[PATCH] Some performance tuning for nfs4 acls
Volker Lendecke
vl at samba.org
Fri Aug 12 11:55:37 UTC 2016
Hi!
Review appreciated!
Thanks, Volker
-------------- next part --------------
>From a0c22c77168cf9f71becd830cbe01eea16ca5018 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 09:07:13 +0200
Subject: [PATCH 1/8] nfs4acls: Remove a typedef
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 8756285..583cefc 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -54,19 +54,19 @@ struct SMB4ACL_T
enum smbacl4_mode_enum {e_simple=0, e_special=1};
enum smbacl4_acedup_enum {e_dontcare=0, e_reject=1, e_ignore=2, e_merge=3};
-typedef struct _smbacl4_vfs_params {
+struct smbacl4_vfs_params {
enum smbacl4_mode_enum mode;
bool do_chown;
enum smbacl4_acedup_enum acedup;
bool map_full_control;
-} smbacl4_vfs_params;
+};
/*
* Gather special parameters for NFS4 ACL handling
*/
static int smbacl4_get_vfs_params(
struct connection_struct *conn,
- smbacl4_vfs_params *params
+ struct smbacl4_vfs_params *params
)
{
static const struct enum_list enum_smbacl4_modes[] = {
@@ -303,7 +303,7 @@ static int smbacl4_fGetFileOwner(files_struct *fsp, SMB_STRUCT_STAT *psbuf)
}
static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx,
- smbacl4_vfs_params *params,
+ struct smbacl4_vfs_params *params,
struct SMB4ACL_T *acl, /* in */
struct dom_sid *psid_owner, /* in */
struct dom_sid *psid_group, /* in */
@@ -472,7 +472,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx,
}
static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
- smbacl4_vfs_params *params,
+ struct smbacl4_vfs_params *params,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc,
@@ -539,7 +539,7 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
struct SMB4ACL_T *theacl)
{
SMB_STRUCT_STAT sbuf;
- smbacl4_vfs_params params;
+ struct smbacl4_vfs_params params;
DEBUG(10, ("smb_fget_nt_acl_nfs4 invoked for %s\n", fsp_str_dbg(fsp)));
@@ -564,7 +564,7 @@ NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn,
struct SMB4ACL_T *theacl)
{
SMB_STRUCT_STAT sbuf;
- smbacl4_vfs_params params;
+ struct smbacl4_vfs_params params;
DEBUG(10, ("smb_get_nt_acl_nfs4 invoked for %s\n",
smb_fname->base_name));
@@ -648,7 +648,7 @@ static SMB_ACE4PROP_T *smbacl4_find_equal_special(
static bool smbacl4_fill_ace4(
const struct smb_filename *filename,
- smbacl4_vfs_params *params,
+ struct smbacl4_vfs_params *params,
uid_t ownerUID,
gid_t ownerGID,
const struct security_ace *ace_nt, /* input */
@@ -853,7 +853,7 @@ static struct SMB4ACL_T *smbacl4_win2nfs4(
TALLOC_CTX *mem_ctx,
const files_struct *fsp,
const struct security_acl *dacl,
- smbacl4_vfs_params *pparams,
+ struct smbacl4_vfs_params *pparams,
uid_t ownerUID,
gid_t ownerGID
)
@@ -907,7 +907,7 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
const struct security_descriptor *psd,
set_nfs4acl_native_fn_t set_nfs4_native)
{
- smbacl4_vfs_params params;
+ struct smbacl4_vfs_params params;
struct SMB4ACL_T *theacl = NULL;
bool result;
--
2.1.4
>From 09431ee5f9c7c42604031956d9526a4ce32230d8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 09:10:19 +0200
Subject: [PATCH 2/8] nfs4acls: Add some const
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 583cefc..f5f6302 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -303,7 +303,7 @@ static int smbacl4_fGetFileOwner(files_struct *fsp, SMB_STRUCT_STAT *psbuf)
}
static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx,
- struct smbacl4_vfs_params *params,
+ const struct smbacl4_vfs_params *params,
struct SMB4ACL_T *acl, /* in */
struct dom_sid *psid_owner, /* in */
struct dom_sid *psid_group, /* in */
@@ -472,7 +472,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx,
}
static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
- struct smbacl4_vfs_params *params,
+ const struct smbacl4_vfs_params *params,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc,
@@ -648,7 +648,7 @@ static SMB_ACE4PROP_T *smbacl4_find_equal_special(
static bool smbacl4_fill_ace4(
const struct smb_filename *filename,
- struct smbacl4_vfs_params *params,
+ const struct smbacl4_vfs_params *params,
uid_t ownerUID,
gid_t ownerGID,
const struct security_ace *ace_nt, /* input */
@@ -853,7 +853,7 @@ static struct SMB4ACL_T *smbacl4_win2nfs4(
TALLOC_CTX *mem_ctx,
const files_struct *fsp,
const struct security_acl *dacl,
- struct smbacl4_vfs_params *pparams,
+ const struct smbacl4_vfs_params *pparams,
uid_t ownerUID,
gid_t ownerGID
)
--
2.1.4
>From f965455ea52f87dc8577d23b7613d9732271ea6f Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:07:38 +0200
Subject: [PATCH 3/8] nfs4acls: Add "smbacl4_vfs_params" parameter to
smb_fget_nt_acl_nfs4
