On Thu, 29 Sept 2022 at 17:31, Christian Brauner <brauner@xxxxxxxxxx> wrote: > > The current way of setting and getting posix acls through the generic > xattr interface is error prone and type unsafe. The vfs needs to > interpret and fixup posix acls before storing or reporting it to > userspace. Various hacks exist to make this work. The code is hard to > understand and difficult to maintain in it's current form. Instead of > making this work by hacking posix acls through xattr handlers we are > building a dedicated posix acl api around the get and set inode > operations. This removes a lot of hackiness and makes the codepaths > easier to maintain. A lot of background can be found in [1]. > > In order to build a type safe posix api around get and set acl we need > all filesystem to implement get and set acl. > > Now that we have added get and set acl inode operations that allow easy > access to the dentry we give overlayfs it's own get and set acl inode > operations. > > The set acl inode operation is duplicates most of the ovl posix acl > xattr handler. The main difference being that the set acl inode > operation relies on the new posix acl api. Once the vfs has been > switched over the custom posix acl xattr handler will be removed > completely. > > Note, until the vfs has been switched to the new posix acl api this > patch is a non-functional change. > > Link: https://lore.kernel.org/all/20220801145520.1532837-1-brauner@xxxxxxxxxx [1] > Signed-off-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> Acked-by: Miklos Szeredi <mszeredi@xxxxxxxxxx> Thanks, Miklos
