Lines Matching defs:zp
332 zfs_external_acl(znode_t *zp)
337 if (zp->z_is_sa)
349 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_ZNODE_ACL(ZTOZSB(zp)),
357 VERIFY(zp->z_is_sa && error == ENOENT);
369 zfs_acl_znode_info(znode_t *zp, int *aclsize, int *aclcount,
372 zfsvfs_t *zfsvfs = ZTOZSB(zp);
377 ASSERT(MUTEX_HELD(&zp->z_acl_lock));
378 if (zp->z_is_sa) {
379 if ((error = sa_size(zp->z_sa_hdl, SA_ZPL_DACL_ACES(zfsvfs),
383 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_DACL_COUNT(zfsvfs),
388 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_ZNODE_ACL(zfsvfs),
404 zfs_znode_acl_version(znode_t *zp)
408 if (zp->z_is_sa)
421 if ((error = sa_lookup(zp->z_sa_hdl,
422 SA_ZPL_ZNODE_ACL(ZTOZSB(zp)),
430 VERIFY(zp->z_is_sa && error == ENOENT);
446 zfs_acl_version_zp(znode_t *zp)
448 return (zfs_acl_version(ZTOZSB(zp)->z_version));
795 zfs_acl_xform(znode_t *zp, zfs_acl_t *aclp, cred_t *cr)
827 VERIFY(zfs_copy_ace_2_fuid(ZTOZSB(zp), ZTOI(zp)->i_mode,
1071 zfs_acl_node_read(struct znode *zp, boolean_t have_lock, zfs_acl_t **aclpp,
1083 ASSERT(MUTEX_HELD(&zp->z_acl_lock));
1085 if (zp->z_acl_cached && !will_modify) {
1086 *aclpp = zp->z_acl_cached;
1097 if (!zp->z_is_sa && !have_lock) {
1098 mutex_enter(&zp->z_lock);
1101 version = zfs_znode_acl_version(zp);
1103 if ((error = zfs_acl_znode_info(zp, &aclsize,
1117 if (!zp->z_is_sa) {
1119 error = dmu_read(ZTOZSB(zp)->z_os,
1127 error = sa_lookup(zp->z_sa_hdl, SA_ZPL_DACL_ACES(ZTOZSB(zp)),
1144 zp->z_acl_cached = aclp;
1147 mutex_exit(&zp->z_lock);
1170 zfs_acl_chown_setattr(znode_t *zp)
1175 if (ZTOZSB(zp)->z_acl_type == ZFS_ACLTYPE_POSIX)
1178 ASSERT(MUTEX_HELD(&zp->z_lock));
1179 ASSERT(MUTEX_HELD(&zp->z_acl_lock));
1181 error = zfs_acl_node_read(zp, B_TRUE, &aclp, B_FALSE);
1183 zp->z_mode = ZTOI(zp)->i_mode =
1184 zfs_mode_compute(zp->z_mode, aclp,
1185 &zp->z_pflags, KUID_TO_SUID(ZTOI(zp)->i_uid),
1186 KGID_TO_SGID(ZTOI(zp)->i_gid));
1354 zfs_aclset_common(znode_t *zp, zfs_acl_t *aclp, cred_t *cr, dmu_tx_t *tx)
1357 zfsvfs_t *zfsvfs = ZTOZSB(zp);
1366 mode = zp->z_mode;
1368 mode = zfs_mode_compute(mode, aclp, &zp->z_pflags,
1369 KUID_TO_SUID(ZTOI(zp)->i_uid), KGID_TO_SGID(ZTOI(zp)->i_gid));
1371 zp->z_mode = ZTOI(zp)->i_mode = mode;
1375 &zp->z_pflags, sizeof (zp->z_pflags));
1379 if (zp->z_acl_cached) {
1380 zfs_acl_free(zp->z_acl_cached);
1381 zp->z_acl_cached = NULL;
1392 zfs_acl_xform(zp, aclp, cr);
1402 if (zp->z_is_sa) { /* the easy case, just update the ACL attribute */
1413 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_ZNODE_ACL(zfsvfs),
1494 zp->z_pflags &= ~ZFS_ACL_WIDE_FLAGS;
1496 zp->z_pflags |= aclp->z_hints;
1499 zp->z_pflags |= ZFS_ACL_TRIVIAL;
1501 zfs_tstamp_update_setup(zp, STATE_CHANGED, NULL, ctime);
