1 files changed, 110 insertions, 10 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 52f9cb808fd0..43ab26fff398 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -28,6 +28,20 @@
 #include "cifsproto.h"
 #include "cifs_debug.h"
+#ifdef CONFIG_CIFS_EXPERIMENTAL
+struct cifs_wksid wksidarr[NUM_WK_SIDS] = {
+        {{1, 0, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0, 0} }, "null user"},
+        {{1, 1, {0, 0, 0, 0, 0, 1}, {0, 0, 0, 0, 0} }, "nobody"},
+        {{1, 1, {0, 0, 0, 0, 0, 5}, {11, 0, 0, 0, 0} }, "net-users"},
+        {{1, 1, {0, 0, 0, 0, 0, 5}, {18, 0, 0, 0, 0} }, "sys"},
+        {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 544, 0, 0, 0} }, "root"},
+        {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0, 0} }, "users"},
+        {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 546, 0, 0, 0} }, "guest"}
+};
 /* security id for everyone */
 static const struct cifs_sid sid_everyone =
                {1, 1, {0, 0, 0, 0, 0, 0}, {} };
@@ -35,33 +49,113 @@ static const struct cifs_sid sid_everyone =
 static const struct cifs_sid sid_user =
                {1, 2 , {0, 0, 0, 0, 0, 5}, {} };
+int match_sid(struct cifs_sid *ctsid)
+{
+        int i, j;
+        int num_subauth, num_sat, num_saw;
+        struct cifs_sid *cwsid;
+        if (!ctsid)
+                return (-1);
+        for (i = 0; i < NUM_WK_SIDS; ++i) {
+                cwsid = &(wksidarr[i].cifssid);
+                /* compare the revision */
+                if (ctsid->revision != cwsid->revision)
+                        continue;
+                /* compare all of the six auth values */
+                for (j = 0; j < 6; ++j) {
+                        if (ctsid->authority[j] != cwsid->authority[j])
+                                break;
+                }
+                if (j < 6)
+                        continue; /* all of the auth values did not match */
+                /* compare all of the subauth values if any */
+                num_sat = cpu_to_le32(ctsid->num_subauth);
+                num_saw = cpu_to_le32(cwsid->num_subauth);
+                num_subauth = num_sat < num_saw ? num_sat : num_saw;
+                if (num_subauth) {
+                        for (j = 0; j < num_subauth; ++j) {
+                                if (ctsid->sub_auth[j] != cwsid->sub_auth[j])
+                                        break;
+                        }
+                        if (j < num_subauth)
+                                continue; /* all sub_auth values do not match */
+                }
+                cFYI(1, ("matching sid: %s\n", wksidarr[i].sidname));
+                return (0); /* sids compare/match */
+        }
+        cFYI(1, ("No matching sid"));
+        return (-1);
+}
+int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid)
+{
+        int i;
+        int num_subauth, num_sat, num_saw;
+        if ((!ctsid) || (!cwsid))
+                return (-1);
+        /* compare the revision */
+        if (ctsid->revision != cwsid->revision)
+                return (-1);
+        /* compare all of the six auth values */
+        for (i = 0; i < 6; ++i) {
+                if (ctsid->authority[i] != cwsid->authority[i])
+                        return (-1);
+        }
+        /* compare all of the subauth values if any */
+        num_sat = cpu_to_le32(ctsid->num_subauth);
+        num_saw = cpu_to_le32(cwsid->num_subauth);
+        num_subauth = num_sat < num_saw ? num_sat : num_saw;
+        if (num_subauth) {
+                for (i = 0; i < num_subauth; ++i) {
+                        if (ctsid->sub_auth[i] != cwsid->sub_auth[i])
+                                return (-1);
+                }
+        }
+        return (0); /* sids compare/match */
+}
