diff options
-rw-r--r-- | fs/cifs/Makefile | 2 | ||||
-rw-r--r-- | fs/cifs/cifsacl.c | 134 | ||||
-rw-r--r-- | fs/cifs/cifsacl.h | 2 | ||||
-rw-r--r-- | fs/cifs/cifsproto.h | 1 | ||||
-rw-r--r-- | fs/cifs/cifssmb.c | 107 |
5 files changed, 137 insertions, 109 deletions
diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile index 6ecd9d6ba3f3..ff6ba8d823f0 100644 --- a/fs/cifs/Makefile +++ b/fs/cifs/Makefile | |||
@@ -3,4 +3,4 @@ | |||
3 | # | 3 | # |
4 | obj-$(CONFIG_CIFS) += cifs.o | 4 | obj-$(CONFIG_CIFS) += cifs.o |
5 | 5 | ||
6 | cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o | 6 | cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o |
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c new file mode 100644 index 000000000000..11ac13336ecb --- /dev/null +++ b/fs/cifs/cifsacl.c | |||
@@ -0,0 +1,134 @@ | |||
1 | /* | ||
2 | * fs/cifs/cifsacl.c | ||
3 | * | ||
4 | * Copyright (C) International Business Machines Corp., 2007 | ||
5 | * Author(s): Steve French (sfrench@us.ibm.com) | ||
6 | * | ||
7 | * Contains the routines for mapping CIFS/NTFS ACLs | ||
8 | * | ||
9 | * This library is free software; you can redistribute it and/or modify | ||
10 | * it under the terms of the GNU Lesser General Public License as published | ||
11 | * by the Free Software Foundation; either version 2.1 of the License, or | ||
12 | * (at your option) any later version. | ||
13 | * | ||
14 | * This library is distributed in the hope that it will be useful, | ||
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See | ||
17 | * the GNU Lesser General Public License for more details. | ||
18 | * | ||
19 | * You should have received a copy of the GNU Lesser General Public License | ||
20 | * along with this library; if not, write to the Free Software | ||
21 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | ||
22 | */ | ||
23 | |||
24 | /* security id for everyone */ | ||
25 | static const struct cifs_sid sid_everyone = | ||
26 | {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}}; | ||
27 | /* group users */ | ||
28 | static const struct cifs_sid sid_user = | ||
29 | {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}}; | ||
30 | |||
31 | static int parse_sid(struct cifs_sid *psid, char *end_of_acl) | ||
32 | { | ||
33 | /* BB need to add parm so we can store the SID BB */ | ||
34 | |||
35 | /* validate that we do not go past end of acl */ | ||
36 | if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) { | ||
37 | cERROR(1, ("ACL to small to parse SID")); | ||
38 | return -EINVAL; | ||
39 | } | ||
40 | #ifdef CONFIG_CIFS_DEBUG2 | ||
41 | cFYI(1, ("revision %d num_auth %d First subauth 0x%x", | ||
42 | psid->revision, psid->num_auth, psid->sub_auth[0])); | ||
43 | |||
44 | /* BB add length check to make sure that we do not have huge num auths | ||
45 | and therefore go off the end */ | ||
46 | cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth]))); | ||
47 | #endif | ||
48 | return 0; | ||
49 | } | ||
50 | |||
51 | /* Convert CIFS ACL to POSIX form */ | ||
52 | int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) | ||
53 | { | ||
54 | int i; | ||
55 | int num_aces = 0; | ||
56 | int acl_size; | ||
57 | struct cifs_sid *owner_sid_ptr, *group_sid_ptr; | ||
58 | struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ | ||
59 | struct cifs_ntace **ppntace; | ||
60 | struct cifs_ace **ppace; | ||
61 | char *acl_base; | ||
62 | char *end_of_acl = ((char *)pntsd) + acl_len; | ||
63 | |||
64 | owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + | ||
65 | cpu_to_le32(pntsd->osidoffset)); | ||
66 | group_sid_ptr = (struct cifs_sid *)((char *)pntsd + | ||
67 | cpu_to_le32(pntsd->gsidoffset)); | ||
68 | dacl_ptr = (struct cifs_acl *)((char *)pntsd + | ||
69 | cpu_to_le32(pntsd->dacloffset)); | ||
70 | #ifdef CONFIG_CIFS_DEBUG2 | ||
71 | cFYI(1, ("revision %d type 0x%x ooffset 0x%x goffset 0x%x " | ||
72 | "sacloffset 0x%x dacloffset 0x%x", | ||
73 | pntsd->revision, pntsd->type, | ||
74 | pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset, | ||
75 | pntsd->dacloffset)); | ||
76 | #endif | ||
77 | rc = parse_sid(owner_sid_ptr, end_of_acl); | ||
78 | if (rc) | ||
79 | return rc; | ||
80 | |||