1502 return (sa_bulk_update(zp->z_sa_hdl, bulk, count, tx));
1625 zfs_acl_chmod_setattr(znode_t *zp, zfs_acl_t **aclp, uint64_t mode)
1629 mutex_enter(&zp->z_acl_lock);
1630 mutex_enter(&zp->z_lock);
1631 if (ZTOZSB(zp)->z_acl_mode == ZFS_ACL_DISCARD)
1632 *aclp = zfs_acl_alloc(zfs_acl_version_zp(zp));
1634 error = zfs_acl_node_read(zp, B_TRUE, aclp, B_TRUE);
1637 (*aclp)->z_hints = zp->z_pflags & V4_ACL_WIDE_FLAGS;
1638 zfs_acl_chmod(S_ISDIR(ZTOI(zp)->i_mode), mode, B_TRUE,
1639 (ZTOZSB(zp)->z_acl_mode == ZFS_ACL_GROUPMASK), *aclp);
1641 mutex_exit(&zp->z_lock);
1642 mutex_exit(&zp->z_acl_lock);
1967 zfs_getacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
1981 if ((error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr,
1985 mutex_enter(&zp->z_acl_lock);
1987 error = zfs_acl_node_read(zp, B_FALSE, &aclp, B_FALSE);
1989 mutex_exit(&zp->z_acl_lock);
1996 if ((zp->z_pflags & ZFS_ACL_OBJ_ACE) && !(mask & VSA_ACE_ALLTYPES)) {
2033 zfs_copy_fuid_2_ace(ZTOZSB(zp), aclp, cr,
2051 if (zp->z_pflags & ZFS_ACL_DEFAULTED)
2053 if (zp->z_pflags & ZFS_ACL_PROTECTED)
2055 if (zp->z_pflags & ZFS_ACL_AUTO_INHERIT)
2059 mutex_exit(&zp->z_acl_lock);
2123 zfs_setacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
2125 zfsvfs_t *zfsvfs = ZTOZSB(zp);
2138 if (zp->z_pflags & ZFS_IMMUTABLE)
2141 if ((error = zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr,
2145 error = zfs_vsec_2_aclp(zfsvfs, ZTOI(zp)->i_mode, vsecp, cr, &fuidp,
2156 (zp->z_pflags & V4_ACL_WIDE_FLAGS);
2159 mutex_enter(&zp->z_acl_lock);
2160 mutex_enter(&zp->z_lock);
2164 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2175 if ((acl_obj = zfs_external_acl(zp)) != 0) {
2177 zfs_znode_acl_version(zp) <= ZFS_ACL_VERSION_INITIAL) {
2185 } else if (!zp->z_is_sa && aclp->z_acl_bytes > ZFS_ACE_SPACE) {
2189 zfs_sa_upgrade_txholds(tx, zp);
2192 mutex_exit(&zp->z_acl_lock);
2193 mutex_exit(&zp->z_lock);
2205 error = zfs_aclset_common(zp, aclp, cr, tx);
2207 ASSERT(zp->z_acl_cached == NULL);
2208 zp->z_acl_cached = aclp;
2213 zfs_log_acl(zilog, tx, zp, vsecp, fuidp);
2219 mutex_exit(&zp->z_lock);
2220 mutex_exit(&zp->z_acl_lock);
2231 zfs_zaccess_dataset_check(znode_t *zp, uint32_t v4_mode)
2233 if ((v4_mode & WRITE_MASK) && (zfs_is_readonly(ZTOZSB(zp))) &&
2234 (!Z_ISDEV(ZTOI(zp)->i_mode) || (v4_mode & WRITE_MASK_ATTRS))) {
2243 (zp->z_pflags & ZFS_IMMUTABLE)) {
2248 (zp->z_pflags & ZFS_NOUNLINK)) {
2253 (zp->z_pflags & ZFS_AV_QUARANTINED))) {
2286 zfs_zaccess_aces_check(znode_t *zp, uint32_t *working_mode,
2289 zfsvfs_t *zfsvfs = ZTOZSB(zp);
2304 fowner = zfs_uid_to_vfsuid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
2305 KUID_TO_SUID(ZTOI(zp)->i_uid));
