static void nfs4_acls_test(void)
{
int i = 0;
fsal_acl_data_t acldata, acldata2;
fsal_ace_t *ace = NULL;
fsal_acl_t *acl = NULL;
fsal_acl_status_t status;
acldata.naces = 3;
acldata.aces = nfs4_ace_alloc(3);
LogDebug(COMPONENT_NFS_V4_ACL, "acldata.aces = %p", acldata.aces);
ace = acldata.aces;
for (i = 0; i < 3; i++) {
ace->type = i;
ace->perm = i;
ace->flag = i;
ace->who.uid = i;
ace++;
}
acl = nfs4_acl_new_entry(&acldata, &status);
PTHREAD_RWLOCK_rdlock(&acl->lock);
LogDebug(COMPONENT_NFS_V4_ACL, "acl = %p, ref = %u, status = %u", acl,
acl->ref, status);
PTHREAD_RWLOCK_unlock(&acl->lock);
acldata2.naces = 3;
acldata2.aces = nfs4_ace_alloc(3);
LogDebug(COMPONENT_NFS_V4_ACL, "acldata2.aces = %p", acldata2.aces);
ace = acldata2.aces;
for (i = 0; i < 3; i++) {
ace->type = i;
ace->perm = i;
ace->flag = i;
ace->who.uid = i;
ace++;
}
acl = nfs4_acl_new_entry(&acldata2, &status);
PTHREAD_RWLOCK_rdlock(&acl->lock);
LogDebug(COMPONENT_NFS_V4_ACL,
"re-access: acl = %p, ref = %u, status = %u", acl, acl->ref,
status);
PTHREAD_RWLOCK_unlock(&acl->lock);
nfs4_acl_release_entry(acl, &status);
PTHREAD_RWLOCK_rdlock(&acl->lock);
LogDebug(COMPONENT_NFS_V4_ACL,
"release: acl = %p, ref = %u, status = %u", acl, acl->ref,
status);
PTHREAD_RWLOCK_unlock(&acl->lock);
nfs4_acl_release_entry(acl, &status);
}
/* Covert GPFS NFS4 ACLs to FSAL ACLs, and set the ACL
* pointer of attribute. */
static int gpfs_acl_2_fsal_acl(struct attrlist * p_object_attributes,
gpfs_acl_t *p_gpfsacl)
{
fsal_acl_status_t status;
fsal_acl_data_t acldata;
fsal_ace_t *pace;
fsal_acl_t *pacl;
gpfs_ace_v4_t *pace_gpfs;
/* sanity checks */
if(!p_object_attributes || !p_gpfsacl)
return ERR_FSAL_FAULT;
/* Create fsal acl data. */
acldata.naces = p_gpfsacl->acl_nace;
acldata.aces = (fsal_ace_t *)nfs4_ace_alloc(acldata.naces);
/* Fill fsal acl data from gpfs acl. */
for(pace = acldata.aces, pace_gpfs = p_gpfsacl->ace_v4;
pace < acldata.aces + acldata.naces; pace++, pace_gpfs++)
{
pace->type = pace_gpfs->aceType;
pace->flag = pace_gpfs->aceFlags;
pace->iflag = pace_gpfs->aceIFlags;
pace->perm = pace_gpfs->aceMask;
if(IS_FSAL_ACE_SPECIAL_ID(*pace)) /* Record special user. */
{
pace->who.uid = pace_gpfs->aceWho;
}
else
{
if(IS_FSAL_ACE_GROUP_ID(*pace)) /* Record group. */
pace->who.gid = pace_gpfs->aceWho;
else /* Record user. */
pace->who.uid = pace_gpfs->aceWho;
}
LogDebug(COMPONENT_FSAL,
"gpfs_acl_2_fsal_acl: fsal ace: type = 0x%x, flag = 0x%x, perm = 0x%x, special = %d, %s = 0x%x",
pace->type, pace->flag, pace->perm, IS_FSAL_ACE_SPECIAL_ID(*pace),
GET_FSAL_ACE_WHO_TYPE(*pace), GET_FSAL_ACE_WHO(*pace));
}
/* Create a new hash table entry for fsal acl. */
pacl = nfs4_acl_new_entry(&acldata, &status);
LogDebug(COMPONENT_FSAL, "fsal acl = %p, fsal_acl_status = %u", pacl, status);
if(pacl == NULL)
{
LogCrit(COMPONENT_FSAL, "gpfs_acl_2_fsal_acl: failed to create a new acl entry");
return ERR_FSAL_FAULT;
}
/* Add fsal acl to attribute. */
p_object_attributes->acl = pacl;
return ERR_FSAL_NO_ERROR;
}
fsal_acl_t *lzfs_int_convert_lzfs_acl(const liz_acl_t *lzfs_acl) {
fsal_acl_data_t acl_data;
fsal_acl_status_t acl_status;
fsal_acl_t *fsal_acl = NULL;
if (!lzfs_acl) {
return NULL;
}
acl_data.naces = liz_get_acl_size(lzfs_acl);