81 | rc = parse_sid(group_sid_ptr, end_of_acl); | ||
82 | if (rc) | ||
83 | return rc; | ||
84 | |||
85 | /* cifscred->uid = owner_sid_ptr->rid; | ||
86 | cifscred->gid = group_sid_ptr->rid; | ||
87 | memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr, | ||
88 | sizeof (struct cifs_sid)); | ||
89 | memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr, | ||
90 | sizeof (struct cifs_sid)); */ | ||
91 | |||
92 | num_aces = cpu_to_le32(dacl_ptr->num_aces); | ||
93 | cFYI(1, ("num aces %d", num_aces)); | ||
94 | if (num_aces > 0) { | ||
95 | ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), | ||
96 | GFP_KERNEL); | ||
97 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), | ||
98 | GFP_KERNEL); | ||
99 | |||
100 | /* cifscred->cecount = dacl_ptr->num_aces; | ||
101 | cifscred->ntaces = kmalloc(num_aces * | ||
102 | sizeof(struct cifs_ntace *), GFP_KERNEL); | ||
103 | cifscred->aces = kmalloc(num_aces * | ||
104 | sizeof(struct cifs_ace *), GFP_KERNEL);*/ | ||
105 | |||
106 | acl_base = (char *)dacl_ptr; | ||
107 | acl_size = sizeof(struct cifs_acl); | ||
108 | |||
109 | for (i = 0; i < num_aces; ++i) { | ||
110 | ppntace[i] = (struct cifs_ntace *) | ||
111 | (acl_base + acl_size); | ||
112 | ppace[i] = (struct cifs_ace *) | ||
113 | ((char *)ppntace[i] + | ||
114 | sizeof(struct cifs_ntace)); | ||
115 | |||
116 | /* memcpy((void *)(&(cifscred->ntaces[i])), | ||
117 | (void *)ntace_ptrptr[i], | ||
118 | sizeof(struct cifs_ntace)); | ||
119 | memcpy((void *)(&(cifscred->aces[i])), | ||
120 | (void *)ace_ptrptr[i], | ||
121 | sizeof(struct cifs_ace)); */ | ||
122 | |||
123 | acl_base = (char *)ppntace[i]; | ||
124 | acl_size = cpu_to_le32(ppntace[i]->size); | ||
125 | #ifdef CONFIG_CIFS_DEBUG2 | ||
126 | cFYI(1, ("ACE revision:%d", ppace[i]->revision)); | ||
127 | #endif | ||
128 | } | ||
129 | kfree(ppace); | ||
130 | kfree(ppntace); | ||
131 | } | ||
132 | |||
133 | return (0); | ||
134 | } | ||
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 97d03dc8169c..b975ae113037 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h | |||
@@ -1,7 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * fs/cifs/cifsacl.h | 2 | * fs/cifs/cifsacl.h |
3 | * | 3 | * |
4 | * Copyright (c) International Business Machines Corp., 2005 | 4 | * Copyright (c) International Business Machines Corp., 2007 |
5 | * Author(s): Steve French (sfrench@us.ibm.com) | 5 | * Author(s): Steve French (sfrench@us.ibm.com) |
6 | * | 6 | * |
7 | * This library is free software; you can redistribute it and/or modify | 7 | * This library is free software; you can redistribute it and/or modify |
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 4ffae9d92910..7dbb79b8dd50 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -310,6 +310,7 @@ extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *, | |||
310 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 310 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
311 | extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key); | 311 | extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key); |
312 | #endif /* CIFS_WEAK_PW_HASH */ | 312 | #endif /* CIFS_WEAK_PW_HASH */ |
313 | extern int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len); | ||
313 | extern int CIFSSMBCopy(int xid, | 314 | extern int CIFSSMBCopy(int xid, |
314 | struct cifsTconInfo *source_tcon, | 315 | struct cifsTconInfo *source_tcon, |
315 | const char *fromName, | 316 | const char *fromName, |
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 46c2bb455124..cc05a26ab07a 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
@@ -3040,113 +3040,6 @@ GetExtAttrOut: | |||
3040 | 3040 | ||
3041 | #endif /* CONFIG_POSIX */ | 3041 | #endif /* CONFIG_POSIX */ |
3042 | 3042 | ||
3043 | |||
3044 | /* security id for everyone */ | ||
3045 | static const struct cifs_sid sid_everyone = | ||
3046 | {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}}; | ||
3047 | /* group users */ | ||
3048 | static const struct cifs_sid sid_user = | ||
3049 | {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}}; | ||
3050 | |||
3051 | static void parse_sid(struct cifs_sid * psid, char * end_of_acl) | ||
3052 | { | ||
3053 | /* BB need to add parm so we can store the SID BB */ | ||
