From patchwork Tue Mar 19 16:16:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Zetao X-Patchwork-Id: 1913715 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Uvj8iPUN; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TzcLt1FzGz23sJ for ; Wed, 20 Mar 2024 03:17:26 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+0Cxf89U1lylfWR9AOYtOxwvho5N2hSuKY7W3RwSp/E=; b=Uvj8iPUNgkQHRu rHIjdv47mfqKKndCu8THuavr0iWsdmDEuDnhZqtmCAlGBbDSYvVBmwKuVW82T9cal+41+XgXcGK5H y38NnjjxFsaNoS2BM6jxaCbPqZWgDUookr1AnFC8TaQLrKU6NqiqNCsABkid3Gud317szCDSh4zpk T+BF8SCrxybG78gvsYYc/yZ9OtHkLNuyq6e0TO+CWBLePMaAElPmrQeJpJceN9IqUW9aBZCmUFx0H Kosa569pXhIlYkGdhHsQtx44y0WGdysqmKJk5nCSGkormvv2wKZKXVd4FhfRM6IkfT2sS4UMFQ2yt zNh3gfnfKLYNBjgr8cYA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9F-0000000DKHV-3Oo6; Tue, 19 Mar 2024 16:17:09 +0000 Received: from szxga06-in.huawei.com ([45.249.212.32]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9B-0000000DKDG-2Gsc for linux-mtd@lists.infradead.org; Tue, 19 Mar 2024 16:17:07 +0000 Received: from mail.maildlp.com (unknown [172.19.88.214]) by szxga06-in.huawei.com (SkyGuard) with ESMTP id 4TzcKP4vPTz1vx43; Wed, 20 Mar 2024 00:16:09 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id 9B0931A016C; Wed, 20 Mar 2024 00:16:55 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Wed, 20 Mar 2024 00:16:55 +0800 From: Li Zetao To: , CC: , , Subject: [RFC PATCH 1/5] ubifs: Implement POSIX Access Control Lists (ACLs) Date: Wed, 20 Mar 2024 00:16:42 +0800 Message-ID: <20240319161646.2153867-2-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240319161646.2153867-1-lizetao1@huawei.com> References: <20240319161646.2153867-1-lizetao1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.90.53.73] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemd500012.china.huawei.com (7.221.188.25) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240319_091705_970536_E3FA59F6 X-CRM114-Status: GOOD ( 22.50 ) X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Implement the ACLs feature for ubifs based on vfs Posix ACLs, details as follows: * Initialize acl for newly created inode. * Provides get/set interface to access ACLs. ACLs feature relies on xattr implementation which using specific key names "system.posix_acl_default" and "system.posix_acl_access". Now Only the v2 version of POSIX ACLs is supported, and ubifs does [...] Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [45.249.212.32 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [45.249.212.32 listed in wl.mailspike.net] 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -0.0 T_SCC_BODY_TEXT_LINE No description available. X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Implement the ACLs feature for ubifs based on vfs Posix ACLs, details as follows: * Initialize acl for newly created inode. * Provides get/set interface to access ACLs. ACLs feature relies on xattr implementation which using specific key names "system.posix_acl_default" and "system.posix_acl_access". Now Only the v2 version of POSIX ACLs is supported, and ubifs does not need to customize the storage format, which can simplify the implementation. Signed-off-by: Li Zetao --- fs/ubifs/acl.c | 140 +++++++++++++++++++++++++++++++++++++++++++++++ fs/ubifs/ubifs.h | 13 +++++ fs/ubifs/xattr.c | 1 - 3 files changed, 153 insertions(+), 1 deletion(-) create mode 100644 fs/ubifs/acl.c diff --git a/fs/ubifs/acl.c b/fs/ubifs/acl.c new file mode 100644 index 000000000000..253568baf097 --- /dev/null +++ b/fs/ubifs/acl.c @@ -0,0 +1,140 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * This file is part of UBIFS. + * + * Copyright (C) 2024 Huawei Tech. Co., Ltd. + * + * Authors: Li Zetao + */ + +/* This file implements POSIX Access Control Lists (ACLs) */ + +#include "ubifs.h" + +#include + +struct posix_acl *ubifs_get_inode_acl(struct inode *inode, int type, bool rcu) +{ + char *xattr_value = NULL; + const char *xattr_name; + struct posix_acl *acl; + ssize_t size; + + if (rcu) + return ERR_PTR(-ECHILD); + + xattr_name = posix_acl_xattr_name(type); + if (unlikely(!strcmp(xattr_name, ""))) + return ERR_PTR(-EINVAL); + + size = ubifs_xattr_get(inode, xattr_name, NULL, 0); + if (size > 0) { + xattr_value = kzalloc(size, GFP_KERNEL); + if (unlikely(!xattr_value)) + return ERR_PTR(-ENOMEM); + + size = ubifs_xattr_get(inode, xattr_name, xattr_value, size); + } + + if (size > 0) + acl = posix_acl_from_xattr(&init_user_ns, xattr_value, size); + else if (size == -ENODATA || size == 0) + acl = NULL; + else + acl = ERR_PTR(size); + + kfree(xattr_value); + + return acl; +} + +static int __ubifs_set_acl(struct inode *inode, int type, struct posix_acl *acl, int flags) +{ + void *xattr_value = NULL; + const char *xattr_name; + size_t size = 0; + int error; + + xattr_name = posix_acl_xattr_name(type); + if (unlikely(!strcmp(xattr_name, ""))) + return -EINVAL; + + if (unlikely(!strcmp(xattr_name, XATTR_NAME_POSIX_ACL_DEFAULT) && !S_ISDIR(inode->i_mode))) + return acl ? -EACCES : 0; + + if (acl) { + size = posix_acl_xattr_size(acl->a_count); + xattr_value = kmalloc(size, GFP_KERNEL); + if (unlikely(!xattr_value)) + return -ENOMEM; + + error = posix_acl_to_xattr(&init_user_ns, acl, xattr_value, size); + if (unlikely(error < 0)) + goto out; + } + + error = ubifs_xattr_set(inode, xattr_name, xattr_value, size, flags, false); + if (likely(!error)) + set_cached_acl(inode, type, acl); +out: + kfree(xattr_value); + return error; +} + +int ubifs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry, struct posix_acl *acl, int type) +{ + struct inode *inode = d_inode(dentry); + umode_t old_mode = inode->i_mode; + int error; + + if (type == ACL_TYPE_ACCESS && acl) { + error = posix_acl_update_mode(idmap, inode, &inode->i_mode, &acl); + if (unlikely(error)) + return error; + } + + error = __ubifs_set_acl(inode, type, acl, 0); + if (unlikely(error)) + inode->i_mode = old_mode; + + return error; + +} + +/** + * ubifs_init_acl - initialize the ACLs for a new inode. + * @inode: newly created inode + * @dir: parent directory inode + * + * This function initialize ACLs, including inheriting the + * default ACLs of parent directory or modifying the default + * ACLs according to the mode parameter in open() / creat() + * system calls. + */ +int ubifs_init_acl(struct inode *inode, struct inode *dir) +{ + struct posix_acl *default_acl; + struct posix_acl *acl; + int error; + + error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); + if (unlikely(error)) + return error; + + if (default_acl) { + error = __ubifs_set_acl(inode, ACL_TYPE_DEFAULT, default_acl, XATTR_CREATE); + posix_acl_release(default_acl); + } else { + inode->i_default_acl = NULL; + } + + if (acl) { + if (likely(!error)) + error = __ubifs_set_acl(inode, ACL_TYPE_ACCESS, acl, XATTR_CREATE); + posix_acl_release(acl); + } else { + inode->i_acl = NULL; + } + + return error; +} diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index 3916dc4f30ca..b0d3b076290d 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -2069,6 +2069,19 @@ static inline int ubifs_init_security(struct inode *dentry, } #endif +#ifdef CONFIG_UBIFS_FS_POSIX_ACL +struct posix_acl *ubifs_get_inode_acl(struct inode *inode, int type, bool rcu); +int ubifs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry, struct posix_acl *acl, int type); +int ubifs_init_acl(struct inode *inode, struct inode *dir); + +#else /* CONFIG_UBIFS_FS_POSIX_ACL */ +#define ubifs_get_inode_acl NULL +#define ubifs_set_acl NULL +static inline int