acl_data.aces = (fsal_ace_t *)nfs4_ace_alloc(acl_data.naces);
if (!acl_data.aces) {
return NULL;
}
for (unsigned i = 0; i < acl_data.naces; ++i) {
fsal_ace_t *fsal_ace = acl_data.aces + i;
liz_acl_ace_t lzfs_ace;
int rc = liz_get_acl_entry(lzfs_acl, i, &lzfs_ace);
(void)rc;
assert(rc == 0);
fsal_ace->type = lzfs_ace.type;
fsal_ace->flag = lzfs_ace.flags & 0xFF;
fsal_ace->iflag = (lzfs_ace.flags & LIZ_ACL_SPECIAL_WHO) ? FSAL_ACE_IFLAG_SPECIAL_ID : 0;
if (IS_FSAL_ACE_GROUP_ID(*fsal_ace)) {
fsal_ace->who.gid = lzfs_ace.id;
} else {
fsal_ace->who.uid = lzfs_ace.id;
}
if (IS_FSAL_ACE_SPECIAL_ID(*fsal_ace)) {
switch (lzfs_ace.id) {
case LIZ_ACL_OWNER_SPECIAL_ID:
fsal_ace->who.uid = FSAL_ACE_SPECIAL_OWNER;
break;
case LIZ_ACL_GROUP_SPECIAL_ID:
fsal_ace->who.uid = FSAL_ACE_SPECIAL_GROUP;
break;
case LIZ_ACL_EVERYONE_SPECIAL_ID:
fsal_ace->who.uid = FSAL_ACE_SPECIAL_EVERYONE;
break;
default:
fsal_ace->who.uid = FSAL_ACE_NORMAL_WHO;
LogWarn(COMPONENT_FSAL, "Invalid LizardFS ACE special id type (%u)",
(unsigned)lzfs_ace.id);
}
}
}
fsal_acl = nfs4_acl_new_entry(&acl_data, &acl_status);
LogDebug(COMPONENT_FSAL, "fsal acl = %p, fsal_acl_status = %u", fsal_acl, acl_status);
return fsal_acl;
}
/**
* @brief Convert PanFS ACLs to FSAL ACLs
*
* @param[in] panacl Source PanFS ACL set
* @param[in,out] attrib Target FSAL attribute list
* @return FSAL Status
*/
static fsal_status_t panfs_acl_2_fsal_acl(struct pan_fs_acl_s *panacl,
struct attrlist *attrib)
{
fsal_acl_status_t status;
fsal_acl_data_t acldata;
struct pan_fs_ace_s *panace;
fsal_ace_t *ace = NULL;
fsal_acl_t *acl = NULL;
/* sanity checks */
if (!attrib || !panacl)
return fsalstat(ERR_FSAL_FAULT, EFAULT);
/* Count the number of aces */
acldata.naces = 0;
for (panace = panacl->aces; panace < panacl->aces + panacl->naces;
panace++) {
if (panace_info_to_fsal_type(panace->info) == (uint32_t)-1)
continue;
acldata.naces++;
}
if (acldata.naces == 0) {
/* No ACEs on this object */
FSAL_UNSET_MASK(attrib->mask, ATTR_ACL);
attrib->acl = NULL;
return fsalstat(ERR_FSAL_NO_ERROR, 0);
}
/* Create fsal acl data. */
acldata.aces = (fsal_ace_t *) nfs4_ace_alloc(acldata.naces);
LogDebug(COMPONENT_FSAL, "Converting %u aces:", acldata.naces);
ace = acldata.aces;
for (panace = panacl->aces; panace < panacl->aces + panacl->naces;
panace++) {
ace->type = panace_info_to_fsal_type(panace->info);
if (ace->type == (uint32_t)-1)
continue;
ace->flag = panace_info_to_fsal_flag(panace->info);
ace->perm = panace_perm_to_fsal_perm(panace->permissions);
panace_id_to_fsal_id(&panace->identity, ace);
fsal_print_ace(COMPONENT_FSAL, NIV_DEBUG, ace);
ace++;
}
/* Create a new hash table entry for fsal acl. */
acl = nfs4_acl_new_entry(&acldata, &status);
if (!acl)
return fsalstat(ERR_FSAL_FAULT, status);
/* Add fsal acl to attribute. */
attrib->acl = acl;
return fsalstat(ERR_FSAL_NO_ERROR, 0);
}
static void nfs4_acls_test()
{
int i = 0;
fsal_acl_data_t acldata;
fsal_ace_t *pace = NULL;
fsal_acl_t *pacl = NULL;
fsal_acl_status_t status;
acldata.naces = 3;
acldata.aces = nfs4_ace_alloc(3);
LogDebug(COMPONENT_NFS_V4_ACL, "&acldata.aces = %p", &acldata.aces);
pace = acldata.aces;
for(i = 0; i < 3; i++)
{
pace->type = i;
pace->perm = i;
pace->flag = i;
