[CIFS] Support for CIFS ACLs (part 1)

Add code to be able to dump CIFS ACL information when Query Posix ACL with cifsacl mount parm enabled. Signed-off-by: Shirish Pargoankar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
author: Steve French <sfrench@us.ibm.com> 2007-09-24 16:25:46 -0400
committer: Steve French <sfrench@us.ibm.com> 2007-09-24 16:25:46 -0400
commit: 442aa310f3bc49cf4e059da790fbae62411d50db (patch)
tree: ee05b7a46729e25e92ce55bb3ad84bc0654f3715 /fs/cifs/cifssmb.c
parent: 2224f4e5d5317552d48ce9059761148b1516ba5d (diff)
1 files changed, 97 insertions, 4 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index f33c89c36039..46c2bb455124 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -3048,17 +3048,110 @@ static const struct cifs_sid sid_everyone =
 static const struct cifs_sid sid_user =
                {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
+static void parse_sid(struct cifs_sid * psid, char * end_of_acl)
+{
+        /* BB need to add parm so we can store the SID BB */
+        /* validate that we do not go past end of acl */
+        if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
+                cERROR(1, ("ACL to small to parse SID"));
+                return;
+        }
+#ifdef CONFIG_CIFS_DEBUG2
+        cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
+                psid->revision, psid->num_auth, psid->sub_auth[0]));
+        /* BB add length check to make sure that we do not have huge num auths
+              and therefore go off the end */
+        cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
+#endif
+        return;
+}
 /* Convert CIFS ACL to POSIX form */
-static int parse_sec_desc(struct cifs_sid *psec_desc, int acl_len)
+static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
 {
-        return 0;
+        int i;
+        int num_aces = 0;
+        int acl_size;
+        struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
+        struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
+        struct cifs_ntace **ppntace;
+        struct cifs_ace **ppace;
+        char *acl_base;
+        char *end_of_acl = ((char *)pntsd) + acl_len;
+        owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
+                                cpu_to_le32(pntsd->osidoffset));
+        group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
+                                cpu_to_le32(pntsd->gsidoffset));
+        dacl_ptr = (struct cifs_acl *)((char *)pntsd +
+                                cpu_to_le32(pntsd->dacloffset));
+#ifdef CONFIG_CIFS_DEBUG2
+        cFYI(1,("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
+                "sacloffset 0x%x dacloffset 0x%x", pntsd->revision, pntsd->type,
+                pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
+                pntsd->dacloffset));
+#endif
+        parse_sid(owner_sid_ptr, end_of_acl);
+        parse_sid(group_sid_ptr, end_of_acl);
+/*      cifscred->uid = owner_sid_ptr->rid;
+        cifscred->gid = group_sid_ptr->rid;
+        memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
+                        sizeof (struct cifs_sid));
+        memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
+                        sizeof (struct cifs_sid)); */
+        num_aces = cpu_to_le32(dacl_ptr->num_aces);
+        cFYI(1, ("num aces %d", num_aces));
+        if (num_aces  > 0) {
+                ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
+                                GFP_KERNEL);
+                ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
+                                GFP_KERNEL);
+/*              cifscred->cecount = dacl_ptr->num_aces;
+                cifscred->ntaces = kmalloc(num_aces *
+                                sizeof(struct cifs_ntace *), GFP_KERNEL);