Pure placeholder right now, this will allow vfs modules to load the params
in advance. nfs4 acl parameters should not change while a tcon is live,
and lp_parm_get_* show up in profiles. Loading the parameters once at
tcon time will remove this.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 1 +
source3/modules/nfs4_acls.h | 2 ++
source3/modules/vfs_aixacl2.c | 2 +-
source3/modules/vfs_gpfs.c | 4 ++--
source3/modules/vfs_nfs4acl_xattr.c | 3 ++-
source3/modules/vfs_zfsacl.c | 3 ++-
6 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index f5f6302..66794fe 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -533,6 +533,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
}
NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc,
diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h
index 588e8ea..f8d6867 100644
--- a/source3/modules/nfs4_acls.h
+++ b/source3/modules/nfs4_acls.h
@@ -109,6 +109,7 @@ typedef struct _SMB_ACE4PROP_T {
struct SMB4ACL_T;
struct SMB4ACE_T;
+struct smbacl4_vfs_params;
struct SMB4ACL_T *smb_create_smb4acl(TALLOC_CTX *mem_ctx);
@@ -131,6 +132,7 @@ uint16_t smbacl4_get_controlflags(struct SMB4ACL_T *theacl);
bool smbacl4_set_controlflags(struct SMB4ACL_T *theacl, uint16_t controlflags);
NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc, struct SMB4ACL_T *theacl);
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index 1c9f84b..362486b 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -179,7 +179,7 @@ static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
return NT_STATUS_ACCESS_DENIED;
}
- status = smb_fget_nt_acl_nfs4(fsp, security_info, ppdesc,
+ status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info, ppdesc,
mem_ctx, pacl);
TALLOC_FREE(frame);
return status;
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index f096dd5..c3ce9e1 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -589,8 +589,8 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
if (result == 0) {
- status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx,
- ppdesc, pacl);
+ status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info,
+ mem_ctx, ppdesc, pacl);
TALLOC_FREE(frame);
return status;
}
diff --git a/source3/modules/vfs_nfs4acl_xattr.c b/source3/modules/vfs_nfs4acl_xattr.c
index 9ab7238..c9cae39 100644
--- a/source3/modules/vfs_nfs4acl_xattr.c
+++ b/source3/modules/vfs_nfs4acl_xattr.c
@@ -535,7 +535,8 @@ static NTSTATUS nfs4acl_xattr_fget_nt_acl(struct vfs_handle_struct *handle,
return status;
}
- status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx, ppdesc, pacl);
+ status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info, mem_ctx,
+ ppdesc, pacl);
TALLOC_FREE(frame);
return status;
}
diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index 18f1356..0077553 100644
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -209,7 +209,8 @@ static NTSTATUS zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
return status;
}
- status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx, ppdesc, pacl);
+ status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info, mem_ctx,
+ ppdesc, pacl);
TALLOC_FREE(frame);
return status;
}
--
2.1.4
>From 1f92da25906b478408e602c258b99ecd0d0c86b8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:07:38 +0200
Subject: [PATCH 4/8] nfs4acls: Add "smbacl4_vfs_params" parameter to
smb_get_nt_acl_nfs4
Pure placeholder right now, this will allow vfs modules to load the params in
advance
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 1 +
source3/modules/nfs4_acls.h | 1 +
source3/modules/vfs_aixacl2.c | 1 +
source3/modules/vfs_gpfs.c | 2 +-
source3/modules/vfs_nfs4acl_xattr.c | 4 ++--
source3/modules/vfs_zfsacl.c | 1 +
6 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 66794fe..38b53a4 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -559,6 +559,7 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn,
const struct smb_filename *smb_fname,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc,
diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h
index f8d6867..e6e07bf 100644
--- a/source3/modules/nfs4_acls.h
+++ b/source3/modules/nfs4_acls.h
@@ -139,6 +139,7 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
NTSTATUS smb_get_nt_acl_nfs4(connection_struct *conn,
const struct smb_filename *smb_fname,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc, struct SMB4ACL_T *theacl);
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index 362486b..a2a0476 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -214,6 +214,7 @@ static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle,
return smb_get_nt_acl_nfs4(handle->conn,
smb_fname,
+ NULL,
security_info,
mem_ctx,
ppdesc,
