_perm & ACL_APPEND_DATA)
- acemask |= NFSV4ACE_APPENDDATA;
- if (ace->ae_perm & ACL_READ_NAMED_ATTRS)
- acemask |= NFSV4ACE_READNAMEDATTR;
- if (ace->ae_perm & ACL_WRITE_NAMED_ATTRS)
- acemask |= NFSV4ACE_WRITENAMEDATTR;
- if (ace->ae_perm & ACL_EXECUTE)
- acemask |= NFSV4ACE_EXECUTE;
- if (ace->ae_perm & ACL_READ_ATTRIBUTES)
- acemask |= NFSV4ACE_READATTRIBUTES;
- if (ace->ae_perm & ACL_WRITE_ATTRIBUTES)
- acemask |= NFSV4ACE_WRITEATTRIBUTES;
- if (ace->ae_perm & ACL_DELETE)
- acemask |= NFSV4ACE_DELETE;
- if (ace->ae_perm & ACL_READ_ACL)
- acemask |= NFSV4ACE_READACL;
- if (ace->ae_perm & ACL_WRITE_ACL)
- acemask |= NFSV4ACE_WRITEACL;
- if (ace->ae_perm & ACL_WRITE_OWNER)
- acemask |= NFSV4ACE_WRITEOWNER;
- if (ace->ae_perm & ACL_SYNCHRONIZE)
- acemask |= NFSV4ACE_SYNCHRONIZE;
+ acemask = nfs_aceperm(ace->ae_perm);
}
*tl++ = txdr_unsigned(acemask);
*tl++ = txdr_unsigned(namelen);
@@ -387,6 +362,43 @@ nfsrv_buildace(struct nfsrv_descript *nd, u_char *name, int namelen,
return (full_len + 4 * NFSX_UNSIGNED);
}
+/*
+ * Convert ae_perm to NFSv4 ACL acemask4 for regular files.
+ */
+uint32_t
+nfs_aceperm(acl_perm_t ae_perm)
+{
+ uint32_t acemask = 0x0;
+
+ if (ae_perm & ACL_READ_DATA)
+ acemask |= NFSV4ACE_READDATA;
+ if (ae_perm & ACL_WRITE_DATA)
+ acemask |= NFSV4ACE_WRITEDATA;
+ if (ae_perm & ACL_APPEND_DATA)
+ acemask |= NFSV4ACE_APPENDDATA;
+ if (ae_perm & ACL_READ_NAMED_ATTRS)
+ acemask |= NFSV4ACE_READNAMEDATTR;
+ if (ae_perm & ACL_WRITE_NAMED_ATTRS)
+ acemask |= NFSV4ACE_WRITENAMEDATTR;
+ if (ae_perm & ACL_EXECUTE)
+ acemask |= NFSV4ACE_EXECUTE;
+ if (ae_perm & ACL_READ_ATTRIBUTES)
+ acemask |= NFSV4ACE_READATTRIBUTES;
+ if (ae_perm & ACL_WRITE_ATTRIBUTES)
+ acemask |= NFSV4ACE_WRITEATTRIBUTES;
+ if (ae_perm & ACL_DELETE)
+ acemask |= NFSV4ACE_DELETE;
+ if (ae_perm & ACL_READ_ACL)
+ acemask |= NFSV4ACE_READACL;
+ if (ae_perm & ACL_WRITE_ACL)
+ acemask |= NFSV4ACE_WRITEACL;
+ if (ae_perm & ACL_WRITE_OWNER)
+ acemask |= NFSV4ACE_WRITEOWNER;
+ if (ae_perm & ACL_SYNCHRONIZE)
+ acemask |= NFSV4ACE_SYNCHRONIZE;
+ return (acemask);
+}
+
/*
* Build an NFSv4 ACL.
*/
diff --git a/sys/fs/nfs/nfs_var.h b/sys/fs/nfs/nfs_var.h
index 626946a70774..7206d12bd6fa 100644
--- a/sys/fs/nfs/nfs_var.h
+++ b/sys/fs/nfs/nfs_var.h
@@ -439,6 +439,7 @@ int nfs_supportsnfsv4acls(vnode_t);
/* nfs_commonacl.c */
int nfsrv_dissectace(struct nfsrv_descript *, struct acl_entry *,
bool, int *, int *, NFSPROC_T *);
+uint32_t nfs_aceperm(acl_perm_t);
int nfsrv_buildacl(struct nfsrv_descript *, NFSACL_T *, __enum_uint8(vtype),
NFSPROC_T *);
int nfsrv_compareacl(NFSACL_T *, NFSACL_T *);