ubifs_init_acl(struct inode *inode, struct inode *dir) +{ + return 0; +} +#endif /* CONFIG_UBIFS_FS_POSIX_ACL */ /* super.c */ struct inode *ubifs_iget(struct super_block *sb, unsigned long inum); diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 0847db521984..eb1c1f5d10df 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -40,7 +40,6 @@ * in the VFS inode cache. The xentries are cached in the LNC cache (see * tnc.c). * - * ACL support is not implemented. */ #include "ubifs.h" From patchwork Tue Mar 19 16:16:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Zetao X-Patchwork-Id: 1913713 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=dPqyyqLm; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TzcLs6D9lz1yXD for ; Wed, 20 Mar 2024 03:17:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Hn6aISJXyGIBc3NQhmOx9ux0CidPclZV137+cU1/hF0=; b=dPqyyqLmv1YR9l 1s07DK3UjPjkxfg3/NmXRL1SFxxijS5OntCI3SGNPkuAr8228FY/05xdbJ+Kr0bmk0ryUkmRqGRm/ ExBIKmfOX6aBiWG2dfBwiVcXRjaMi5vnYEfe18XLnnlNaKzzZVOH+KtBKN+GElQU/d/isF0dlEUcG oEgfosk6XahVnWKeYiWkKAGAbjPWc6vYnen0aF/AAdpz2Gxa1jRJ3Q5rSuP1JAvn22fSSx8a7J3TS yyb27hc/ppBPZG+WSzOTnKyQv/SZ2H1WhNUViJOr38wxpIzLV0bsXTiPaDLO27afwwlT019RpURWI tx2TuyURuyIwZ1skarHg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9H-0000000DKHr-1u5R; Tue, 19 Mar 2024 16:17:11 +0000 Received: from szxga05-in.huawei.com ([45.249.212.191]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9C-0000000DKE1-2jbD for linux-mtd@lists.infradead.org; Tue, 19 Mar 2024 16:17:08 +0000 Received: from mail.maildlp.com (unknown [172.19.163.17]) by szxga05-in.huawei.com (SkyGuard) with ESMTP id 4TzcHM2TsWz1h30K; Wed, 20 Mar 2024 00:14:23 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id DD1011A0172; Wed, 20 Mar 2024 00:16:55 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Wed, 20 Mar 2024 00:16:55 +0800 From: Li Zetao To: , CC: , , Subject: [RFC PATCH 2/5] ubifs: Initialize or update ACLs for inode Date: Wed, 20 Mar 2024 00:16:43 +0800 Message-ID: <20240319161646.2153867-3-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240319161646.2153867-1-lizetao1@huawei.com> References: <20240319161646.2153867-1-lizetao1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.90.53.73] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemd500012.china.huawei.com (7.221.188.25) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240319_091707_037754_C1C4C743 X-CRM114-Status: GOOD ( 11.04 ) X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: There are two scenarios where ACL needs to be updated, the first one is when creating the inode, and the second one is in the chmod process. When creating directories/files/device node/tmpfile, ACLs n [...] Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [45.249.212.191 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [45.249.212.191 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -0.0 T_SCC_BODY_TEXT_LINE No description available. X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org There are two scenarios where ACL needs to be updated, the first one is when creating the inode, and the second one is in the chmod process. When creating directories/files/device node/tmpfile, ACLs needs to be initialized, but symlink do not. Signed-off-by: Li Zetao --- fs/ubifs/dir.c | 16 ++++++++++++++++ fs/ubifs/file.c | 4 ++++ 2 files changed, 20 insertions(+) diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 551148de66cd..dfb6823cc953 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -316,6 +316,10 @@ static int ubifs_create(struct mnt_idmap *idmap, struct inode *dir, goto out_fname; } + err = ubifs_init_acl(inode, dir); + if (err) + goto out_inode; + err = ubifs_init_security(dir, inode, &dentry->d_name); if (err) goto out_inode; @@ -466,6 +470,10 @@ static int ubifs_tmpfile(struct mnt_idmap *idmap, struct inode *dir, } ui = ubifs_inode(inode); + err = ubifs_init_acl(inode, dir); + if (err) + goto out_inode; + err = ubifs_init_security(dir, inode, &dentry->d_name); if (err) goto out_inode; @@ -1013,6 +1021,10 @@ static int ubifs_mkdir(struct mnt_idmap *idmap, struct inode *dir, goto out_fname; } + err = ubifs_init_acl(inode, dir); + if (err) + goto out_inode; + err = ubifs_init_security(dir, inode, &dentry->d_name); if (err) goto out_inode; @@ -1108,6 +1120,10 @@ static int ubifs_mknod(struct mnt_idmap *idmap, struct inode *dir, ui->data = dev; ui->data_len = devlen; + err = ubifs_init_acl(inode, dir); + if (err) + goto out_inode; + err = ubifs_init_security(dir, inode, &dentry->d_name); if (err) goto out_inode; diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c index 5029eb3390a5..8f964f8b0f96 100644 --- a/fs/ubifs/file.c +++ b/fs/ubifs/file.c @@ -41,6 +41,7 @@ #include #include #include +#include static int read_block(struct inode *inode, void *addr, unsigned int block, struct ubifs_data_node *dn) @@ -1298,6 +1299,9 @@ int ubifs_setattr(struct mnt_idmap *idmap, struct dentry *dentry, else err = do_setattr(c, inode, attr); + if (!err && (attr->ia_valid & ATTR_MODE)) + err = posix_acl_chmod(idmap, dentry, inode->i_mode); + return err; } From patchwork Tue Mar 19 16:16:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Zetao X-Patchwork-Id: 1913712 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ksMX56xf; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TzcLs5t9Kz1yWs for ; Wed, 20 Mar 2024 03:17:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=dzCOPKDf7azAf/P0Mt1WdxwHJR+5ZfnVpM58aswC2qc=; b=ksMX56xfI/rjip M3Z7auoDg4Ct6HbUghEqRtsltSi/mXVs+4Fj+yhIeSGGmMVALFxWIxgiMWEmgjJXv+0cods91Hs3P cw0fl0anQCQ8KVc2S3hbqNpkHJjeWRCmgmr+wm1u8xmwBOumGETktEfRdmJyQkpZbYG45UMT2IXGG DyVy2CtlfmRaNfAvOdl/3Fh4DWL+/NwKWEGndiHJPiRoMaB/OzddEE7HyQJ/B7ZgeMChSZNBexyvL S10I8l3snKn0jV4srrlkAlyRB9oNgGjeuAJ4GI/LrEbU6nnXGhfQpqJhy2gH8+MEh6O2BwIbFbI3r Y0KQbyQ++bjxocYxYWiw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9E-0000000DKGm-44S4; Tue, 19 Mar 2024 16:17:08 +0000 Received: from szxga08-in.huawei.com ([45.249.212.255]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9A-0000000DKDF-3XLL for linux-mtd@lists.infradead.org; Tue, 19 Mar 2024 16:17:06 +0000 Received: from mail.maildlp.com (unknown [172.19.163.174]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4TzcHj1RB5z1Q9nB; Wed, 20 Mar 2024 00:14:41 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id 3AC8A14040D; Wed, 20 Mar 2024 00:16:56 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Wed, 20 Mar 2024 00:16:55 +0800 From: Li Zetao To: , CC: , , Subject: [RFC PATCH 3/5] ubifs: Support accessing ACLs through inode_operations Date: Wed, 20 Mar 2024 00:16:44 +0800 Message-ID: <20240319161646.2153867-4-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240319161646.2153867-1-lizetao1@huawei.com> References: <20240319161646.2153867-1-lizetao1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.90.53.73] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemd500012.china.huawei.com (7.221.188.25) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240319_091705_080367_05E346FB X-CRM114-Status: UNSURE ( 7.86 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Register the get/set interfaces to the inode operations whilch allows access to the ACL through the vfs layer. Signed-off-by: Li Zetao --- fs/ubifs/dir.c | 2 ++ fs/ubifs/file.c | 2 ++ 2 files changed, 4 insertions(+) Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [45.249.212.255 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Register the get/set interfaces to the inode operations whilch allows access to the ACL through the vfs layer. Signed-off-by: Li Zetao --- fs/ubifs/dir.c | 2 ++ fs/ubifs/file.