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index c3ce9e1..72dabd2 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -638,7 +638,7 @@ static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
result = gpfs_get_nfs4_acl(frame, smb_fname->base_name, &pacl);
if (result == 0) {
- status = smb_get_nt_acl_nfs4(handle->conn, smb_fname,
+ status = smb_get_nt_acl_nfs4(handle->conn, smb_fname, NULL,
security_info, mem_ctx, ppdesc,
pacl);
TALLOC_FREE(frame);
diff --git a/source3/modules/vfs_nfs4acl_xattr.c b/source3/modules/vfs_nfs4acl_xattr.c
index c9cae39..9e969ca 100644
--- a/source3/modules/vfs_nfs4acl_xattr.c
+++ b/source3/modules/vfs_nfs4acl_xattr.c
@@ -561,8 +561,8 @@ static NTSTATUS nfs4acl_xattr_get_nt_acl(struct vfs_handle_struct *handle,
return status;
}
- status = smb_get_nt_acl_nfs4(handle->conn, smb_fname, security_info,
- mem_ctx, ppdesc,
+ status = smb_get_nt_acl_nfs4(handle->conn, smb_fname, NULL,
+ security_info, mem_ctx, ppdesc,
pacl);
TALLOC_FREE(frame);
return status;
diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index 0077553..325c91e 100644
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -235,6 +235,7 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
status = smb_get_nt_acl_nfs4(handle->conn,
smb_fname,
+ NULL,
security_info,
mem_ctx,
ppdesc,
--
2.1.4
>From a34cf7cffbf7e70fc5b2acad05926f79b22ffa88 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:07:38 +0200
Subject: [PATCH 5/8] nfs4acls: Add "smbacl4_vfs_params" parameter to
smb_set_nt_acl_nfs4
Pure placeholder right now, this will allow vfs modules to load the params in
advance
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 1 +
source3/modules/nfs4_acls.h | 1 +
source3/modules/vfs_aixacl2.c | 2 +-
source3/modules/vfs_gpfs.c | 2 +-
source3/modules/vfs_nfs4acl_xattr.c | 2 +-
source3/modules/vfs_zfsacl.c | 2 +-
6 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 38b53a4..8ab0ff9 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -905,6 +905,7 @@ static struct SMB4ACL_T *smbacl4_win2nfs4(
}
NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info_sent,
const struct security_descriptor *psd,
set_nfs4acl_native_fn_t set_nfs4_native)
diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h
index e6e07bf..4236495 100644
--- a/source3/modules/nfs4_acls.h
+++ b/source3/modules/nfs4_acls.h
@@ -151,6 +151,7 @@ typedef bool (*set_nfs4acl_native_fn_t)(vfs_handle_struct *handle,
struct SMB4ACL_T *);
NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
+ const struct smbacl4_vfs_params *pparams,
uint32_t security_info_sent,
const struct security_descriptor *psd,
set_nfs4acl_native_fn_t set_nfs4_native);
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index a2a0476..c4a0264 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -446,7 +446,7 @@ static NTSTATUS aixjfs2_set_nt_acl_common(vfs_handle_struct *handle, files_struc
if (rc==0)
{
result = smb_set_nt_acl_nfs4(handle,
- fsp, security_info_sent, psd,
+ fsp, NULL, security_info_sent, psd,
aixjfs2_process_smbacl);
} else if (rc==1) { /* assume POSIX ACL - by default... */
result = set_nt_acl(fsp, security_info_sent, psd);
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 72dabd2..8bc2f0a 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -810,7 +810,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_str
}
result = smb_set_nt_acl_nfs4(handle,
- fsp, security_info_sent, psd,
+ fsp, NULL, security_info_sent, psd,
gpfsacl_process_smbacl);
} else { /* assume POSIX ACL - by default... */
result = set_nt_acl(fsp, security_info_sent, psd);
diff --git a/source3/modules/vfs_nfs4acl_xattr.c b/source3/modules/vfs_nfs4acl_xattr.c
index 9e969ca..273c926 100644
--- a/source3/modules/vfs_nfs4acl_xattr.c
+++ b/source3/modules/vfs_nfs4acl_xattr.c
@@ -336,7 +336,7 @@ static NTSTATUS nfs4_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd)
{
- return smb_set_nt_acl_nfs4(handle, fsp, security_info_sent, psd,
+ return smb_set_nt_acl_nfs4(handle, fsp, NULL, security_info_sent, psd,
nfs4acl_xattr_fset_smb4acl);
}
diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index 325c91e..a0993ff 100644
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -187,7 +187,7 @@ static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd)
{
- return smb_set_nt_acl_nfs4(handle, fsp, security_info_sent, psd,
+ return smb_set_nt_acl_nfs4(handle, fsp, NULL, security_info_sent, psd,
zfs_process_smbacl);
}
--
2.1.4
>From d92cc169551ef1d12b30f0f0f10497f8727d4080 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:28:30 +0200
Subject: [PATCH 6/8] nfs4acls: Make smbacl4_vfs_params public
vfs_gpfs & others will be able to embed this structure in their special config.
