[PATCH v4 04/30] fs: add new get acl method
Miklos Szeredi
miklos at szeredi.hu
Fri Sep 30 08:53:05 UTC 2022
On Thu, 29 Sept 2022 at 17:31, Christian Brauner <brauner at kernel.org> wrote:
> This adds a new ->get_acl() inode operations which takes a dentry
> argument which filesystems such as 9p, cifs, and overlayfs can implement
> to get posix acls.
This is confusing. For example overlayfs ends up with two functions
that are similar, but not quite the same:
ovl_get_acl -> ovl_get_acl_path -> vfs_get_acl -> __get_acl(mnt_userns, ...)
ovl_get_inode_acl -> get_inode_acl -> __get_acl(&init_user_ns, ...)
So what's the difference and why do we need both? If one can retrive
the acl without dentry, then why do we need the one with the dentry?
(BTW in both cases the mnt_userns for the underlying fs is available
and used to translate the acl.)
If a filesystem cannot implement a get_acl() without a dentry, then
what will happen to caller's that don't have a dentry?
Thanks,
Miklos
More information about the Linux-security-module-archive
mailing list