ACL Vnode Interface v2
----------------------

This revised vnode interface makes use of a single ACL-describing
structure, acl_t, providing more uniform behavior.  In
POSIX.1e-style, the default and access ACLs are now seperately
handled for directories by using the POSIX.1e acl_type_t type field.
In general, these calls should be made via the VOP_{SET,GET}ACL macro
call wrappers.

#
#% getacl       vp      = = =
#
vop_getacl {
        IN struct vnode *vp;
        IN acl_type_t type;
        IN struct acl *aclp;
        IN struct ucred *cred;
        IN struct proc *p;
};

#
#% setacl       vp      L L L
# 
vop_setacl {
        IN struct vnode *vp;
        IN acl_type_t type;
        IN struct acl *aclp;
        IN struct ucred *cred;
        IN struct proc *p;
};

These calls are very similar to the vop_{get,set}attr calls, with the
same locking constraints, etc.

vop_getacl - retrieve ACL from vnode
----------

Arguments:
	vp	vnode pointer to retrieve from
	type	ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT
	aclp	pointer to struct acl *
	cred	credentials to perform operation with
	p	process requesting the operation

Returns:
	aclp	filled in ACL structure
	int	0 for success, otherwise an errno value

vop_setacl - set ACL for vnode
----------

Arguments:
	vp	vnode pointer to set ACL on
	type	ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT
	aclp	pointer to ACL to set, or null to delete ACL *
	cred	credentials to perform operation with
	p	process requesting the operation

Returns:
	int	0 for success, otheriwse an errno value

* Deleting an ACL only makes sense for the ACL_TYPE_DEFAULT, so returning
  EINVAL for ACL_TYPE_ACCESS would be consistent and make sense.  POSIX.1e
  defines only a delete ACL call for the default ACL, for this reason.

