aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/cifs/Makefile2
-rw-r--r--fs/cifs/cifsacl.c134
-rw-r--r--fs/cifs/cifsacl.h2
-rw-r--r--fs/cifs/cifsproto.h1
-rw-r--r--fs/cifs/cifssmb.c107
5 files changed, 137 insertions, 109 deletions
diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile
index 6ecd9d6ba3f3..ff6ba8d823f0 100644
--- a/fs/cifs/Makefile
+++ b/fs/cifs/Makefile
@@ -3,4 +3,4 @@
3# 3#
4obj-$(CONFIG_CIFS) += cifs.o 4obj-$(CONFIG_CIFS) += cifs.o
5 5
6cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o 6cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
new file mode 100644
index 000000000000..11ac13336ecb
--- /dev/null
+++ b/fs/cifs/cifsacl.c
@@ -0,0 +1,134 @@
1/*
2 * fs/cifs/cifsacl.c
3 *
4 * Copyright (C) International Business Machines Corp., 2007
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * Contains the routines for mapping CIFS/NTFS ACLs
8 *
9 * This library is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU Lesser General Public License as published
11 * by the Free Software Foundation; either version 2.1 of the License, or
12 * (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
17 * the GNU Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public License
20 * along with this library; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 */
23
24/* security id for everyone */
25static const struct cifs_sid sid_everyone =
26 {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};
27/* group users */
28static const struct cifs_sid sid_user =
29 {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
30
31static int parse_sid(struct cifs_sid *psid, char *end_of_acl)
32{
33 /* BB need to add parm so we can store the SID BB */
34
35 /* validate that we do not go past end of acl */
36 if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
37 cERROR(1, ("ACL to small to parse SID"));
38 return -EINVAL;
39 }
40#ifdef CONFIG_CIFS_DEBUG2
41 cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
42 psid->revision, psid->num_auth, psid->sub_auth[0]));
43
44 /* BB add length check to make sure that we do not have huge num auths
45 and therefore go off the end */
46 cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
47#endif
48 return 0;
49}
50
51/* Convert CIFS ACL to POSIX form */
52int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
53{
54 int i;
55 int num_aces = 0;
56 int acl_size;
57 struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
58 struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
59 struct cifs_ntace **ppntace;
60 struct cifs_ace **ppace;
61 char *acl_base;
62 char *end_of_acl = ((char *)pntsd) + acl_len;
63
64 owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
65 cpu_to_le32(pntsd->osidoffset));
66 group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
67 cpu_to_le32(pntsd->gsidoffset));
68 dacl_ptr = (struct cifs_acl *)((char *)pntsd +
69 cpu_to_le32(pntsd->dacloffset));
70#ifdef CONFIG_CIFS_DEBUG2
71 cFYI(1, ("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
72 "sacloffset 0x%x dacloffset 0x%x",
73 pntsd->revision, pntsd->type,
74 pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
75 pntsd->dacloffset));
76#endif
77 rc = parse_sid(owner_sid_ptr, end_of_acl);
78 if (rc)
79 return rc;
80
81 rc = parse_sid(group_sid_ptr, end_of_acl);
82 if (rc)
83 return rc;
84
85/* cifscred->uid = owner_sid_ptr->rid;
86 cifscred->gid = group_sid_ptr->rid;
87 memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
88 sizeof (struct cifs_sid));
89 memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
90 sizeof (struct cifs_sid)); */
91
92 num_aces = cpu_to_le32(dacl_ptr->num_aces);
93 cFYI(1, ("num aces %d", num_aces));
94 if (num_aces > 0) {
95 ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
96 GFP_KERNEL);
97 ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
98 GFP_KERNEL);
99
100/* cifscred->cecount = dacl_ptr->num_aces;
101 cifscred->ntaces = kmalloc(num_aces *
102 sizeof(struct cifs_ntace *), GFP_KERNEL);
103 cifscred->aces = kmalloc(num_aces *
104 sizeof(struct cifs_ace *), GFP_KERNEL);*/
105
106 acl_base = (char *)dacl_ptr;
107 acl_size = sizeof(struct cifs_acl);
108
109 for (i = 0; i < num_aces; ++i) {
110 ppntace[i] = (struct cifs_ntace *)
111 (acl_base + acl_size);
112 ppace[i] = (struct cifs_ace *)
113 ((char *)ppntace[i] +
114 sizeof(struct cifs_ntace));
115
116/* memcpy((void *)(&(cifscred->ntaces[i])),
117 (void *)ntace_ptrptr[i],
118 sizeof(struct cifs_ntace));
119 memcpy((void *)(&(cifscred->aces[i])),
120 (void *)ace_ptrptr[i],
121 sizeof(struct cifs_ace)); */
122
123 acl_base = (char *)ppntace[i];
124 acl_size = cpu_to_le32(ppntace[i]->size);
125#ifdef CONFIG_CIFS_DEBUG2
126 cFYI(1, ("ACE revision:%d", ppace[i]->revision));
127#endif
128 }
129 kfree(ppace);
130 kfree(ppntace);
131 }
132
133 return (0);
134}
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h
index 97d03dc8169c..b975ae113037 100644
--- a/fs/cifs/cifsacl.h
+++ b/fs/cifs/cifsacl.h
@@ -1,7 +1,7 @@
1/* 1/*
2 * fs/cifs/cifsacl.h 2 * fs/cifs/cifsacl.h
3 * 3 *
4 * Copyright (c) International Business Machines Corp., 2005 4 * Copyright (c) International Business Machines Corp., 2007