+                cifscred->aces = kmalloc(num_aces *
+                                sizeof(struct cifs_ace *), GFP_KERNEL);*/
+                acl_base = (char *)dacl_ptr;
+                acl_size = sizeof(struct cifs_acl);
+                for (i = 0; i < num_aces; ++i) {
+                        ppntace[i] = (struct cifs_ntace *)
+                                                (acl_base + acl_size);
+                        ppace[i] = (struct cifs_ace *)
+                                        ((char *)ppntace[i] +
+                                        sizeof(struct cifs_ntace));
+/*                      memcpy((void *)(&(cifscred->ntaces[i])),
+                                (void *)ntace_ptrptr[i],
+                                sizeof(struct cifs_ntace));
+                        memcpy((void *)(&(cifscred->aces[i])),
+                                (void *)ace_ptrptr[i],
+                                sizeof(struct cifs_ace)); */
+                        acl_base = (char *)ppntace[i];
+                        acl_size = cpu_to_le32(ppntace[i]->size);
+#ifdef CONFIG_CIFS_DEBUG2
+                        cFYI(1, ("ACE revision:%d", ppace[i]->revision));
+                }
+#endif
+                kfree(ppace);
+                kfree(ppntace);
+        }
+        return (0);
 }
 /* Get Security Descriptor (by handle) from remote server for a file or dir */
 int
 CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,
                /* BB fix up return info */ char *acl_inf, const int buflen,
-                  const int acl_type /* ACCESS/DEFAULT not sure implication */)
+                  const int acl_type)
 {
        int rc = 0;
        int buf_type = 0;
@@ -3088,7 +3181,7 @@ CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,
        if (rc) {
                cFYI(1, ("Send error in QuerySecDesc = %d", rc));
        } else {                /* decode response */
-                struct cifs_sid *psec_desc;
+                struct cifs_ntsd *psec_desc;
                __le32 * parm;
                int parm_len;
                int data_len;
author	Steve French <sfrench@us.ibm.com>	2007-09-24 16:25:46 -0400
committer	Steve French <sfrench@us.ibm.com>	2007-09-24 16:25:46 -0400
commit	442aa310f3bc49cf4e059da790fbae62411d50db (patch)
tree	ee05b7a46729e25e92ce55bb3ad84bc0654f3715 /fs/cifs/cifssmb.c
parent	2224f4e5d5317552d48ce9059761148b1516ba5d (diff)

diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index f33c89c36039..46c2bb455124 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c
@@ -3048,17 +3048,110 @@ static const struct cifs_sid sid_everyone =
3048	static const struct cifs_sid sid_user =	3048	static const struct cifs_sid sid_user =
3049	{1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};	3049	{1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
3050		3050
		3051	static void parse_sid(struct cifs_sid * psid, char * end_of_acl)
		3052	{
		3053	/* BB need to add parm so we can store the SID BB */
		3054
		3055	/* validate that we do not go past end of acl */
		3056	if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
		3057	cERROR(1, ("ACL to small to parse SID"));
		3058	return;
		3059	}
		3060	#ifdef CONFIG_CIFS_DEBUG2
		3061	cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
		3062	psid->revision, psid->num_auth, psid->sub_auth[0]));
		3063
		3064	/* BB add length check to make sure that we do not have huge num auths
		3065	and therefore go off the end */
		3066	cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
		3067	#endif
		3068	return;
		3069	}
		3070
3051	/* Convert CIFS ACL to POSIX form */	3071	/* Convert CIFS ACL to POSIX form */
3052	static int parse_sec_desc(struct cifs_sid *psec_desc, int acl_len)	3072	static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