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index dfb6823cc953..59784349ba21 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -1724,6 +1724,8 @@ const struct inode_operations ubifs_dir_inode_operations = { .setattr = ubifs_setattr, .getattr = ubifs_getattr, .listxattr = ubifs_listxattr, + .get_inode_acl = ubifs_get_inode_acl, + .set_acl = ubifs_set_acl, .update_time = ubifs_update_time, .tmpfile = ubifs_tmpfile, .fileattr_get = ubifs_fileattr_get, diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c index 8f964f8b0f96..80def8734b13 100644 --- a/fs/ubifs/file.c +++ b/fs/ubifs/file.c @@ -1665,6 +1665,8 @@ const struct inode_operations ubifs_file_inode_operations = { .setattr = ubifs_setattr, .getattr = ubifs_getattr, .listxattr = ubifs_listxattr, + .get_inode_acl = ubifs_get_inode_acl, + .set_acl = ubifs_set_acl, .update_time = ubifs_update_time, .fileattr_get = ubifs_fileattr_get, .fileattr_set = ubifs_fileattr_set, From patchwork Tue Mar 19 16:16:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Zetao X-Patchwork-Id: 1913714 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=QKaDRtfw; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TzcLt14sWz23sG for ; Wed, 20 Mar 2024 03:17:26 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ODVh4IzqACTSsKc5LPkSQwBWXPOwutXbHqArthh6Onw=; b=QKaDRtfwB+s0s3 BsEmWocpeSE/WlU7X5oLe3iT+2h1dF908Awz874/OpUzgmp1+GtHOuEMWMrIIScwI+A5Ol2KXkBg0 2sit3ah738QM1EUrhCnF3OwBVY42dhHqHbAdJV2Eqsl5x/czRXjlX3bSnubOpWNpaPEJlAbmCQMLH Uen1emW7z4G0ZX9oc++0Mt+LgBBZFTqsdi0Ndk7jdA35LpAmXjF0YJuk0J9kXGBrYlO+Qgv5HRtlB BrCHWv33iJtppIDNXxwqFEWoVlaYLNBMsNIovBGxibNQ+Ty9YI76M5wZRKqZ8jLcq5XuqAJMRW18e rs40JxW1kELOBqxn7WZw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9I-0000000DKIN-3X17; Tue, 19 Mar 2024 16:17:12 +0000 Received: from szxga04-in.huawei.com ([45.249.212.190]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9C-0000000DKE6-2uLP for linux-mtd@lists.infradead.org; Tue, 19 Mar 2024 16:17:08 +0000 Received: from mail.maildlp.com (unknown [172.19.163.44]) by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4TzcHM5Q6dz2Bgb9; Wed, 20 Mar 2024 00:14:23 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id 7D3A514013B; Wed, 20 Mar 2024 00:16:56 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Wed, 20 Mar 2024 00:16:56 +0800 From: Li Zetao To: , CC: , , Subject: [RFC PATCH 4/5] ubifs: Introduce ACLs mount options Date: Wed, 20 Mar 2024 00:16:45 +0800 Message-ID: <20240319161646.2153867-5-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240319161646.2153867-1-lizetao1@huawei.com> References: <20240319161646.2153867-1-lizetao1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.90.53.73] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemd500012.china.huawei.com (7.221.188.25) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240319_091707_177227_4F16DA14 X-CRM114-Status: GOOD ( 12.69 ) X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Implement the ability to enable or disable the ACLs feature through mount options. "-o acl" option means enable and "-o noacl" means disable and it is enable by default. Signed-off-by: Li Zetao --- fs/ubifs/super.c | 40 ++++++++++++++++++++++++++++++++++++++++ fs/ubifs/ubifs.h | 2 ++ 2 files changed, 42 insertions(+) Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [45.249.212.190 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [45.249.212.190 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -0.0 T_SCC_BODY_TEXT_LINE No description available. X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Implement the ability to enable or disable the ACLs feature through mount options. "-o