Resources | Resources |




The FS_ACL_Grant primitive specifies file system grants that the caller should have. Each grant entry represents a permission for one path.

Grants are applied in order from the shortest path to the longest path. Within each grant there is a list of tuples, ClassIDs, and permissions. Each ClassID can only appear once, meaning that for a unique path and unique ClassID there can only be one permission; otherwise it would be ambiguous which permission the system should use.


  {groups = {AEECLSID_Cls1,AEECLSID_Cls2}, perms = "r/w"}, 
  {groups = {AEECLSID_Cls3,AEECLSID_Cls4}, perms = "rw/rw"},
  path = "/" ,
  • groups: Groups within a specified path that have permissions specified by the perms parameter.
  • perms: Permissions granted to the specified groups. The syntax for perms is:

    perms = [r] [w] / [r] [w]

    Perms consists of two permission grants that are separated by a forward slash, /. The first permission grant is applied to the exact directory indicated by the path. The second permission grant is applied to all the subdirectories under the directory indicated by the path. The r grants read permission, the w grants write permission, and the rw grants both read and write permission. An empty grant means no permissions.

  • path: Specifies the path these grants govern. The path is relative to the module's directory. For example, for a module named "foo", "/" means "fs:/mod/foo/" and "/a" means "fs:/mod/foo/a".


For example, where there are four files named,,, and that contain the following definitions of friendly ClassIDs:

#define AEECLSID_Cls1 0x6F35438A
#define AEECLSID_Cls2 0x4F8BA058
#define AEECLSID_Cls3 0xA60343D1
#define AEECLSID_Cls4 0xF50C4753

The CIF file that contains the FIFO_ACL_Grant primitive can include,,, and You can use either friendly ClassIDs or raw ClassIDs.

 include "" -- Need to include to use AEECLSID_Cls1
include ""  -- Need to include to use AEECLSID_Cls2
include ""  -- Need to include to use AEECLSID_Cls3
include ""  -- Need to include to use AEECLSID_Cls4

   {groups = {AEECLSID_ Cls1, AEECLSID_Cls2},   perms = "r/" },  
   {groups =  {AEECLSID_ Cls3, AEECLSID_ Cls4}, perms = "rw/r"}, 
    path = "/endpoint",