3053	{	3073	{
3054	return 0;	3074	int i;
		3075	int num_aces = 0;
		3076	int acl_size;
		3077	struct cifs_sid owner_sid_ptr, group_sid_ptr;
		3078	struct cifs_acl dacl_ptr; / no need for SACL ptr */
		3079	struct cifs_ntace **ppntace;
		3080	struct cifs_ace **ppace;
		3081	char *acl_base;
		3082	char end_of_acl = ((char )pntsd) + acl_len;
		3083
		3084	owner_sid_ptr = (struct cifs_sid )((char )pntsd +
		3085	cpu_to_le32(pntsd->osidoffset));
		3086	group_sid_ptr = (struct cifs_sid )((char )pntsd +
		3087	cpu_to_le32(pntsd->gsidoffset));
		3088	dacl_ptr = (struct cifs_acl )((char )pntsd +
		3089	cpu_to_le32(pntsd->dacloffset));
		3090	#ifdef CONFIG_CIFS_DEBUG2
		3091	cFYI(1,("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
		3092	"sacloffset 0x%x dacloffset 0x%x", pntsd->revision, pntsd->type,
		3093	pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
		3094	pntsd->dacloffset));
		3095	#endif
		3096	parse_sid(owner_sid_ptr, end_of_acl);
		3097	parse_sid(group_sid_ptr, end_of_acl);
		3098
		3099	/* cifscred->uid = owner_sid_ptr->rid;
		3100	cifscred->gid = group_sid_ptr->rid;
		3101	memcpy((void )(&(cifscred->osid)), (void )owner_sid_ptr,
		3102	sizeof (struct cifs_sid));
		3103	memcpy((void )(&(cifscred->gsid)), (void )group_sid_ptr,
		3104	sizeof (struct cifs_sid)); */
		3105
		3106	num_aces = cpu_to_le32(dacl_ptr->num_aces);
		3107	cFYI(1, ("num aces %d", num_aces));
		3108	if (num_aces > 0) {
		3109	ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
		3110	GFP_KERNEL);
		3111	ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
		3112	GFP_KERNEL);
		3113
		3114	/* cifscred->cecount = dacl_ptr->num_aces;
		3115	cifscred->ntaces = kmalloc(num_aces *
		3116	sizeof(struct cifs_ntace *), GFP_KERNEL);
		3117	cifscred->aces = kmalloc(num_aces *
		3118	sizeof(struct cifs_ace ), GFP_KERNEL);/
		3119
		3120	acl_base = (char *)dacl_ptr;
		3121	acl_size = sizeof(struct cifs_acl);
		3122
		3123	for (i = 0; i < num_aces; ++i) {
		3124	ppntace[i] = (struct cifs_ntace *)
		3125	(acl_base + acl_size);
		3126	ppace[i] = (struct cifs_ace *)
		3127	((char *)ppntace[i] +
		3128	sizeof(struct cifs_ntace));
		3129
		3130	/* memcpy((void *)(&(cifscred->ntaces[i])),
		3131	(void *)ntace_ptrptr[i],
		3132	sizeof(struct cifs_ntace));
		3133	memcpy((void *)(&(cifscred->aces[i])),
		3134	(void *)ace_ptrptr[i],
		3135	sizeof(struct cifs_ace)); */
		3136
		3137	acl_base = (char *)ppntace[i];
		3138	acl_size = cpu_to_le32(ppntace[i]->size);
		3139	#ifdef CONFIG_CIFS_DEBUG2
		3140	cFYI(1, ("ACE revision:%d", ppace[i]->revision));
		3141	}
		3142	#endif
		3143	kfree(ppace);
		3144	kfree(ppntace);
		3145	}
		3146
		3147	return (0);
3055	}	3148	}
3056		3149
3057	/* Get Security Descriptor (by handle) from remote server for a file or dir */	3150	/* Get Security Descriptor (by handle) from remote server for a file or dir */
3058	int	3151	int
3059	CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,	3152	CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,
3060	/* BB fix up return info / char acl_inf, const int buflen,	3153	/* BB fix up return info / char acl_inf, const int buflen,
3061	const int acl_type /* ACCESS/DEFAULT not sure implication */)	3154	const int acl_type)
3062	{	3155	{
3063	int rc = 0;	3156	int rc = 0;
3064	int buf_type = 0;	3157	int buf_type = 0;
@@ -3088,7 +3181,7 @@ CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,
3088	if (rc) {	3181	if (rc) {
3089	cFYI(1, ("Send error in QuerySecDesc = %d", rc));	3182	cFYI(1, ("Send error in QuerySecDesc = %d", rc));
3090	} else { /* decode response */	3183	} else { /* decode response */
3091	struct cifs_sid *psec_desc;	3184	struct cifs_ntsd *psec_desc;
3092	__le32 * parm;	3185	__le32 * parm;
3093	int parm_len;	3186	int parm_len;
3094	int data_len;	3187	int data_len;