NFSD: Add nfsd4_encode_fattr4_acl_trueform

Mapping between NFSv4 ACLs and POSIX ACLs is semantically imprecise:
a client that sets an NFSv4 ACL and reads it back may see a different
ACL than it wrote. The proposed NFSv4 POSIX ACL extension introduces
the FATTR4_ACL_TRUEFORM attribute, which reports whether a file
object stores its access control permissions using NFSv4 ACLs or
POSIX ACLs.

A client aware of this extension can avoid lossy translation by
requesting and setting ACLs in their native format.

When NFSD is built with CONFIG_NFSD_V4_POSIX_ACLS, report
ACL_MODEL_POSIX_DRAFT for file objects on file systems with the
SB_POSIXACL flag set, and ACL_MODEL_NONE otherwise. Linux file
systems do not store NFSv4 ACLs natively, so ACL_MODEL_NFS4 is never
reported.

Signed-off-by: Rick Macklem <rmacklem@uoguelph.ca>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index 5065727204b958c94f7b9a307ea4273b266b51c7..9b47cf17ddde5fb99865d59533468859b314d898 100644 (file)
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -3470,6 +3470,22 @@ static __be32 nfsd4_encode_fattr4_open_arguments(struct xdr_stream *xdr,
        return nfs_ok;
 }
 
+#ifdef CONFIG_NFSD_V4_POSIX_ACLS
+
+static __be32 nfsd4_encode_fattr4_acl_trueform(struct xdr_stream *xdr,
+                                              const struct nfsd4_fattr_args *args)
+{
+       aclmodel4 trueform = ACL_MODEL_NONE;
+
+       if (IS_POSIXACL(d_inode(args->dentry)))
+               trueform = ACL_MODEL_POSIX_DRAFT;
+       if (!xdrgen_encode_aclmodel4(xdr, trueform))
+               return nfserr_resource;
+       return nfs_ok;
+}
+
+#endif /* CONFIG_NFSD_V4_POSIX_ACLS */
+
 static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = {
        [FATTR4_SUPPORTED_ATTRS]        = nfsd4_encode_fattr4_supported_attrs,
        [FATTR4_TYPE]                   = nfsd4_encode_fattr4_type,
@@ -3573,6 +3589,16 @@ static const nfsd4_enc_attr nfsd4_enc_fattr4_encode_ops[] = {
        [FATTR4_TIME_DELEG_ACCESS]      = nfsd4_encode_fattr4__inval,
        [FATTR4_TIME_DELEG_MODIFY]      = nfsd4_encode_fattr4__inval,
        [FATTR4_OPEN_ARGUMENTS]         = nfsd4_encode_fattr4_open_arguments,
+
+       /* Reserved */
+       [87]                            = nfsd4_encode_fattr4__inval,
+       [88]                            = nfsd4_encode_fattr4__inval,
+
+#ifdef CONFIG_NFSD_V4_POSIX_ACLS
+       [FATTR4_ACL_TRUEFORM]           = nfsd4_encode_fattr4_acl_trueform,
+#else
+       [FATTR4_ACL_TRUEFORM]           = nfsd4_encode_fattr4__noop,
+#endif
 };
 
 /*