nfsd: take xattr bits into account for permission checks

Since the NFSv4.2 extended attributes extension defines 3 new access bits for xattr operations, take them in to account when validating what the client is asking for, and when checking permissions. Signed-off-by: Frank van der Linden <fllinden@amazon.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
author: Frank van der Linden <fllinden@amazon.com> 2020-06-24 00:39:24 +0200
committer: Chuck Lever <chuck.lever@oracle.com> 2020-07-13 23:27:03 +0200
commit: c11d7fd1b3178cc651d532bab54adca7f26ae0d0 (patch)
tree: 743949a36cdf549ca6aaf18e592def523157447e /fs/nfsd/nfs4proc.c
parent: nfsd: define xattr functions to call into their vfs counterparts (diff)
download: linux-c11d7fd1b3178cc651d532bab54adca7f26ae0d0.tar.xz
linux-c11d7fd1b3178cc651d532bab54adca7f26ae0d0.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index a09c35f0f6f0..841aad772798 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -566,8 +566,14 @@ nfsd4_access(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
 	     union nfsd4_op_u *u)
 {
 	struct nfsd4_access *access = &u->access;
+	u32 access_full;
 
-	if (access->ac_req_access & ~NFS3_ACCESS_FULL)
+	access_full = NFS3_ACCESS_FULL;
+	if (cstate->minorversion >= 2)
+		access_full |= NFS4_ACCESS_XALIST | NFS4_ACCESS_XAREAD |
+			       NFS4_ACCESS_XAWRITE;
+
+	if (access->ac_req_access & ~access_full)
 		return nfserr_inval;
 
 	access->ac_resp_access = access->ac_req_access;
author	Frank van der Linden <fllinden@amazon.com>	2020-06-24 00:39:24 +0200
committer	Chuck Lever <chuck.lever@oracle.com>	2020-07-13 23:27:03 +0200
commit	c11d7fd1b3178cc651d532bab54adca7f26ae0d0 (patch)
tree	743949a36cdf549ca6aaf18e592def523157447e /fs/nfsd/nfs4proc.c
parent	nfsd: define xattr functions to call into their vfs counterparts (diff)
download	linux-c11d7fd1b3178cc651d532bab54adca7f26ae0d0.tar.xz linux-c11d7fd1b3178cc651d532bab54adca7f26ae0d0.zip