 static void parse_ace(struct cifs_ace *pace, char *end_of_acl)
 {
        int i;
        int num_subauth;
-         __u32 *psub_auth;
        /* validate that we do not go past end of acl */
+        /* XXX this if statement can be removed
        if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) {
                cERROR(1, ("ACL too small to parse ACE"));
                return;
-        }
+        } */
        num_subauth = cpu_to_le32(pace->num_subauth);
        if (num_subauth) {
-                psub_auth = (__u32 *)((char *)pace + sizeof(struct cifs_ace));
 #ifdef CONFIG_CIFS_DEBUG2
                cFYI(1, ("ACE revision %d num_subauth %d",
                        pace->revision, pace->num_subauth));
                for (i = 0; i < num_subauth; ++i) {
                        cFYI(1, ("ACE sub_auth[%d]: 0x%x", i,
-                                le32_to_cpu(psub_auth[i])));
+                                le32_to_cpu(pace->sub_auth[i])));
                }
                /* BB add length check to make sure that we do not have huge
                        num auths and therefore go off the end */
-                cFYI(1, ("RID %d", le32_to_cpu(psub_auth[num_subauth-1])));
+                cFYI(1, ("RID %d", le32_to_cpu(pace->sub_auth[num_subauth-1])));
 #endif
        }
@@ -132,7 +226,13 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl)
                                        sizeof(struct cifs_ntace));
                        parse_ntace(ppntace[i], end_of_acl);
-                        parse_ace(ppace[i], end_of_acl);
+                        if (end_of_acl < ((char *)ppace[i] +
+                                        (ppntace[i]->size -
+                                        sizeof(struct cifs_ntace)))) {
+                                cERROR(1, ("ACL too small to parse ACE"));
+                                break;
+                        } else
+                                parse_ace(ppace[i], end_of_acl);
 /*                      memcpy((void *)(&(cifscred->ntaces[i])),
                                (void *)ppntace[i],
@@ -157,7 +257,6 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl)
 {
        int i;
        int num_subauth;
-        __u32 *psub_auth;
        /* BB need to add parm so we can store the SID BB */
@@ -169,20 +268,19 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl)
        num_subauth = cpu_to_le32(psid->num_subauth);
        if (num_subauth) {
-                psub_auth = (__u32 *)((char *)psid + sizeof(struct cifs_sid));
 #ifdef CONFIG_CIFS_DEBUG2
                cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x",
                        psid->revision, psid->num_subauth, psid->sub_auth[0]));
                for (i = 0; i < num_subauth; ++i) {
                        cFYI(1, ("SID sub_auth[%d]: 0x%x ", i,
-                                le32_to_cpu(psub_auth[i])));
+                                le32_to_cpu(psid->sub_auth[i])));
                }
                /* BB add length check to make sure that we do not have huge
                        num auths and therefore go off the end */
                cFYI(1, ("RID 0x%x",
-                        le32_to_cpu(psid->sub_auth[psid->num_subauth])));
+                        le32_to_cpu(psid->sub_auth[num_subauth-1])));
 #endif
        }
@@ -228,5 +326,7 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
        memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
                        sizeof (struct cifs_sid)); */
        return (0);
 }
+#endif /* CONFIG_CIFS_EXPERIMENTAL */

diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 52f9cb808fd0..43ab26fff398 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c
@@ -28,6 +28,20 @@
28	#include "cifsproto.h"	28	#include "cifsproto.h"
