aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2008-04-09 16:55:31 -0400
committerSteve French <sfrench@us.ibm.com>2008-04-09 16:55:31 -0400
commitcce246ee5f3c7f4d3539ea41d13feb7a07859145 (patch)
tree693fe2aa45f3772fba1416cb45ce8b278fd6a06e /fs/cifs
parent35028d71116926008f5c19b8fcb00aacaabf5eab (diff)
[CIFS] Fix acl length when very short ACL being modified by chmod
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/cifsacl.c14
-rw-r--r--fs/cifs/cifsacl.h1
2 files changed, 9 insertions, 6 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 1cb5b0a9f2ac..e99d4faf5f02 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -516,7 +516,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len,
516 516
517/* Convert permission bits from mode to equivalent CIFS ACL */ 517/* Convert permission bits from mode to equivalent CIFS ACL */
518static int build_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd, 518static int build_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
519 int acl_len, struct inode *inode, __u64 nmode) 519 struct inode *inode, __u64 nmode)
520{ 520{
521 int rc = 0; 521 int rc = 0;
522 __u32 dacloffset; 522 __u32 dacloffset;
@@ -692,14 +692,14 @@ void acl_to_uid_mode(struct inode *inode, const char *path, const __u16 *pfid)
692int mode_to_acl(struct inode *inode, const char *path, __u64 nmode) 692int mode_to_acl(struct inode *inode, const char *path, __u64 nmode)
693{ 693{
694 int rc = 0; 694 int rc = 0;
695 __u32 acllen = 0; 695 __u32 secdesclen = 0;
696 struct cifs_ntsd *pntsd = NULL; /* acl obtained from server */ 696 struct cifs_ntsd *pntsd = NULL; /* acl obtained from server */
697 struct cifs_ntsd *pnntsd = NULL; /* modified acl to be sent to server */ 697 struct cifs_ntsd *pnntsd = NULL; /* modified acl to be sent to server */
698 698
699 cFYI(DBG2, ("set ACL from mode for %s", path)); 699 cFYI(DBG2, ("set ACL from mode for %s", path));
700 700
701 /* Get the security descriptor */ 701 /* Get the security descriptor */
702 pntsd = get_cifs_acl(&acllen, inode, path, NULL); 702 pntsd = get_cifs_acl(&secdesclen, inode, path, NULL);
703 703
704 /* Add three ACEs for owner, group, everyone getting rid of 704 /* Add three ACEs for owner, group, everyone getting rid of
705 other ACEs as chmod disables ACEs and set the security descriptor */ 705 other ACEs as chmod disables ACEs and set the security descriptor */
@@ -709,20 +709,22 @@ int mode_to_acl(struct inode *inode, const char *path, __u64 nmode)
709 set security descriptor request security descriptor 709 set security descriptor request security descriptor
710 parameters, and secuirty descriptor itself */ 710 parameters, and secuirty descriptor itself */
711 711
712 pnntsd = kmalloc(acllen, GFP_KERNEL); 712 secdesclen = secdesclen < DEFSECDESCLEN ?
713 DEFSECDESCLEN : secdesclen;
714 pnntsd = kmalloc(secdesclen, GFP_KERNEL);
713 if (!pnntsd) { 715 if (!pnntsd) {
714 cERROR(1, ("Unable to allocate security descriptor")); 716 cERROR(1, ("Unable to allocate security descriptor"));
715 kfree(pntsd); 717 kfree(pntsd);
716 return (-ENOMEM); 718 return (-ENOMEM);
717 } 719 }
718 720
719 rc = build_sec_desc(pntsd, pnntsd, acllen, inode, nmode); 721 rc = build_sec_desc(pntsd, pnntsd, inode, nmode);
720 722
721 cFYI(DBG2, ("build_sec_desc rc: %d", rc)); 723 cFYI(DBG2, ("build_sec_desc rc: %d", rc));
722 724
723 if (!rc) { 725 if (!rc) {
724 /* Set the security descriptor */ 726 /* Set the security descriptor */
725 rc = set_cifs_acl(pnntsd, acllen, inode, path); 727 rc = set_cifs_acl(pnntsd, secdesclen, inode, path);
726 cFYI(DBG2, ("set_cifs_acl rc: %d", rc)); 728 cFYI(DBG2, ("set_cifs_acl rc: %d", rc));
727 } 729 }
728 730
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h
index 93a7c3462ea2..6c8096cf5155 100644
--- a/fs/cifs/cifsacl.h
+++ b/fs/cifs/cifsacl.h
@@ -27,6 +27,7 @@
27#define NUM_SUBAUTHS 5 /* number of sub authority fields */ 27#define NUM_SUBAUTHS 5 /* number of sub authority fields */
28#define NUM_WK_SIDS 7 /* number of well known sids */ 28#define NUM_WK_SIDS 7 /* number of well known sids */
29#define SIDNAMELENGTH 20 /* long enough for the ones we care about */ 29#define SIDNAMELENGTH 20 /* long enough for the ones we care about */
30#define DEFSECDESCLEN 192 /* sec desc len contaiting a dacl with three aces */
30 31
31#define READ_BIT 0x4 32#define READ_BIT 0x4
32#define WRITE_BIT 0x2 33#define WRITE_BIT 0x2