We could have gone with an anonymous struct and a talloc'ed object, but for my
taste this is specialized and hidden enough that it's not worth the
indirection.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 16 ++--------------
source3/modules/nfs4_acls.h | 14 +++++++++++++-
2 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 8ab0ff9..9fb0e22 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -51,23 +51,11 @@ struct SMB4ACL_T
struct SMB4ACE_T *last;
};
-enum smbacl4_mode_enum {e_simple=0, e_special=1};
-enum smbacl4_acedup_enum {e_dontcare=0, e_reject=1, e_ignore=2, e_merge=3};
-
-struct smbacl4_vfs_params {
- enum smbacl4_mode_enum mode;
- bool do_chown;
- enum smbacl4_acedup_enum acedup;
- bool map_full_control;
-};
-
/*
* Gather special parameters for NFS4 ACL handling
*/
-static int smbacl4_get_vfs_params(
- struct connection_struct *conn,
- struct smbacl4_vfs_params *params
-)
+int smbacl4_get_vfs_params(struct connection_struct *conn,
+ struct smbacl4_vfs_params *params)
{
static const struct enum_list enum_smbacl4_modes[] = {
{ e_simple, "simple" },
diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h
index 4236495..ba6761d 100644
--- a/source3/modules/nfs4_acls.h
+++ b/source3/modules/nfs4_acls.h
@@ -109,7 +109,19 @@ typedef struct _SMB_ACE4PROP_T {
struct SMB4ACL_T;
struct SMB4ACE_T;
-struct smbacl4_vfs_params;
+
+enum smbacl4_mode_enum {e_simple=0, e_special=1};
+enum smbacl4_acedup_enum {e_dontcare=0, e_reject=1, e_ignore=2, e_merge=3};
+
+struct smbacl4_vfs_params {
+ enum smbacl4_mode_enum mode;
+ bool do_chown;
+ enum smbacl4_acedup_enum acedup;
+ bool map_full_control;
+};
+
+int smbacl4_get_vfs_params(struct connection_struct *conn,
+ struct smbacl4_vfs_params *params);
struct SMB4ACL_T *smb_create_smb4acl(TALLOC_CTX *mem_ctx);
--
2.1.4
>From 74989bf1c2bc6219132a81c33bc9eb947b5a4326 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:31:12 +0200
Subject: [PATCH 7/8] nfs4acls: Allow nfs4 acl params to be set by callers
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/nfs4_acls.c | 37 +++++++++++++++++++++++--------------
1 file changed, 23 insertions(+), 14 deletions(-)
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 9fb0e22..71f4d8d 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -536,12 +536,15 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
return map_nt_error_from_unix(errno);
}
- /* Special behaviours */
- if (smbacl4_get_vfs_params(fsp->conn, ¶ms)) {
- return NT_STATUS_NO_MEMORY;
+ if (pparams == NULL) {
+ /* Special behaviours */
+ if (smbacl4_get_vfs_params(fsp->conn, ¶ms)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ pparams = ¶ms;
}
- return smb_get_nt_acl_nfs4_common(&sbuf, ¶ms, security_info,
+ return smb_get_nt_acl_nfs4_common(&sbuf, pparams, security_info,
mem_ctx, ppdesc, theacl);
}
@@ -563,12 +566,15 @@ NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn,
return map_nt_error_from_unix(errno);
}
- /* Special behaviours */
- if (smbacl4_get_vfs_params(conn, ¶ms)) {
- return NT_STATUS_NO_MEMORY;
+ if (pparams == NULL) {
+ /* Special behaviours */
+ if (smbacl4_get_vfs_params(conn, ¶ms)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ pparams = ¶ms;
}
- return smb_get_nt_acl_nfs4_common(&sbuf, ¶ms, security_info,
+ return smb_get_nt_acl_nfs4_common(&sbuf, pparams, security_info,
mem_ctx, ppdesc, theacl);
}
@@ -921,10 +927,13 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