acl" option means enable and "-o noacl" means disable and it is enable by default. Signed-off-by: Li Zetao --- fs/ubifs/super.c | 40 ++++++++++++++++++++++++++++++++++++++++ fs/ubifs/ubifs.h | 2 ++ 2 files changed, 42 insertions(+) diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c index 7f4031a15f4d..ed03bf11e51d 100644 --- a/fs/ubifs/super.c +++ b/fs/ubifs/super.c @@ -457,6 +457,13 @@ static int ubifs_show_options(struct seq_file *s, struct dentry *root) seq_printf(s, ",assert=%s", ubifs_assert_action_name(c)); seq_printf(s, ",ubi=%d,vol=%d", c->vi.ubi_num, c->vi.vol_id); +#ifdef CONFIG_UBIFS_FS_POSIX_ACL + if (c->mount_opts.acl == 2) + seq_puts(s, ",acl"); + else if (c->mount_opts.acl == 1) + seq_puts(s, ",noacl"); +#endif + return 0; } @@ -967,6 +974,8 @@ static int check_volume_empty(struct ubifs_info *c) * Opt_assert: set ubifs_assert() action * Opt_auth_key: The key name used for authentication * Opt_auth_hash_name: The hash type used for authentication + * Opt_acl: enable posix acl + * Opt_noacl: disable posix acl * Opt_err: just end of array marker */ enum { @@ -981,6 +990,8 @@ enum { Opt_auth_key, Opt_auth_hash_name, Opt_ignore, + Opt_acl, + Opt_noacl, Opt_err, }; @@ -997,6 +1008,8 @@ static const match_table_t tokens = { {Opt_ignore, "ubi=%s"}, {Opt_ignore, "vol=%s"}, {Opt_assert, "assert=%s"}, + {Opt_acl, "acl"}, + {Opt_noacl, "noacl"}, {Opt_err, NULL}, }; @@ -1137,6 +1150,23 @@ static int ubifs_parse_options(struct ubifs_info *c, char *options, break; case Opt_ignore: break; +#ifdef CONFIG_UBIFS_FS_POSIX_ACL + case Opt_acl: + c->mount_opts.acl = 2; + c->vfs_sb->s_flags |= SB_POSIXACL; + break; + case Opt_noacl: + c->mount_opts.acl = 1; + c->vfs_sb->s_flags &= ~SB_POSIXACL; + break; +#else + case Opt_acl: + ubifs_err(c, "acl options not supported"); + return -EINVAL; + case Opt_noacl: + ubifs_err(c, "noacl options not supported"); + return -EINVAL; +#endif default: { unsigned long flag; @@ -2011,12 +2041,17 @@ static int ubifs_remount_fs(struct super_block *sb, int *flags, char *data) sync_filesystem(sb); dbg_gen("old flags %#lx, new flags %#x", sb->s_flags, *flags); + c->mount_opts.acl = 0; err = ubifs_parse_options(c, data, 1); if (err) { ubifs_err(c, "invalid or unknown remount parameter"); return err; } +#ifdef CONFIG_UBIFS_FS_POSIX_ACL + if (!c->mount_opts.acl) + c->vfs_sb->s_flags |= SB_POSIXACL; +#endif if (c->ro_mount && !(*flags & SB_RDONLY)) { if (c->ro_error) { ubifs_msg(c, "cannot re-mount R/W due to prior errors"); @@ -2197,6 +2232,11 @@ static int ubifs_fill_super(struct super_block *sb, void *data, int silent) if (err) goto out_close; +#ifdef CONFIG_UBIFS_FS_POSIX_ACL + if (!c->mount_opts.acl) + c->vfs_sb->s_flags |= SB_POSIXACL; +#endif + /* * UBIFS provides 'backing_dev_info' in order to disable read-ahead. For * UBIFS, I/O is not deferred, it is done immediately in read_folio, diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index b0d3b076290d..4a6078cbb2f5 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -956,6 +956,7 @@ struct ubifs_orphan { * specified in @compr_type) * @compr_type: compressor type to override the superblock compressor with * (%UBIFS_COMPR_NONE, etc) + * @acl: enable/disable posix acl (%0 default, %1 disable, %2 enable) */ struct ubifs_mount_opts { unsigned int unmount_mode:2; @@ -963,6 +964,7 @@ struct ubifs_mount_opts { unsigned int chk_data_crc:2; unsigned int override_compr:1; unsigned int compr_type:2; + unsigned int acl:2; }; /** From patchwork Tue Mar 19 16:16:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Zetao X-Patchwork-Id: 1913716 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=OpG7bZM4; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TzcLw03gNz1yWs for ; Wed, 20 Mar 2024 03:17:28 