29	#include "cifs_debug.h"	29	#include "cifs_debug.h"
30		30
		31
		32	#ifdef CONFIG_CIFS_EXPERIMENTAL
		33
		34	struct cifs_wksid wksidarr[NUM_WK_SIDS] = {
		35	{{1, 0, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0, 0} }, "null user"},
		36	{{1, 1, {0, 0, 0, 0, 0, 1}, {0, 0, 0, 0, 0} }, "nobody"},
		37	{{1, 1, {0, 0, 0, 0, 0, 5}, {11, 0, 0, 0, 0} }, "net-users"},
		38	{{1, 1, {0, 0, 0, 0, 0, 5}, {18, 0, 0, 0, 0} }, "sys"},
		39	{{1, 2, {0, 0, 0, 0, 0, 5}, {32, 544, 0, 0, 0} }, "root"},
		40	{{1, 2, {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0, 0} }, "users"},
		41	{{1, 2, {0, 0, 0, 0, 0, 5}, {32, 546, 0, 0, 0} }, "guest"}
		42	};
		43
		44
31	/* security id for everyone */	45	/* security id for everyone */
32	static const struct cifs_sid sid_everyone =	46	static const struct cifs_sid sid_everyone =
33	{1, 1, {0, 0, 0, 0, 0, 0}, {} };	47	{1, 1, {0, 0, 0, 0, 0, 0}, {} };
@@ -35,33 +49,113 @@ static const struct cifs_sid sid_everyone =
35	static const struct cifs_sid sid_user =	49	static const struct cifs_sid sid_user =
36	{1, 2 , {0, 0, 0, 0, 0, 5}, {} };	50	{1, 2 , {0, 0, 0, 0, 0, 5}, {} };
37		51
		52
		53	int match_sid(struct cifs_sid *ctsid)
		54	{
		55	int i, j;
		56	int num_subauth, num_sat, num_saw;
		57	struct cifs_sid *cwsid;
		58
		59	if (!ctsid)
		60	return (-1);
		61
		62	for (i = 0; i < NUM_WK_SIDS; ++i) {
		63	cwsid = &(wksidarr[i].cifssid);
		64
		65	/* compare the revision */
		66	if (ctsid->revision != cwsid->revision)
		67	continue;
		68
		69	/* compare all of the six auth values */
		70	for (j = 0; j < 6; ++j) {
		71	if (ctsid->authority[j] != cwsid->authority[j])
		72	break;
		73	}
		74	if (j < 6)
		75	continue; /* all of the auth values did not match */
		76
		77	/* compare all of the subauth values if any */
		78	num_sat = cpu_to_le32(ctsid->num_subauth);
		79	num_saw = cpu_to_le32(cwsid->num_subauth);
		80	num_subauth = num_sat < num_saw ? num_sat : num_saw;
		81	if (num_subauth) {
		82	for (j = 0; j < num_subauth; ++j) {
		83	if (ctsid->sub_auth[j] != cwsid->sub_auth[j])
		84	break;
		85	}
		86	if (j < num_subauth)
		87	continue; /* all sub_auth values do not match */
		88	}
		89
		90	cFYI(1, ("matching sid: %s\n", wksidarr[i].sidname));
		91	return (0); /* sids compare/match */
		92	}
		93
		94	cFYI(1, ("No matching sid"));
		95	return (-1);
		96	}
		97
		98
		99	int compare_sids(struct cifs_sid ctsid, struct cifs_sid cwsid)
		100	{
		101	int i;
		102	int num_subauth, num_sat, num_saw;
		103
		104	if ((!ctsid) \|\| (!cwsid))
		105	return (-1);
		106
		107	/* compare the revision */
		108	if (ctsid->revision != cwsid->revision)
		109	return (-1);
		110
		111	/* compare all of the six auth values */
		112	for (i = 0; i < 6; ++i) {
		113	if (ctsid->authority[i] != cwsid->authority[i])
		114	return (-1);
		115	}
		116
		117	/* compare all of the subauth values if any */
		118	num_sat = cpu_to_le32(ctsid->num_subauth);
		119	num_saw = cpu_to_le32(cwsid->num_subauth);
		120	num_subauth = num_sat < num_saw ? num_sat : num_saw;
		121	if (num_subauth) {
		122	for (i = 0; i < num_subauth; ++i) {
		123	if (ctsid->sub_auth[i] != cwsid->sub_auth[i])
		124	return (-1);
		125	}
		126	}
		127
		128	return (0); /* sids compare/match */
		129	}
		130
		131
38	static void parse_ace(struct cifs_ace pace, char end_of_acl)	132	static void parse_ace(struct cifs_ace pace, char end_of_acl)
39	{	133	{
40	int i;	134	int i;
41	int num_subauth;	135	int num_subauth;
42	__u32 *psub_auth;
43		136
44	/* validate that we do not go past end of acl */	137	/* validate that we do not go past end of acl */
		138
		139	/* XXX this if statement can be removed
45	if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) {	140	if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) {
46	cERROR(1, ("ACL too small to parse ACE"));	141	cERROR(1, ("ACL too small to parse ACE"));
