[CIFS] POSIX ACL support part 2

Signed-off-by: Steve French (sfrench@us.ibm.com)

fs/cifs/cifspdu.h

@@ -1642,22 +1642,33 @@ struct file_compression_info {
 
 /* POSIX ACL set/query path info structures */
 #define CIFS_ACL_VERSION 1
-struct cifs_posix_acl {
-	/* BB fixme add here */
+struct cifs_posix_ace { /* access control entry (ACE) */
+	__u8  cifs_e_tag;
+	__u8  cifs_e_perm;
+	__u64 cifs_uid; /* or gid */
+}; 
+
+struct cifs_posix_acl { /* access conrol list  (ACL) */
+	__le16	version;
+	__le16	access_entry_count;  /* access ACL - count of entries */
+	__le16	default_entry_count; /* default ACL - count of entries */
+	struct cifs_posix_ace ace_array[1];
+	/* followed by
+	struct cifs_posix_ace default_ace_arraay[] */
 };  /* level 0x204 */
 
-/* types of access control entries */
-#define CIFS_POSIX_ACL_USER_OBJ	 0x01
-#define CIFS_POSIX_ACL_USER	 0x02
+/* types of access control entries already defined in posix_acl.h */
+/* #define CIFS_POSIX_ACL_USER_OBJ	 0x01
+#define CIFS_POSIX_ACL_USER      0x02
 #define CIFS_POSIX_ACL_GROUP_OBJ 0x04
-#define CIFS_POSIX_ACL_GROUP	 0x08
-#define CIFS_POSIX_ACL_MASK	 0x10
-#define CIFS_POSIX_ACL_OTHER	 0x20
+#define CIFS_POSIX_ACL_GROUP     0x08
+#define CIFS_POSIX_ACL_MASK      0x10
+#define CIFS_POSIX_ACL_OTHER     0x20 */
 
 /* types of perms */
-#define CIFS_POSIX_ACL_EXECUTE   0x01
+/* #define CIFS_POSIX_ACL_EXECUTE   0x01
 #define CIFS_POSIX_ACL_WRITE     0x02
-#define CIFS_POSIX_ACL_READ	 0x04
+#define CIFS_POSIX_ACL_READ	     0x04 */
 
 /* end of POSIX ACL definitions */
 

fs/cifs/cifsproto.h

@@ -233,4 +233,9 @@ extern int CIFSSMBSetEA(const int xid, struct cifsTconInfo *tcon,
 		const char *fileName, const char * ea_name, 
 		const void * ea_value, const __u16 ea_value_len, 
 		const struct nls_table *nls_codepage);
+extern int CIFSSMBGetPosixACL(const int xid, struct cifsTconInfo *tcon,
+                        const unsigned char *searchName,
+                        char *acl_inf, const int buflen,
+                        const struct nls_table *nls_codepage);
+
 #endif			/* _CIFSPROTO_H */

fs/cifs/connect.c

@@ -69,6 +69,7 @@ struct smb_vol {
 	unsigned intr:1;
 	unsigned setuids:1;
 	unsigned noperm:1;
+	unsigned no_psx_acl:1; /* set if posix acl support should be disabled */
 	unsigned server_ino:1; /* use inode numbers from server ie UniqueId */
 	unsigned int rsize;
 	unsigned int wsize;
@@ -787,6 +788,10 @@ cifs_parse_mount_options(char *options, const char *devname, struct smb_vol *vol
 			vol->server_ino = 1;
 		} else if (strnicmp(data, "noserverino",9) == 0) {
 			vol->server_ino = 0;
+		} else if (strnicmp(data, "acl",3) == 0) {
+			vol->no_psx_acl = 0;
+		} else if (strnicmp(data, "noacl",5) == 0) {
+			vol->no_psx_acl = 1;
 		} else if (strnicmp(data, "noac", 4) == 0) {
 			printk(KERN_WARNING "CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
 		} else
@@ -1491,8 +1496,16 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
 		/* do not care if following two calls succeed - informational only */
 		CIFSSMBQFSDeviceInfo(xid, tcon, cifs_sb->local_nls);
 		CIFSSMBQFSAttributeInfo(xid, tcon, cifs_sb->local_nls);
-		if (tcon->ses->capabilities & CAP_UNIX)
-			CIFSSMBQFSUnixInfo(xid, tcon, cifs_sb->local_nls);
+		if (tcon->ses->capabilities & CAP_UNIX) {
+			if(!CIFSSMBQFSUnixInfo(xid, tcon, cifs_sb->local_nls)) {
+				if(!volume_info.no_psx_acl) {
+					if(CIFS_UNIX_POSIX_ACL_CAP & 
+					   le64_to_cpu(tcon->fsUnixInfo.Capability))
+						cFYI(1,("server negotiated posix acl support"));
+						sb->s_flags |= MS_POSIXACL;
+				}
+			}
+		}
 	}
 
