git: f10dc28ec21d - main - nfscommon: Return NFSERR_ATTRNOTSUPP for AUDIT/ALARM ACEs
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 27 Dec 2021 16:06:58 UTC
The branch main has been updated by rmacklem:
URL: https://cgit.FreeBSD.org/src/commit/?id=f10dc28ec21db60cf1faa3c4b445c4065e760dba
commit f10dc28ec21db60cf1faa3c4b445c4065e760dba
Author: Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2021-12-27 16:03:41 +0000
Commit: Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2021-12-27 16:03:41 +0000
nfscommon: Return NFSERR_ATTRNOTSUPP for AUDIT/ALARM ACEs
FreeBSD only supports Allow/Deny ACEs in NFSv4 ACLs.
As such, it does not make sense to parse Audit/Alarm
ACEs. Modify nfsrv_dissectace() so that it returns
NFSERR_ATTRNOTSUPP if an Audit/Alarm ACE is found in
the ACL being parsed. The code has been #ifdef notnow'd,
since Audit/Alarm ACEs might be supported someday.
This should not have significant impact, since FreeBSD
reports to clients that only Allow/Deny ACEs are
supported and an attempt to set one would have failed
anyhow.
MFC after: 2 weeks
---
sys/fs/nfs/nfs_commonacl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sys/fs/nfs/nfs_commonacl.c b/sys/fs/nfs/nfs_commonacl.c
index e3583b273db8..057efdfbc29c 100644
--- a/sys/fs/nfs/nfs_commonacl.c
+++ b/sys/fs/nfs/nfs_commonacl.c
@@ -158,10 +158,13 @@ nfsrv_dissectace(struct nfsrv_descript *nd, struct acl_entry *acep,
acep->ae_entry_type = ACL_ENTRY_TYPE_ALLOW;
else if (acetype == NFSV4ACE_DENIEDTYPE)
acep->ae_entry_type = ACL_ENTRY_TYPE_DENY;
+#ifdef notnow
+ /* FreeBSD does not support Audit/Alarm ACEs at this time. */
else if (acetype == NFSV4ACE_AUDITTYPE)
acep->ae_entry_type = ACL_ENTRY_TYPE_AUDIT;
else if (acetype == NFSV4ACE_ALARMTYPE)
acep->ae_entry_type = ACL_ENTRY_TYPE_ALARM;
+#endif
else
aceerr = NFSERR_ATTRNOTSUPP;
}