5 * Author(s): Steve French (sfrench@us.ibm.com) 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * 6 *
7 * This library is free software; you can redistribute it and/or modify 7 * This library is free software; you can redistribute it and/or modify
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 4ffae9d92910..7dbb79b8dd50 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -310,6 +310,7 @@ extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
310#ifdef CONFIG_CIFS_WEAK_PW_HASH 310#ifdef CONFIG_CIFS_WEAK_PW_HASH
311extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key); 311extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key);
312#endif /* CIFS_WEAK_PW_HASH */ 312#endif /* CIFS_WEAK_PW_HASH */
313extern int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len);
313extern int CIFSSMBCopy(int xid, 314extern int CIFSSMBCopy(int xid,
314 struct cifsTconInfo *source_tcon, 315 struct cifsTconInfo *source_tcon,
315 const char *fromName, 316 const char *fromName,
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 46c2bb455124..cc05a26ab07a 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -3040,113 +3040,6 @@ GetExtAttrOut:
3040 3040
3041#endif /* CONFIG_POSIX */ 3041#endif /* CONFIG_POSIX */
3042 3042
3043
3044/* security id for everyone */
3045static const struct cifs_sid sid_everyone =
3046 {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};
3047/* group users */
3048static const struct cifs_sid sid_user =
3049 {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
3050
3051static void parse_sid(struct cifs_sid * psid, char * end_of_acl)
3052{
3053 /* BB need to add parm so we can store the SID BB */
3054
3055 /* validate that we do not go past end of acl */
3056 if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
3057 cERROR(1, ("ACL to small to parse SID"));
3058 return;
3059 }
3060#ifdef CONFIG_CIFS_DEBUG2
3061 cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
3062 psid->revision, psid->num_auth, psid->sub_auth[0]));
3063
3064 /* BB add length check to make sure that we do not have huge num auths
3065 and therefore go off the end */
3066 cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
3067#endif
3068 return;
3069}
3070
3071/* Convert CIFS ACL to POSIX form */
3072static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
3073{
3074 int i;
3075 int num_aces = 0;
3076 int acl_size;
3077 struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
3078 struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
3079 struct cifs_ntace **ppntace;
3080 struct cifs_ace **ppace;
3081 char *acl_base;
3082 char *end_of_acl = ((char *)pntsd) + acl_len;
3083
3084 owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
3085 cpu_to_le32(pntsd->osidoffset));
3086 group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
3087 cpu_to_le32(pntsd->gsidoffset));
3088 dacl_ptr = (struct cifs_acl *)((char *)pntsd +
3089 cpu_to_le32(pntsd->dacloffset));
3090#ifdef CONFIG_CIFS_DEBUG2
3091 cFYI(1,("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
3092 "sacloffset 0x%x dacloffset 0x%x", pntsd->revision, pntsd->type,
3093 pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
3094 pntsd->dacloffset));
3095#endif
3096 parse_sid(owner_sid_ptr, end_of_acl);
3097 parse_sid(group_sid_ptr, end_of_acl);
3098
3099/* cifscred->uid = owner_sid_ptr->rid;
3100 cifscred->gid = group_sid_ptr->rid;
3101 memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
3102 sizeof (struct cifs_sid));
3103 memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
3104 sizeof (struct cifs_sid)); */
3105
3106 num_aces = cpu_to_le32(dacl_ptr->num_aces);
3107 cFYI(1, ("num aces %d", num_aces));
3108 if (num_aces > 0) {
3109 ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
3110 GFP_KERNEL);
3111 ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
3112 GFP_KERNEL);
3113
3114/* cifscred->cecount = dacl_ptr->num_aces;
3115 cifscred->ntaces = kmalloc(num_aces *
3116 sizeof(struct cifs_ntace *), GFP_KERNEL);
3117 cifscred->aces = kmalloc(num_aces *
3118 sizeof(struct cifs_ace *), GFP_KERNEL);*/
3119
3120 acl_base = (char *)dacl_ptr;
3121 acl_size = sizeof(struct cifs_acl);
3122
3123 for (i = 0; i < num_aces; ++i) {
3124 ppntace[i] = (struct cifs_ntace *)
3125 (acl_base + acl_size);
3126 ppace[i] = (struct cifs_ace *)
3127 ((char *)ppntace[i] +
3128 sizeof(struct cifs_ntace));
3129
3130/* memcpy((void *)(&(cifscred->ntaces[i])),
3131 (void *)ntace_ptrptr[i],
3132 sizeof(struct cifs_ntace));
3133 memcpy((void *)(&(cifscred->aces[i])),
3134 (void *)ace_ptrptr[i],
3135 sizeof(struct cifs_ace)); */
3136
3137 acl_base = (char *)ppntace[i];
3138 acl_size = cpu_to_le32(ppntace[i]->size);
3139#ifdef CONFIG_CIFS_DEBUG2
3140 cFYI(1, ("ACE revision:%d", ppace[i]->revision));
3141 }
3142#endif
3143 kfree(ppace);
3144 kfree(ppntace);
3145 }
3146
3147 return (0);
3148}
3149
3150/* Get Security Descriptor (by handle) from remote server for a file or dir */ 3043/* Get Security Descriptor (by handle) from remote server for a file or dir */
3151int 3044int
3152CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid, 3045CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,