1*134e1779SJakub Wojciech Klama /* 2*134e1779SJakub Wojciech Klama * Copyright 2016 Chris Torek <torek@ixsystems.com> 3*134e1779SJakub Wojciech Klama * All rights reserved 4*134e1779SJakub Wojciech Klama * 5*134e1779SJakub Wojciech Klama * Redistribution and use in source and binary forms, with or without 6*134e1779SJakub Wojciech Klama * modification, are permitted providing that the following conditions 7*134e1779SJakub Wojciech Klama * are met: 8*134e1779SJakub Wojciech Klama * 1. Redistributions of source code must retain the above copyright 9*134e1779SJakub Wojciech Klama * notice, this list of conditions and the following disclaimer. 10*134e1779SJakub Wojciech Klama * 2. Redistributions in binary form must reproduce the above copyright 11*134e1779SJakub Wojciech Klama * notice, this list of conditions and the following disclaimer in the 12*134e1779SJakub Wojciech Klama * documentation and/or other materials provided with the distribution. 13*134e1779SJakub Wojciech Klama * 14*134e1779SJakub Wojciech Klama * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15*134e1779SJakub Wojciech Klama * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 16*134e1779SJakub Wojciech Klama * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17*134e1779SJakub Wojciech Klama * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 18*134e1779SJakub Wojciech Klama * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19*134e1779SJakub Wojciech Klama * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20*134e1779SJakub Wojciech Klama * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21*134e1779SJakub Wojciech Klama * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 22*134e1779SJakub Wojciech Klama * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 23*134e1779SJakub Wojciech Klama * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24*134e1779SJakub Wojciech Klama * POSSIBILITY OF SUCH DAMAGE. 25*134e1779SJakub Wojciech Klama */ 26*134e1779SJakub Wojciech Klama 27*134e1779SJakub Wojciech Klama /* 28*134e1779SJakub Wojciech Klama * General ACL support for 9P2000.L. 29*134e1779SJakub Wojciech Klama * 30*134e1779SJakub Wojciech Klama * We mostly use Linux's xattr name space and nfs4 ACL bits, as 31*134e1779SJakub Wojciech Klama * these are the most general forms available. 32*134e1779SJakub Wojciech Klama * 33*134e1779SJakub Wojciech Klama * Linux requests attributes named 34*134e1779SJakub Wojciech Klama * 35*134e1779SJakub Wojciech Klama * "system.posix_acl_default" 36*134e1779SJakub Wojciech Klama * "system.posix_acl_access" 37*134e1779SJakub Wojciech Klama * 38*134e1779SJakub Wojciech Klama * to get POSIX style ACLs, and: 39*134e1779SJakub Wojciech Klama * 40*134e1779SJakub Wojciech Klama * "system.nfs4_acl" 41*134e1779SJakub Wojciech Klama * 42*134e1779SJakub Wojciech Klama * to get NFSv4 style ACLs. The v9fs client does not explicitly 43*134e1779SJakub Wojciech Klama * ask for the latter, but if you use the Ubuntu nfs4-acl-tools 44*134e1779SJakub Wojciech Klama * package, it should be able to read and write these. 45*134e1779SJakub Wojciech Klama * 46*134e1779SJakub Wojciech Klama * For the record, the Linux kernel source code also shows: 47*134e1779SJakub Wojciech Klama * 48*134e1779SJakub Wojciech Klama * - Lustre uses "trusted.*", with "*" matching "lov", "lma", 49*134e1779SJakub Wojciech Klama * "lmv", "dmv", "link", "fid", "version", "som", "hsm", and 50*134e1779SJakub Wojciech Klama * "lfsck_namespace". 