* refined... */
}
- /* Special behaviours */
- if (smbacl4_get_vfs_params(fsp->conn, ¶ms)) {
- TALLOC_FREE(frame);
- return NT_STATUS_NO_MEMORY;
+ if (pparams == NULL) {
+ /* Special behaviours */
+ if (smbacl4_get_vfs_params(fsp->conn, ¶ms)) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+ pparams = ¶ms;
}
if (smbacl4_fGetFileOwner(fsp, &sbuf)) {
@@ -932,7 +941,7 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
return map_nt_error_from_unix(errno);
}
- if (params.do_chown) {
+ if (pparams->do_chown) {
/* chown logic is a copy/paste from posix_acl.c:set_nt_acl */
NTSTATUS status = unpack_nt_owners(fsp->conn, &newUID, &newGID,
security_info_sent, psd);
@@ -979,7 +988,7 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
return NT_STATUS_OK;
}
- theacl = smbacl4_win2nfs4(frame, fsp, psd->dacl, ¶ms,
+ theacl = smbacl4_win2nfs4(frame, fsp, psd->dacl, pparams,
sbuf.st_ex_uid, sbuf.st_ex_gid);
if (!theacl) {
TALLOC_FREE(frame);
--
2.1.4
>From 5ce975d6424d8e5340c92cdc28a3dee2356079ca Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 9 Aug 2016 11:38:43 +0200
Subject: [PATCH 8/8] vfs_gpfs: Load nfs4 acl params at tcon time
This reduces user-space CPU for metadata intensive workloads, lp_parm_* is
expensive doing lots of strwicmp.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/modules/vfs_gpfs.c | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 8bc2f0a..730dda2 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -39,6 +39,7 @@
#endif
struct gpfs_config_data {
+ struct smbacl4_vfs_params nfs4_params;
bool sharemodes;
bool leases;
bool hsm;
@@ -589,7 +590,8 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
if (result == 0) {
- status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info,
+ status = smb_fget_nt_acl_nfs4(fsp, &config->nfs4_params,
+ security_info,
mem_ctx, ppdesc, pacl);
TALLOC_FREE(frame);
return status;
@@ -638,7 +640,8 @@ static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
result = gpfs_get_nfs4_acl(frame, smb_fname->base_name, &pacl);
if (result == 0) {
- status = smb_get_nt_acl_nfs4(handle->conn, smb_fname, NULL,
+ status = smb_get_nt_acl_nfs4(handle->conn, smb_fname,
+ &config->nfs4_params,
security_info, mem_ctx, ppdesc,
pacl);
TALLOC_FREE(frame);
@@ -801,6 +804,8 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_str
}
if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
+ struct gpfs_config_data *config;
+
if (lp_parm_bool(fsp->conn->params->service, "gpfs",
"refuse_dacl_protected", false)
&& (psd->type&SEC_DESC_DACL_PROTECTED)) {
@@ -809,8 +814,12 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_str
return NT_STATUS_NOT_SUPPORTED;
}
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct gpfs_config_data,
+ return NT_STATUS_INTERNAL_ERROR);
+
result = smb_set_nt_acl_nfs4(handle,
- fsp, NULL, security_info_sent, psd,
+ fsp, &config->nfs4_params, security_info_sent, psd,
gpfsacl_process_smbacl);
} else { /* assume POSIX ACL - by default... */
result = set_nt_acl(fsp, security_info_sent, psd);
@@ -2080,6 +2089,12 @@ static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
return ret;
}
+ ret = smbacl4_get_vfs_params(handle->conn, &config->nfs4_params);
+ if (ret < 0) {
+ TALLOC_FREE(config);
+ return ret;
+ }
+
config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
"sharemodes", true);
--
2.1.4
More information about the samba-technical
mailing list