3054 | |||
3055 | /* validate that we do not go past end of acl */ | ||
3056 | if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) { | ||
3057 | cERROR(1, ("ACL to small to parse SID")); | ||
3058 | return; | ||
3059 | } | ||
3060 | #ifdef CONFIG_CIFS_DEBUG2 | ||
3061 | cFYI(1, ("revision %d num_auth %d First subauth 0x%x", | ||
3062 | psid->revision, psid->num_auth, psid->sub_auth[0])); | ||
3063 | |||
3064 | /* BB add length check to make sure that we do not have huge num auths | ||
3065 | and therefore go off the end */ | ||
3066 | cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth]))); | ||
3067 | #endif | ||
3068 | return; | ||
3069 | } | ||
3070 | |||
3071 | /* Convert CIFS ACL to POSIX form */ | ||
3072 | static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) | ||
3073 | { | ||
3074 | int i; | ||
3075 | int num_aces = 0; | ||
3076 | int acl_size; | ||
3077 | struct cifs_sid *owner_sid_ptr, *group_sid_ptr; | ||
3078 | struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ | ||
3079 | struct cifs_ntace **ppntace; | ||
3080 | struct cifs_ace **ppace; | ||
3081 | char *acl_base; | ||
3082 | char *end_of_acl = ((char *)pntsd) + acl_len; | ||
3083 | |||
3084 | owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + | ||
3085 | cpu_to_le32(pntsd->osidoffset)); | ||
3086 | group_sid_ptr = (struct cifs_sid *)((char *)pntsd + | ||
3087 | cpu_to_le32(pntsd->gsidoffset)); | ||
3088 | dacl_ptr = (struct cifs_acl *)((char *)pntsd + | ||
3089 | cpu_to_le32(pntsd->dacloffset)); | ||
3090 | #ifdef CONFIG_CIFS_DEBUG2 | ||
3091 | cFYI(1,("revision %d type 0x%x ooffset 0x%x goffset 0x%x " | ||
3092 | "sacloffset 0x%x dacloffset 0x%x", pntsd->revision, pntsd->type, | ||
3093 | pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset, | ||
3094 | pntsd->dacloffset)); | ||
3095 | #endif | ||
3096 | parse_sid(owner_sid_ptr, end_of_acl); | ||
3097 | parse_sid(group_sid_ptr, end_of_acl); | ||
3098 | |||
3099 | /* cifscred->uid = owner_sid_ptr->rid; | ||
3100 | cifscred->gid = group_sid_ptr->rid; | ||
3101 | memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr, | ||
3102 | sizeof (struct cifs_sid)); | ||
3103 | memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr, | ||
3104 | sizeof (struct cifs_sid)); */ | ||
3105 | |||
3106 | num_aces = cpu_to_le32(dacl_ptr->num_aces); | ||
3107 | cFYI(1, ("num aces %d", num_aces)); | ||
3108 | if (num_aces > 0) { | ||
3109 | ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), | ||
3110 | GFP_KERNEL); | ||
3111 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), | ||
3112 | GFP_KERNEL); | ||
3113 | |||
3114 | /* cifscred->cecount = dacl_ptr->num_aces; | ||
3115 | cifscred->ntaces = kmalloc(num_aces * | ||
3116 | sizeof(struct cifs_ntace *), GFP_KERNEL); | ||
3117 | cifscred->aces = kmalloc(num_aces * | ||
3118 | sizeof(struct cifs_ace *), GFP_KERNEL);*/ | ||
3119 | |||
3120 | acl_base = (char *)dacl_ptr; | ||
3121 | acl_size = sizeof(struct cifs_acl); | ||
3122 | |||
3123 | for (i = 0; i < num_aces; ++i) { | ||
3124 | ppntace[i] = (struct cifs_ntace *) | ||
3125 | (acl_base + acl_size); | ||
3126 | ppace[i] = (struct cifs_ace *) | ||
3127 | ((char *)ppntace[i] + | ||
3128 | sizeof(struct cifs_ntace)); | ||
3129 | |||
3130 | /* memcpy((void *)(&(cifscred->ntaces[i])), | ||
3131 | (void *)ntace_ptrptr[i], | ||
3132 | sizeof(struct cifs_ntace)); | ||
3133 | memcpy((void *)(&(cifscred->aces[i])), | ||
3134 | (void *)ace_ptrptr[i], | ||
3135 | sizeof(struct cifs_ace)); */ | ||
3136 | |||
3137 | acl_base = (char *)ppntace[i]; | ||
3138 | acl_size = cpu_to_le32(ppntace[i]->size); | ||
3139 | #ifdef CONFIG_CIFS_DEBUG2 | ||
3140 | cFYI(1, ("ACE revision:%d", ppace[i]->revision)); | ||
3141 | } | ||
3142 | #endif | ||
3143 | kfree(ppace); | ||
3144 | kfree(ppntace); | ||
3145 | } | ||
3146 | |||
3147 | return (0); | ||
3148 | } | ||
3149 | |||
3150 | /* Get Security Descriptor (by handle) from remote server for a file or dir */ | 3043 | /* Get Security Descriptor (by handle) from remote server for a file or dir */ |
3151 | int | 3044 | int |
3152 | CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid, | 3045 | CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid, |