51*134e1779SJakub Wojciech Klama * 52*134e1779SJakub Wojciech Klama * - ceph has a name tree of the form "ceph.<type>.<name>" with 53*134e1779SJakub Wojciech Klama * <type,name> pairs like <"dir","entries">, <"dir","files>, 54*134e1779SJakub Wojciech Klama * <"file","layout">, and so on. 55*134e1779SJakub Wojciech Klama * 56*134e1779SJakub Wojciech Klama * - ext4 uses the POSIX names, plus some special ext4-specific 57*134e1779SJakub Wojciech Klama * goop that might not get externalized. 58*134e1779SJakub Wojciech Klama * 59*134e1779SJakub Wojciech Klama * - NFS uses both the POSIX names and the NFSv4 ACLs. However, 60*134e1779SJakub Wojciech Klama * what it mainly does is have nfsd generate fake NFSv4 ACLs 61*134e1779SJakub Wojciech Klama * from POSIX ACLs. If you run an NFS client, the client 62*134e1779SJakub Wojciech Klama * relies on the server actually implementing the ACLs, and 63*134e1779SJakub Wojciech Klama * lets nfs4-acl-tools read and write the system.nfs4_acl xattr 64*134e1779SJakub Wojciech Klama * data. If you run an NFS server off, e.g., an ext4 file system, 65*134e1779SJakub Wojciech Klama * the server looks for the system.nfs4_acl xattr, serves that 66*134e1779SJakub Wojciech Klama * out if found, and otherwise just generates the fakes. 67*134e1779SJakub Wojciech Klama * 68*134e1779SJakub Wojciech Klama * - "security.*" and "selinux.*" are reserved. 69*134e1779SJakub Wojciech Klama * 70*134e1779SJakub Wojciech Klama * - "security.capability" is the name for capabilities. 71*134e1779SJakub Wojciech Klama * 72*134e1779SJakub Wojciech Klama * - sockets use "system.sockprotoname". 73*134e1779SJakub Wojciech Klama */ 74*134e1779SJakub Wojciech Klama 75*134e1779SJakub Wojciech Klama #if defined(__APPLE__) 76*134e1779SJakub Wojciech Klama #define HAVE_POSIX_ACLS 77*134e1779SJakub Wojciech Klama #define HAVE_DARWIN_ACLS 78*134e1779SJakub Wojciech Klama #endif 79*134e1779SJakub Wojciech Klama 80*134e1779SJakub Wojciech Klama #if defined(__FreeBSD__) 81*134e1779SJakub Wojciech Klama #define HAVE_POSIX_ACLS 82*134e1779SJakub Wojciech Klama #define HAVE_FREEBSD_ACLS 83*134e1779SJakub Wojciech Klama #endif 84*134e1779SJakub Wojciech Klama 85*134e1779SJakub Wojciech Klama #include <sys/types.h> 86*134e1779SJakub Wojciech Klama #include <sys/acl.h> /* XXX assumes existence of sys/acl.h */ 87*134e1779SJakub Wojciech Klama 88*134e1779SJakub Wojciech Klama /* 89*134e1779SJakub Wojciech Klama * An ACL consists of a number of ACEs that grant some kind of 90*134e1779SJakub Wojciech Klama * "allow" or "deny" to some specific entity. 91*134e1779SJakub Wojciech Klama * 92*134e1779SJakub Wojciech Klama * The number of ACEs is potentially unlimited, although in practice 93*134e1779SJakub Wojciech Klama * they tend not to be that long. 94*134e1779SJakub Wojciech Klama * 95*134e1779SJakub Wojciech Klama * It's the responsibility of the back-end to supply the ACL 96*134e1779SJakub Wojciech Klama * for each test. However, the ACL may be in some sort of 97*134e1779SJakub Wojciech Klama * system-specific form. It's the responsibility of some 98*134e1779SJakub Wojciech Klama * (system-specific) code to translate it to *this* form, after 99*134e1779SJakub Wojciech Klama * which the backend may use l9p_acl_check_access() to get 100*134e1779SJakub Wojciech Klama * access granted or denied (and, eventually, audits and alarms 101*134e1779SJakub Wojciech Klama * recorded and raises, although that's yet to be designed). 102*134e1779SJakub Wojciech Klama * 103*134e1779SJakub Wojciech Klama * The reason for all this faffing-about with formats is so that 104*134e1779SJakub Wojciech Klama * we can *report* the ACLs using Linux 9p style xattrs. 