2306 gowner = zfs_gid_to_vfsgid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
2307 KGID_TO_SGID(ZTOI(zp)->i_gid));
2309 zfs_fuid_map_ids(zp, cr, &fowner, &gowner);
2311 mutex_enter(&zp->z_acl_lock);
2313 error = zfs_acl_node_read(zp, B_FALSE, &aclp, B_FALSE);
2315 mutex_exit(&zp->z_acl_lock);
2319 ASSERT(zp->z_acl_cached);
2328 if (S_ISDIR(ZTOI(zp)->i_mode) &&
2368 mutex_exit(&zp->z_acl_lock);
2376 znode_t *, zp,
2382 znode_t *, zp,
2386 mutex_exit(&zp->z_acl_lock);
2398 mutex_exit(&zp->z_acl_lock);
2416 zfs_has_access(znode_t *zp, cred_t *cr)
2420 if (zfs_zaccess_aces_check(zp, &have, B_TRUE, cr,
2424 owner = zfs_fuid_map_id(ZTOZSB(zp),
2425 KUID_TO_SUID(ZTOI(zp)->i_uid), cr, ZFS_OWNER);
2426 return (secpolicy_vnode_any_access(cr, ZTOI(zp), owner) == 0);
2451 zfs_zaccess_trivial(znode_t *zp, uint32_t *working_mode, cred_t *cr,
2457 ASSERT(zp->z_pflags & ZFS_ACL_TRIVIAL);
2467 err = generic_permission(mnt_ns, ZTOI(zp), mask);
2469 err = generic_permission(ZTOI(zp), mask);
2481 zfs_zaccess_common(znode_t *zp, uint32_t v4_mode, uint32_t *working_mode,
2484 zfsvfs_t *zfsvfs = ZTOZSB(zp);
2498 if ((err = zfs_zaccess_dataset_check(zp, v4_mode)) != 0) {
2526 S_ISDIR(ZTOI(zp)->i_mode) &&
2527 (zp->z_pflags & ZFS_READONLY)) {
2531 if (zp->z_pflags & ZFS_ACL_TRIVIAL)
2532 return (zfs_zaccess_trivial(zp, working_mode, cr, mnt_ns));
2534 return (zfs_zaccess_aces_check(zp, working_mode, B_FALSE, cr, mnt_ns));
2538 zfs_zaccess_append(znode_t *zp, uint32_t *working_mode, boolean_t *check_privs,
2544 return (zfs_zaccess_common(zp, ACE_APPEND_DATA, working_mode,
2623 zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr,
2631 znode_t *check_zp = zp;
2635 is_attr = ((zp->z_pflags & ZFS_XATTR) && S_ISDIR(ZTOI(zp)->i_mode));
2641 if ((error = zfs_zget(ZTOZSB(zp),
2642 zp->z_xattr_parent, &xzp)) != 0) {
2663 owner = zfs_uid_to_vfsuid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
2664 KUID_TO_SUID(ZTOI(zp)->i_uid));
2665 owner = zfs_fuid_map_id(ZTOZSB(zp), owner, cr, ZFS_OWNER);
2694 return (secpolicy_vnode_access2(cr, ZTOI(zp), owner,
2705 error = zfs_zaccess_append(zp, &working_mode, &check_privs, cr,
2757 error = secpolicy_vnode_access2(cr, ZTOI(zp), owner,
2772 zfs_zaccess_rwx(znode_t *zp, mode_t mode, int flags, cred_t *cr,
2775 return (zfs_zaccess(zp, zfs_unix_to_v4(mode >> 6), flags, B_FALSE, cr,
2783 zfs_zaccess_unix(void *zp, int mode, cred_t *cr)
2787 return (zfs_zaccess(zp, v4_mode, 0, B_FALSE, cr, zfs_init_idmap));
2864 zfs_zaccess_delete(znode_t *dzp, znode_t *zp, cred_t *cr, zidmap_t *mnt_ns)
2873 if (zp->z_pflags & (ZFS_IMMUTABLE | ZFS_NOUNLINK))
2890 zp_error = zfs_zaccess_common(zp, ACE_DELETE, &zp_working_mode,
2990 return (zfs_sticky_remove_access(dzp, zp, cr));