nfsd: take xattr bits into account for permission checks

Since the NFSv4.2 extended attributes extension defines 3 new access
bits for xattr operations, take them in to account when validating
what the client is asking for, and when checking permissions.

Signed-off-by: Frank van der Linden <fllinden@amazon.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index a09c35f0f6f07a280180d6b96141a0bb3f2b9bea..841aad7727983a2ce6b547b2185980feaf931189 100644 (file)
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -566,8 +566,14 @@ nfsd4_access(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
             union nfsd4_op_u *u)
 {
        struct nfsd4_access *access = &u->access;
+       u32 access_full;
 
-       if (access->ac_req_access & ~NFS3_ACCESS_FULL)
+       access_full = NFS3_ACCESS_FULL;
+       if (cstate->minorversion >= 2)
+               access_full |= NFS4_ACCESS_XALIST | NFS4_ACCESS_XAREAD |
+                              NFS4_ACCESS_XAWRITE;
+
+       if (access->ac_req_access & ~access_full)
                return nfserr_inval;
 
        access->ac_resp_access = access->ac_req_access;

diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 6d2955253f73cc2c73fe8c27110cdd43967463f7..7d2933b85b6536c0c26a0e9b2beb6e646757dce6 100644 (file)
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -612,6 +612,12 @@ static struct accessmap    nfs3_regaccess[] = {
     {  NFS3_ACCESS_MODIFY,     NFSD_MAY_WRITE|NFSD_MAY_TRUNC   },
     {  NFS3_ACCESS_EXTEND,     NFSD_MAY_WRITE                  },
 
+#ifdef CONFIG_NFSD_V4
+    {  NFS4_ACCESS_XAREAD,     NFSD_MAY_READ                   },
+    {  NFS4_ACCESS_XAWRITE,    NFSD_MAY_WRITE                  },
+    {  NFS4_ACCESS_XALIST,     NFSD_MAY_READ                   },
+#endif
+
     {  0,                      0                               }
 };
 
@@ -622,6 +628,12 @@ static struct accessmap    nfs3_diraccess[] = {
     {  NFS3_ACCESS_EXTEND,     NFSD_MAY_EXEC|NFSD_MAY_WRITE    },
     {  NFS3_ACCESS_DELETE,     NFSD_MAY_REMOVE                 },
 
+#ifdef CONFIG_NFSD_V4
+    {  NFS4_ACCESS_XAREAD,     NFSD_MAY_READ                   },
+    {  NFS4_ACCESS_XAWRITE,    NFSD_MAY_WRITE                  },
+    {  NFS4_ACCESS_XALIST,     NFSD_MAY_READ                   },
+#endif
+
     {  0,                      0                               }
 };