105*134e1779SJakub Wojciech Klama */ 106*134e1779SJakub Wojciech Klama 107*134e1779SJakub Wojciech Klama struct l9p_acl; 108*134e1779SJakub Wojciech Klama struct l9p_fid; 109*134e1779SJakub Wojciech Klama 110*134e1779SJakub Wojciech Klama void l9p_acl_free(struct l9p_acl *); 111*134e1779SJakub Wojciech Klama 112*134e1779SJakub Wojciech Klama /* 113*134e1779SJakub Wojciech Klama * An ACL is made up of ACEs. 114*134e1779SJakub Wojciech Klama * 115*134e1779SJakub Wojciech Klama * Each ACE has: 116*134e1779SJakub Wojciech Klama * 117*134e1779SJakub Wojciech Klama * - a type: allow, deny, audit, alarm 118*134e1779SJakub Wojciech Klama * - a set of flags 119*134e1779SJakub Wojciech Klama * - permissions bits: a "mask" 120*134e1779SJakub Wojciech Klama * - an optional, nominally-variable-length identity 121*134e1779SJakub Wojciech Klama * 122*134e1779SJakub Wojciech Klama * The last part is especially tricky and currently has limited 123*134e1779SJakub Wojciech Klama * support here: it's always a 16 byte field on Darwin, and just 124*134e1779SJakub Wojciech Klama * a uint32_t on BSD (should be larger, really). Linux supports 125*134e1779SJakub Wojciech Klama * very large, actually-variable-size values; we'll deal with 126*134e1779SJakub Wojciech Klama * this later, maybe. 127*134e1779SJakub Wojciech Klama * 128*134e1779SJakub Wojciech Klama * We will define the mask first, below, since these are also the bits 129*134e1779SJakub Wojciech Klama * passed in for the accmask argument to l9p_acl_check_access(). 130*134e1779SJakub Wojciech Klama */ 131*134e1779SJakub Wojciech Klama 132*134e1779SJakub Wojciech Klama /* 133*134e1779SJakub Wojciech Klama * ACL entry mask, and accmask argument flags. 134*134e1779SJakub Wojciech Klama * 135*134e1779SJakub Wojciech Klama * NB: not every bit is implemented, but they are all here because 136*134e1779SJakub Wojciech Klama * they are all defined as part of an NFSv4 ACL entry, which is 137*134e1779SJakub Wojciech Klama * more or less a superset of a POSIX ACL entry. This means you 138*134e1779SJakub Wojciech Klama * can put a complete NFSv4 ACL in and we can reproduce it. 139*134e1779SJakub Wojciech Klama * 140*134e1779SJakub Wojciech Klama * Note that the LIST_DIRECTORY, ADD_FILE, and ADD_SUBDIRECTORY bits 141*134e1779SJakub Wojciech Klama * apply only to a directory, while the READ_DATA, WRITE_DATA, and 142*134e1779SJakub Wojciech Klama * APPEND_DATA bits apply only to a file. See aca_parent/aca_child 143*134e1779SJakub Wojciech Klama * below. 144*134e1779SJakub Wojciech Klama */ 145*134e1779SJakub Wojciech Klama #define L9P_ACE_READ_DATA 0x00001 146*134e1779SJakub Wojciech Klama #define L9P_ACE_LIST_DIRECTORY 0x00001 /* same as READ_DATA */ 147*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_DATA 0x00002 148*134e1779SJakub Wojciech Klama #define L9P_ACE_ADD_FILE 0x00002 /* same as WRITE_DATA */ 149*134e1779SJakub Wojciech Klama #define L9P_ACE_APPEND_DATA 0x00004 150*134e1779SJakub Wojciech Klama #define L9P_ACE_ADD_SUBDIRECTORY 0x00004 /* same as APPEND_DATA */ 151*134e1779SJakub Wojciech Klama #define L9P_ACE_READ_NAMED_ATTRS 0x00008 152*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_NAMED_ATTRS 0x00010 153*134e1779SJakub Wojciech Klama #define L9P_ACE_EXECUTE 0x00020 154*134e1779SJakub Wojciech Klama #define L9P_ACE_DELETE_CHILD 0x00040 155*134e1779SJakub Wojciech Klama #define L9P_ACE_READ_ATTRIBUTES 0x00080 