nfsd: Fix unnecessary deny bits in NFSv4 ACL
authorFrank Filz <ffilzlnx@us.ibm.com>
Fri, 14 Aug 2009 22:02:30 +0000 (15:02 -0700)
committerJ. Bruce Fields <bfields@citi.umich.edu>
Tue, 25 Aug 2009 00:01:22 +0000 (20:01 -0400)
The group deny entries end up denying tcy even though tcy was just
allowed by the allow entry. This appears to be due to:
ace->access_mask = mask_from_posix(deny, flags);
instead of:
ace->access_mask = deny_mask_from_posix(deny, flags);

Denying a previously allowed bit has no effect, so this shouldn't affect
behavior, but it's ugly.

Signed-off-by: Frank Filz <ffilzlnx@us.ibm.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
fs/nfsd/nfs4acl.c

index 54b8b4140c8f6e32203363bd9b53e8aa2ed09f7e..5320c2b6c7a6af5e4567388d4c6c9045f1411a36 100644 (file)
@@ -335,7 +335,7 @@ _posix_to_nfsv4_one(struct posix_acl *pacl, struct nfs4_acl *acl,
                if (deny) {
                        ace->type = NFS4_ACE_ACCESS_DENIED_ACE_TYPE;
                        ace->flag = eflag | NFS4_ACE_IDENTIFIER_GROUP;
-                       ace->access_mask = mask_from_posix(deny, flags);
+                       ace->access_mask = deny_mask_from_posix(deny, flags);
                        ace->whotype = NFS4_ACL_WHO_NAMED;
                        ace->who = pa->e_id;
                        ace++;