 	/* volume_info.password is freed above when existing session found

fs/cifs/xattr.c

@@ -164,6 +164,9 @@ ssize_t cifs_getxattr(struct dentry * direntry, const char * ea_name,
          void * ea_value, size_t buf_size)
 {
 	ssize_t rc = -EOPNOTSUPP;
+#ifdef CONFIG_CIFS_POSIX
+	struct cifs_posix_ace * acl_inf;
+#endif
 #ifdef CONFIG_CIFS_XATTR
 	int xid;
 	struct cifs_sb_info *cifs_sb;
@@ -206,22 +209,37 @@ ssize_t cifs_getxattr(struct dentry * direntry, const char * ea_name,
 		ea_name += 4; /* skip past os2. prefix */
 		rc = CIFSSMBQueryEA(xid,pTcon,full_path,ea_name,ea_value,
 			buf_size, cifs_sb->local_nls);
-	} else {
-		if(strncmp(ea_name,POSIX_ACL_XATTR_ACCESS,strlen(POSIX_ACL_XATTR_ACCESS)) == 0) {
-			cFYI(1,("query POSIX ACL not supported yet"));
-			/* rc = CIFSSMBGetPosixACL(xid, pTcon,
-				const unsigned char *searchName,
-				char *acl_inf, const int buflen,
-				cifs_sb->local_nls); */
-                } else if(strncmp(ea_name,POSIX_ACL_XATTR_DEFAULT,strlen(POSIX_ACL_XATTR_DEFAULT)) == 0) {
-                        cFYI(1,("query default POSIX ACL not supported yet"));
-			/* rc = CIFSSMBGetPosixACL(xid, pTcon,
-				const unsigned char *searchName,
-				char *acl_inf, const int buflen,
-				cifs_sb->local_nls); */
-                } else {
-			cFYI(1,("illegal xattr name request %s (only user namespace supported)",ea_name));
+	} else if(strncmp(ea_name,POSIX_ACL_XATTR_ACCESS,strlen(POSIX_ACL_XATTR_ACCESS)) == 0) {
+
+#ifdef CONFIG_CIFS_POSIX
+		acl_inf = (struct cifs_posix_ace *)kmalloc(4096,GFP_KERNEL);
+		if(acl_inf == NULL)
+			rc = -ENOMEM;
+		else {
+			rc = CIFSSMBGetPosixACL(xid, pTcon, full_path,
+			(char *)acl_inf, 4096, cifs_sb->local_nls);
+			/* BB fixme - add parsing */
+			kfree(acl_inf);
 		}
+#else 
+		cFYI(1,("query POSIX ACL not supported yet"));
+#endif /* CONFIG_CIFS_POSIX */
+	} else if(strncmp(ea_name,POSIX_ACL_XATTR_DEFAULT,strlen(POSIX_ACL_XATTR_DEFAULT)) == 0) {
+#ifdef CONFIG_CIFS_POSIX
+		acl_inf = (struct cifs_posix_ace *)kmalloc(4096,GFP_KERNEL);
+		if(acl_inf == NULL)
+			rc = -ENOMEM;
+		else {
+			rc = CIFSSMBGetPosixACL(xid, pTcon, full_path,
+			(char *)acl_inf, 4096, cifs_sb->local_nls);
+			/* BB fixme - add parsing */
+			kfree(acl_inf);
+		}
+#else 
+		cFYI(1,("query POSIX default ACL not supported yet"));
+#endif
+    } else {
+			cFYI(1,("illegal xattr name request %s (only user namespace supported)",ea_name));
 	}
 
 	/* We could add an additional check for streams ie