156*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_ATTRIBUTES 0x00100 157*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_RETENTION 0x00200 /* not used here */ 158*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_RETENTION_HOLD 0x00400 /* not used here */ 159*134e1779SJakub Wojciech Klama /* 0x00800 unused? */ 160*134e1779SJakub Wojciech Klama #define L9P_ACE_DELETE 0x01000 161*134e1779SJakub Wojciech Klama #define L9P_ACE_READ_ACL 0x02000 162*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_ACL 0x04000 163*134e1779SJakub Wojciech Klama #define L9P_ACE_WRITE_OWNER 0x08000 164*134e1779SJakub Wojciech Klama #define L9P_ACE_SYNCHRONIZE 0x10000 /* not used here */ 165*134e1779SJakub Wojciech Klama 166*134e1779SJakub Wojciech Klama /* 167*134e1779SJakub Wojciech Klama * This is not an ACE bit, but is used with the access checking 168*134e1779SJakub Wojciech Klama * below. It represents a request to unlink (delete child / 169*134e1779SJakub Wojciech Klama * delete) an entity, and is equivalent to asking for *either* 170*134e1779SJakub Wojciech Klama * (not both) permission. 171*134e1779SJakub Wojciech Klama */ 172*134e1779SJakub Wojciech Klama #define L9P_ACOP_UNLINK (L9P_ACE_DELETE_CHILD | L9P_ACE_DELETE) 173*134e1779SJakub Wojciech Klama 174*134e1779SJakub Wojciech Klama /* 175*134e1779SJakub Wojciech Klama * Access checking takes a lot of arguments, so they are 176*134e1779SJakub Wojciech Klama * collected into a "struct" here. 177*134e1779SJakub Wojciech Klama * 178*134e1779SJakub Wojciech Klama * The aca_parent and aca_pstat fields may/must be NULL if the 179*134e1779SJakub Wojciech Klama * operation itself does not involve "directory" permissions. 180*134e1779SJakub Wojciech Klama * The aca_child and aca_cstat fields may/must be NULL if the 181*134e1779SJakub Wojciech Klama * operation does not involve anything *but* a directory. This 182*134e1779SJakub Wojciech Klama * is how we decide whether you're interested in L9P_ACE_READ_DATA 183*134e1779SJakub Wojciech Klama * vs L9P_ACE_LIST_DIRECTORY, for instance. 184*134e1779SJakub Wojciech Klama * 185*134e1779SJakub Wojciech Klama * Note that it's OK for both parent and child to be directories 186*134e1779SJakub Wojciech Klama * (as is the case when we're adding or deleting a subdirectory). 187*134e1779SJakub Wojciech Klama */ 188*134e1779SJakub Wojciech Klama struct l9p_acl_check_args { 189*134e1779SJakub Wojciech Klama uid_t aca_uid; /* the uid that is requesting access */ 190*134e1779SJakub Wojciech Klama gid_t aca_gid; /* the gid that is requesting access */ 191*134e1779SJakub Wojciech Klama gid_t *aca_groups; /* the additional group-set, if any */ 192*134e1779SJakub Wojciech Klama size_t aca_ngroups; /* number of groups in group-set */ 193*134e1779SJakub Wojciech Klama struct l9p_acl *aca_parent; /* ACLs associated with parent/dir */ 194*134e1779SJakub Wojciech Klama struct stat *aca_pstat; /* stat data for parent/dir */ 195*134e1779SJakub Wojciech Klama struct l9p_acl *aca_child; /* ACLs associated with file */ 196*134e1779SJakub Wojciech Klama struct stat *aca_cstat; /* stat data for file */ 197*134e1779SJakub Wojciech Klama int aca_aclmode; /* mode checking bits, see below */ 198*134e1779SJakub Wojciech Klama bool aca_superuser; /* alway allow uid==0 in STAT_MODE */ 199*134e1779SJakub Wojciech Klama }; 200*134e1779SJakub Wojciech Klama 201*134e1779SJakub Wojciech Klama /* 202*134e1779SJakub Wojciech Klama * Access checking mode bits in aca_checkmode. If you enable 203*134e1779SJakub Wojciech Klama * ACLs, they are used first, optionally with ZFS style ACLs. 204*134e1779SJakub Wojciech Klama * This means that even if aca_superuser is set, if an ACL denies 205*134e1779SJakub Wojciech Klama * permission to uid 0, permission is really denied. 