Chapter 11: Extended Attributes and Access Control Lists
if (test_opt(dir->i_sb, POSIX_ACL)) {
acl = ext3_get_acl(dir, ACL_TYPE_DEFAULT);
if (IS_ERR(acl))
return PTR_ERR(acl);
}
if (!acl)
inode->i_mode &= ~current->fs->umask;
}
...
}
Theinodeparameter points to the new inode, anddirshows the inode of the directory containing the
file. The directory information is required because if the directory has a default ACL, the contents need
also to be applied to the new file. If the superblock ofthe directory does not support ACLs or no default
ACL is associated with it, the kernel simply applies the currentumasksetting of the process.
A more interesting case is when the inode’s filesystem supports ACLs and a default ACL is associated
with the parent directory. If the new entry is a directory, the default ACL is inherited to it:
fs/ext3/acl.c
...
if (test_opt(inode->i_sb, POSIX_ACL) && acl) {
struct posix_acl *clone;
mode_t mode;
if (S_ISDIR(inode->i_mode)) {
error = ext3_set_acl(handle, inode,
ACL_TYPE_DEFAULT, acl);
if (error)
goto cleanup;
}
...
}
ext3_set_aclis used to set the ACL contents of a specific inode; this function is discussed below in this
chapter.
For all file types and not just directories, the following code remains to be executed:
fs/ext3/acl.c
...
clone = posix_acl_clone(acl, GFP_KERNEL);
error = -ENOMEM;
if (!clone)
goto cleanup;
mode = inode->i_mode;
error = posix_acl_create_masq(clone, &mode);
if (error >= 0) {
inode->i_mode = mode;
if (error > 0) {
/* This is an extended ACL */
