LU-5434 mdd: disregard empty POSIX ACLs

Some files may have a POSIX ACL consisting of only a struct
posix_acl_xattr_header, resulting in unexpected permission errors.
Update mdd_check_acl() to return -EAGAIN when such ACLs are
encountered so the caller falls back to standard UNIX
permissions.

These empty ACLs originate from tools like cp. In some cases (e.g.
'cp -rp') just POSIX_ACL_XATTR_VERSION is given as the value of the
system.posix_acl_default extended attribute.  Lustre accepts and
stores this value on disk, and the bad default ACL then propagates
from directories to newly created directory entries.  Separate
patches will prevent the storage of these bad ACLs.  This patch
mitigates problems caused by the ones already stored.

Other minor updates:
- Use the kernel function posix_acl_xattr_count() to count the
  number of ACL entries.
- Convert remainder of mdd_check_acl() to TAB indentation.

Signed-off-by: Ned Bass <bass6@llnl.gov>
Change-Id: Ib4f7b3874696b7645b9de3f1f10ef45dc4105646
Reviewed-on: http://review.whamcloud.com/11300
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>

diff --git a/lustre/mdd/mdd_permission.c b/lustre/mdd/mdd_permission.c
index 2471c0c..0bbd5e0 100644 (file)
--- a/lustre/mdd/mdd_permission.c
+++ b/lustre/mdd/mdd_permission.c
@@ -208,31 +208,35 @@ static int mdd_check_acl(const struct lu_env *env, struct mdd_object *obj,
 {
 #ifdef CONFIG_FS_POSIX_ACL
        struct lu_ucred  *uc  = lu_ucred_assert(env);
-        posix_acl_xattr_header *head;
-        posix_acl_xattr_entry *entry;
-        struct lu_buf   *buf;
-        int entry_count;
-        int rc;
-        ENTRY;
+       posix_acl_xattr_header *head;
+       posix_acl_xattr_entry *entry;
+       struct lu_buf   *buf;
+       int entry_count;
+       int rc;
+       ENTRY;
 
-        buf = mdd_buf_get(env, mdd_env_info(env)->mti_xattr_buf,
-                          sizeof(mdd_env_info(env)->mti_xattr_buf));
-        rc = mdo_xattr_get(env, obj, buf, XATTR_NAME_ACL_ACCESS,
-                           mdd_object_capa(env, obj));
-        if (rc <= 0)
-                RETURN(rc ? : -EACCES);
+       buf = mdd_buf_get(env, mdd_env_info(env)->mti_xattr_buf,
+                         sizeof(mdd_env_info(env)->mti_xattr_buf));
+       rc = mdo_xattr_get(env, obj, buf, XATTR_NAME_ACL_ACCESS,
+                          mdd_object_capa(env, obj));
+       if (rc <= 0)
+               RETURN(rc ? : -EACCES);
+
+       buf->lb_len = rc;
+       head = (posix_acl_xattr_header *)(buf->lb_buf);
+       entry = head->a_entries;
+       entry_count = posix_acl_xattr_count(buf->lb_len);
 
-        buf->lb_len = rc;
-        head = (posix_acl_xattr_header *)(buf->lb_buf);
-        entry = head->a_entries;
-        entry_count = (buf->lb_len - sizeof(head->a_version)) /
-                      sizeof(posix_acl_xattr_entry);
+       /* Disregard empty ACLs and fall back to
+        * standard UNIX permissions. See LU-5434 */
+       if (entry_count <= 0)
+               RETURN(-EAGAIN);
 
-        rc = lustre_posix_acl_permission(uc, la, mask, entry, entry_count);
-        RETURN(rc);
+       rc = lustre_posix_acl_permission(uc, la, mask, entry, entry_count);
+       RETURN(rc);
 #else
-        ENTRY;
-        RETURN(-EAGAIN);
+       ENTRY;
+       RETURN(-EAGAIN);
 #endif
 }