47	return;	142	return;
48	}	143	} */
49		144
50	num_subauth = cpu_to_le32(pace->num_subauth);	145	num_subauth = cpu_to_le32(pace->num_subauth);
51	if (num_subauth) {	146	if (num_subauth) {
52	psub_auth = (__u32 )((char )pace + sizeof(struct cifs_ace));
53	#ifdef CONFIG_CIFS_DEBUG2	147	#ifdef CONFIG_CIFS_DEBUG2
54	cFYI(1, ("ACE revision %d num_subauth %d",	148	cFYI(1, ("ACE revision %d num_subauth %d",
55	pace->revision, pace->num_subauth));	149	pace->revision, pace->num_subauth));
56	for (i = 0; i < num_subauth; ++i) {	150	for (i = 0; i < num_subauth; ++i) {
57	cFYI(1, ("ACE sub_auth[%d]: 0x%x", i,	151	cFYI(1, ("ACE sub_auth[%d]: 0x%x", i,
58	le32_to_cpu(psub_auth[i])));	152	le32_to_cpu(pace->sub_auth[i])));
59	}	153	}
60		154
61	/* BB add length check to make sure that we do not have huge	155	/* BB add length check to make sure that we do not have huge
62	num auths and therefore go off the end */	156	num auths and therefore go off the end */
63		157
64	cFYI(1, ("RID %d", le32_to_cpu(psub_auth[num_subauth-1])));	158	cFYI(1, ("RID %d", le32_to_cpu(pace->sub_auth[num_subauth-1])));
65	#endif	159	#endif
66	}	160	}
67		161
@@ -132,7 +226,13 @@ static void parse_dacl(struct cifs_acl pdacl, char end_of_acl)
132	sizeof(struct cifs_ntace));	226	sizeof(struct cifs_ntace));
133		227
134	parse_ntace(ppntace[i], end_of_acl);	228	parse_ntace(ppntace[i], end_of_acl);
135	parse_ace(ppace[i], end_of_acl);	229	if (end_of_acl < ((char *)ppace[i] +
		230	(ppntace[i]->size -
		231	sizeof(struct cifs_ntace)))) {
		232	cERROR(1, ("ACL too small to parse ACE"));
		233	break;
		234	} else
		235	parse_ace(ppace[i], end_of_acl);
136		236
137	/* memcpy((void *)(&(cifscred->ntaces[i])),	237	/* memcpy((void *)(&(cifscred->ntaces[i])),
138	(void *)ppntace[i],	238	(void *)ppntace[i],
@@ -157,7 +257,6 @@ static int parse_sid(struct cifs_sid psid, char end_of_acl)
157	{	257	{
158	int i;	258	int i;
159	int num_subauth;	259	int num_subauth;
160	__u32 *psub_auth;
161		260
162	/* BB need to add parm so we can store the SID BB */	261	/* BB need to add parm so we can store the SID BB */
163		262
@@ -169,20 +268,19 @@ static int parse_sid(struct cifs_sid psid, char end_of_acl)
169		268
170	num_subauth = cpu_to_le32(psid->num_subauth);	269	num_subauth = cpu_to_le32(psid->num_subauth);
171	if (num_subauth) {	270	if (num_subauth) {
172	psub_auth = (__u32 )((char )psid + sizeof(struct cifs_sid));
173	#ifdef CONFIG_CIFS_DEBUG2	271	#ifdef CONFIG_CIFS_DEBUG2
174	cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x",	272	cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x",
175	psid->revision, psid->num_subauth, psid->sub_auth[0]));	273	psid->revision, psid->num_subauth, psid->sub_auth[0]));
176		274
177	for (i = 0; i < num_subauth; ++i) {	275	for (i = 0; i < num_subauth; ++i) {
178	cFYI(1, ("SID sub_auth[%d]: 0x%x ", i,	276	cFYI(1, ("SID sub_auth[%d]: 0x%x ", i,
179	le32_to_cpu(psub_auth[i])));	277	le32_to_cpu(psid->sub_auth[i])));
180	}	278	}
181		279
182	/* BB add length check to make sure that we do not have huge	280	/* BB add length check to make sure that we do not have huge
183	num auths and therefore go off the end */	281	num auths and therefore go off the end */
184	cFYI(1, ("RID 0x%x",	282	cFYI(1, ("RID 0x%x",
185	le32_to_cpu(psid->sub_auth[psid->num_subauth])));	283	le32_to_cpu(psid->sub_auth[num_subauth-1])));
186	#endif	284	#endif
187	}	285	}
188		286
@@ -228,5 +326,7 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
228	memcpy((void )(&(cifscred->gsid)), (void )group_sid_ptr,	326	memcpy((void )(&(cifscred->gsid)), (void )group_sid_ptr,
229	sizeof (struct cifs_sid)); */	327	sizeof (struct cifs_sid)); */
230		328
		329
231	return (0);	330	return (0);
232	}	331	}
		332	#endif /* CONFIG_CIFS_EXPERIMENTAL */