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DR3T2P13hRSGNEfy1ZV2OnPIdjmyqdgGX9xnPbnchoE=; b=OpG7bZM4VB+OER uPGFFBjtmU3ETq7fa09lhpyG3T9QmPmy4FOCQ0etW/GdMQGwYhAi26zppMswv6oykYFBs2X8gA5sV 4Yp/6HTMMrK5W6gMtF+AgNHl7w1o3ALetn2CDx60iXq4HnYNc3yQqI51pEALl0mNDbyma9pPYhMoa rR2zwISTtN9q+scyuH8M+bX5NGhgeG+zwP/xLY+FFTk87rFXzReCtqq/cQlXPhPWpE/I39MP/t93X fgD4V8pvPMaJuBd8G0Qu/r0Ab24yFH5LAS2BcXv92iMH3/XNBhOjyQ4eWB7beLyXxrShPJlXnVGTJ 0Z/Z8n348M/ELZkDKqIg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9H-0000000DKHz-4BrK; Tue, 19 Mar 2024 16:17:12 +0000 Received: from szxga07-in.huawei.com ([45.249.212.35]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rmc9C-0000000DKE3-2oZW for linux-mtd@lists.infradead.org; Tue, 19 Mar 2024 16:17:08 +0000 Received: from mail.maildlp.com (unknown [172.19.88.234]) by szxga07-in.huawei.com (SkyGuard) with ESMTP id 4TzcHM57mDz1R7QS; Wed, 20 Mar 2024 00:14:23 +0800 (CST) Received: from kwepemd500012.china.huawei.com (unknown [7.221.188.25]) by mail.maildlp.com (Postfix) with ESMTPS id C42E71400CA; Wed, 20 Mar 2024 00:16:56 +0800 (CST) Received: from huawei.com (10.90.53.73) by kwepemd500012.china.huawei.com (7.221.188.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Wed, 20 Mar 2024 00:16:56 +0800 From: Li Zetao To: , CC: , , Subject: [RFC PATCH 5/5] ubifs: Add ACLs config option Date: Wed, 20 Mar 2024 00:16:46 +0800 Message-ID: <20240319161646.2153867-6-lizetao1@huawei.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240319161646.2153867-1-lizetao1@huawei.com> References: <20240319161646.2153867-1-lizetao1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.90.53.73] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemd500012.china.huawei.com (7.221.188.25) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240319_091706_996712_49710E85 X-CRM114-Status: UNSURE ( 9.35 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add CONFIG_UBIFS_FS_POSIX_ACL to select ACL for UBIFS, but it should be noted that this config option depends on UBIFS_FS_XATTR. Signed-off-by: Li Zetao --- fs/ubifs/Kconfig | 14 ++++++++++++++ fs/ubifs/Makefile | 1 + 2 files changed, 15 insertions(+) Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [45.249.212.35 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [45.249.212.35 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -0.0 T_SCC_BODY_TEXT_LINE No description available. X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add CONFIG_UBIFS_FS_POSIX_ACL to select ACL for UBIFS, but it should be noted that this config option depends on UBIFS_FS_XATTR. Signed-off-by: Li Zetao --- fs/ubifs/Kconfig | 14 ++++++++++++++ fs/ubifs/Makefile | 1 + 2 files changed, 15 insertions(+) diff --git a/fs/ubifs/Kconfig b/fs/ubifs/Kconfig index 45d3d207fb99..9ac5ddd5ded3 100644 --- a/fs/ubifs/Kconfig +++ b/fs/ubifs/Kconfig @@ -98,4 +98,18 @@ config UBIFS_FS_AUTHENTICATION sha256, these are not selected automatically since there are many different options. +config UBIFS_FS_POSIX_ACL + bool "UBIFS POSIX Access Control Lists" + depends on UBIFS_FS_XATTR + select FS_POSIX_ACL + default y + help + Posix Access Control Lists (ACLs) support permissions for users and + groups beyond the owner/group/world scheme. + + To learn more about Access Control Lists, visit the Posix ACLs for + Linux website . + + If you don't know what Access Control Lists are, say N + endif # UBIFS_FS diff --git a/fs/ubifs/Makefile b/fs/ubifs/Makefile index 314c80b24a76..1e0733a647d5 100644 --- a/fs/ubifs/Makefile +++ b/fs/ubifs/Makefile @@ -9,3 +9,4 @@ ubifs-y += misc.o sysfs.o ubifs-$(CONFIG_FS_ENCRYPTION) += crypto.o ubifs-$(CONFIG_UBIFS_FS_XATTR) += xattr.o ubifs-$(CONFIG_UBIFS_FS_AUTHENTICATION) += auth.o +ubifs-$(CONFIG_UBIFS_FS_POSIX_ACL) += acl.o \ No newline at end of file