pace->who.uid = i;
pace++;
}
pacl = nfs4_acl_new_entry(&acldata, &status);
nfs4_acl_entry_inc_ref(pacl);
P_r(&pacl->lock);
LogDebug(COMPONENT_NFS_V4_ACL, "pacl = %p, ref = %u, status = %u", pacl, pacl->ref, status);
V_r(&pacl->lock);
pacl = nfs4_acl_new_entry(&acldata, &status);
nfs4_acl_entry_inc_ref(pacl);
P_r(&pacl->lock);
LogDebug(COMPONENT_NFS_V4_ACL, "re-access: pacl = %p, ref = %u, status = %u", pacl, pacl->ref, status);
V_r(&pacl->lock);
nfs4_acl_release_entry(pacl, &status);
P_r(&pacl->lock);
LogDebug(COMPONENT_NFS_V4_ACL, "release: pacl = %p, ref = %u, status = %u", pacl, pacl->ref, status);
V_r(&pacl->lock);
nfs4_acl_release_entry(pacl, &status);
}
/*
* Read the ACL in GlusterFS format and convert it into fsal ACL before
* storing it in fsalattr
*/
fsal_status_t glusterfs_get_acl(struct glusterfs_export *glfs_export,
struct glfs_object *glhandle,
glusterfs_fsal_xstat_t *buffxstat,
struct attrlist *fsalattr)
{
fsal_status_t status = { ERR_FSAL_NO_ERROR, 0 };
fsal_acl_data_t acldata;
fsal_acl_status_t aclstatus;
fsal_ace_t *pace = NULL;
int e_count = 0, i_count = 0, new_count = 0, new_i_count = 0;
if (fsalattr->acl != NULL) {
/* We should never be passed attributes that have an
* ACL attached, but just in case some future code
* path changes that assumption, let's release the
* old ACL properly.
*/
int acl_status;
acl_status = nfs4_acl_release_entry(fsalattr->acl);
if (acl_status != NFS_V4_ACL_SUCCESS)
LogCrit(COMPONENT_FSAL,
"Failed to release old acl, status=%d",
acl_status);
fsalattr->acl = NULL;
}
if (NFSv4_ACL_SUPPORT) {
buffxstat->e_acl = glfs_h_acl_get(glfs_export->gl_fs->fs,
glhandle, ACL_TYPE_ACCESS);
if (!buffxstat->e_acl) {
status = gluster2fsal_error(errno);
return status;
}
e_count = ace_count(buffxstat->e_acl);
if (buffxstat->is_dir) {
buffxstat->i_acl =
glfs_h_acl_get(glfs_export->gl_fs->fs,
glhandle, ACL_TYPE_DEFAULT);
i_count = ace_count(buffxstat->i_acl);
}
/* Allocating memory for both ALLOW and DENY entries */
acldata.naces = 2 * (e_count + i_count);
LogDebug(COMPONENT_FSAL, "No of aces present in fsal_acl_t = %d"
, acldata.naces);
if (!acldata.naces)
return status;
FSAL_SET_MASK(buffxstat->attr_valid, XATTR_ACL);
acldata.aces = (fsal_ace_t *) nfs4_ace_alloc(acldata.naces);
pace = acldata.aces;
new_count = posix_acl_2_fsal_acl(buffxstat->e_acl,
buffxstat->is_dir, false, &pace);
if (new_count < 0)
return fsalstat(ERR_FSAL_NO_ACE, -1);
if (i_count > 0) {
new_i_count = posix_acl_2_fsal_acl(buffxstat->i_acl,
true, true, &pace);
if (new_i_count > 0)
new_count += new_i_count;
else
LogDebug(COMPONENT_FSAL,
"Inherit acl is not set for this directory");
}
/* Reallocating acldata into the required size */
acldata.aces = (fsal_ace_t *) gsh_realloc(acldata.aces,
new_count*sizeof(fsal_ace_t));
acldata.naces = new_count;
fsalattr->acl = nfs4_acl_new_entry(&acldata, &aclstatus);
LogDebug(COMPONENT_FSAL, "fsal acl = %p, fsal_acl_status = %u",
fsalattr->acl, aclstatus);
if (fsalattr->acl == NULL) {
LogCrit(COMPONENT_FSAL,
"failed to create a new acl entry");
return fsalstat(ERR_FSAL_NOMEM, -1);
}
fsalattr->valid_mask |= ATTR_ACL;
} else {
/* We were asked for ACL but do not support. */
status = fsalstat(ERR_FSAL_NOTSUPP, 0);
}
return status;
}