206*134e1779SJakub Wojciech Klama * 207*134e1779SJakub Wojciech Klama * NFS style ACLs run before POSIX style ACLs (though POSIX 208*134e1779SJakub Wojciech Klama * ACLs aren't done yet anyway). 209*134e1779SJakub Wojciech Klama * 210*134e1779SJakub Wojciech Klama * N.B.: you probably want L9P_ACL_ZFS, especially when operating 211*134e1779SJakub Wojciech Klama * with a ZFS file system on FreeBSD. 212*134e1779SJakub Wojciech Klama */ 213*134e1779SJakub Wojciech Klama #define L9P_ACM_NFS_ACL 0x0001 /* enable NFS ACL checking */ 214*134e1779SJakub Wojciech Klama #define L9P_ACM_ZFS_ACL 0x0002 /* use ZFS ACL unlink semantics */ 215*134e1779SJakub Wojciech Klama #define L9P_ACM_POSIX_ACL 0x0004 /* enable POSIX ACL checking (notyet) */ 216*134e1779SJakub Wojciech Klama #define L9P_ACM_STAT_MODE 0x0008 /* enable st_mode bits */ 217*134e1779SJakub Wojciech Klama 218*134e1779SJakub Wojciech Klama /* 219*134e1779SJakub Wojciech Klama * Requests to access some file or directory must provide: 220*134e1779SJakub Wojciech Klama * 221*134e1779SJakub Wojciech Klama * - An operation. This should usually be just one bit from the 222*134e1779SJakub Wojciech Klama * L9P_ACE_* bit-sets above, or our special L9P_ACOP_UNLINK. 223*134e1779SJakub Wojciech Klama * For a few file-open operations it may be multiple bits, 224*134e1779SJakub Wojciech Klama * e.g., both read and write data. 225*134e1779SJakub Wojciech Klama * - The identity of the accessor: uid + gid + gid-set. 226*134e1779SJakub Wojciech Klama * - The type of access desired: this may be multiple bits. 227*134e1779SJakub Wojciech Klama * - The parent directory, if applicable. 228*134e1779SJakub Wojciech Klama * - The child file/dir being accessed, if applicable. 229*134e1779SJakub Wojciech Klama * - stat data for parent and/or child, if applicable. 230*134e1779SJakub Wojciech Klama * 231*134e1779SJakub Wojciech Klama * The ACLs and/or stat data of the parent and/or child get used 232*134e1779SJakub Wojciech Klama * here, so the caller must provide them. We should have a way to 233*134e1779SJakub Wojciech Klama * cache these on fids, but not yet. The parent and child 234*134e1779SJakub Wojciech Klama * arguments are a bit tricky; see the code in genacl.c. 235*134e1779SJakub Wojciech Klama */ 236*134e1779SJakub Wojciech Klama int l9p_acl_check_access(int32_t op, struct l9p_acl_check_args *args); 237*134e1779SJakub Wojciech Klama 238*134e1779SJakub Wojciech Klama /* 239*134e1779SJakub Wojciech Klama * When falling back to POSIX ACL or Unix-style permissions 240*134e1779SJakub Wojciech Klama * testing, it's nice to collapse the above detailed permissions 241*134e1779SJakub Wojciech Klama * into simple read/write/execute bits (value 0..7). We provide 242*134e1779SJakub Wojciech Klama * a small utility function that does this. 243*134e1779SJakub Wojciech Klama */ 244*134e1779SJakub Wojciech Klama int l9p_ace_mask_to_rwx(int32_t); 245*134e1779SJakub Wojciech Klama 246*134e1779SJakub Wojciech Klama /* 247*134e1779SJakub Wojciech Klama * The rest of the data in an ACE. 248*134e1779SJakub Wojciech Klama */ 249*134e1779SJakub Wojciech Klama 250*134e1779SJakub Wojciech Klama /* type in ace_type */ 251*134e1779SJakub Wojciech Klama #define L9P_ACET_ACCESS_ALLOWED 0 252*134e1779SJakub Wojciech Klama #define L9P_ACET_ACCESS_DENIED 1 253*134e1779SJakub Wojciech Klama #define L9P_ACET_SYSTEM_AUDIT 2 254*134e1779SJakub Wojciech Klama #define L9P_ACET_SYSTEM_ALARM 3 255*134e1779SJakub Wojciech Klama 256*134e1779SJakub Wojciech Klama /* flags in ace_flags */ 257*134e1779SJakub Wojciech Klama #define L9P_ACEF_FILE_INHERIT_ACE 0x001 258*134e1779SJakub Wojciech Klama #define L9P_ACEF_DIRECTORY_INHERIT_ACE 0x002 259*134e1779SJakub Wojciech Klama #define L9P_ACEF_NO_PROPAGATE_INHERIT_ACE 0x004 260*134e1779SJakub Wojciech Klama #define L9P_ACEF_INHERIT_ONLY_ACE 0x008 261*134e1779SJakub Wojciech Klama #define L9P_ACEF_SUCCESSFUL_ACCESS_ACE_FLAG 0x010 262*134e1779SJakub Wojciech Klama #define L9P_ACEF_FAILED_ACCESS_ACE_FLAG 0x020 263*134e1779SJakub Wojciech Klama #define L9P_ACEF_IDENTIFIER_GROUP 0x040 264*134e1779SJakub Wojciech Klama #define L9P_ACEF_OWNER 0x080 265*134e1779SJakub Wojciech Klama #define L9P_ACEF_GROUP 0x100 266*134e1779SJakub Wojciech Klama #define L9P_ACEF_EVERYONE 0x200 267*134e1779SJakub Wojciech Klama 268*134e1779SJakub Wojciech Klama #if defined(__APPLE__) 269*134e1779SJakub Wojciech Klama # define L9P_ACE_IDSIZE 16 /* but, how do we map Darwin uuid? */ 270*134e1779SJakub Wojciech Klama #else 271*134e1779SJakub Wojciech Klama # define L9P_ACE_IDSIZE 4 272*134e1779SJakub Wojciech Klama #endif 273*134e1779SJakub Wojciech Klama 274*134e1779SJakub Wojciech Klama struct l9p_ace { 275*134e1779SJakub Wojciech Klama uint16_t ace_type; /* ACL entry type */ 276*134e1779SJakub Wojciech Klama uint16_t ace_flags; /* ACL entry flags */ 277*134e1779SJakub Wojciech Klama uint32_t ace_mask; /* ACL entry mask */ 278*134e1779SJakub Wojciech Klama uint32_t ace_idsize; /* length of ace_idbytes */ 279*134e1779SJakub Wojciech Klama unsigned char ace_idbytes[L9P_ACE_IDSIZE]; 280*134e1779SJakub Wojciech Klama }; 281*134e1779SJakub Wojciech Klama 282*134e1779SJakub Wojciech Klama #define L9P_ACLTYPE_NFSv4 1 /* currently the only valid type */ 283*134e1779SJakub Wojciech Klama struct l9p_acl { 284*134e1779SJakub Wojciech Klama uint32_t acl_acetype; /* reserved for future expansion */ 285*134e1779SJakub Wojciech Klama uint32_t acl_nace; /* number of occupied ACEs */ 286*134e1779SJakub Wojciech Klama uint32_t acl_aceasize; /* actual size of ACE array */ 287*134e1779SJakub Wojciech Klama struct l9p_ace acl_aces[]; /* variable length ACE array */ 288*134e1779SJakub Wojciech Klama }; 289*134e1779SJakub Wojciech Klama 290*134e1779SJakub Wojciech Klama /* 291*134e1779SJakub Wojciech Klama * These are the system-specific converters. 292*134e1779SJakub Wojciech Klama * 293*134e1779SJakub Wojciech Klama * Right now the backend needs to just find BSD NFSv4 ACLs 294*134e1779SJakub Wojciech Klama * and convert them before each operation that needs to be 295*134e1779SJakub Wojciech Klama * tested. 296*134e1779SJakub Wojciech Klama */ 297*134e1779SJakub Wojciech Klama #if defined(HAVE_DARWIN_ACLS) 298*134e1779SJakub Wojciech Klama struct l9p_acl *l9p_darwin_nfsv4acl_to_acl(acl_t acl); 299*134e1779SJakub Wojciech Klama #endif 300*134e1779SJakub Wojciech Klama 301*134e1779SJakub Wojciech Klama #if defined(HAVE_FREEBSD_ACLS) 302*134e1779SJakub Wojciech Klama struct l9p_acl *l9p_freebsd_nfsv4acl_to_acl(acl_t acl); 303*134e1779SJakub Wojciech Klama #endif 304*134e1779SJakub Wojciech Klama 305*134e1779SJakub Wojciech Klama #if defined(HAVE_POSIX_ACLS) && 0 /* not yet */ 306*134e1779SJakub Wojciech Klama struct l9p_acl *l9p_posix_acl_to_acl(acl_t acl); 307*134e1779SJakub Wojciech Klama #endif 308