diff options
Diffstat (limited to 'fs/cifs/cifsacl.c')
-rw-r--r-- | fs/cifs/cifsacl.c | 79 |
1 files changed, 24 insertions, 55 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index e8083043a26c..154cb8449b9b 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c | |||
@@ -38,8 +38,8 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { | |||
38 | {{1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(18), 0, 0, 0, 0} }, "sys"}, | 38 | {{1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(18), 0, 0, 0, 0} }, "sys"}, |
39 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(544), 0, 0, 0} }, "root"}, | 39 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(544), 0, 0, 0} }, "root"}, |
40 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(545), 0, 0, 0} }, "users"}, | 40 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(545), 0, 0, 0} }, "users"}, |
41 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(546), 0, 0, 0} }, "guest"} | 41 | {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(546), 0, 0, 0} }, "guest"} } |
42 | }; | 42 | ; |
43 | 43 | ||
44 | 44 | ||
45 | /* security id for everyone */ | 45 | /* security id for everyone */ |
@@ -131,6 +131,8 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) | |||
131 | 131 | ||
132 | void get_mode_from_acl(struct inode * inode, const char * path) | 132 | void get_mode_from_acl(struct inode * inode, const char * path) |
133 | { | 133 | { |
134 | |||
135 | cFYI(1, ("get mode from ACL for %s", path)); | ||
134 | 136 | ||
135 | if (inode == NULL) | 137 | if (inode == NULL) |
136 | return; | 138 | return; |
@@ -159,50 +161,36 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) | |||
159 | 161 | ||
160 | /* validate that we do not go past end of acl */ | 162 | /* validate that we do not go past end of acl */ |
161 | 163 | ||
162 | /* XXX this if statement can be removed | 164 | if (le16_to_cpu(pace->size) < 16) { |
163 | if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) { | 165 | cERROR(1, ("ACE too small, %d", le16_to_cpu(pace->size))); |
166 | return; | ||
167 | } | ||
168 | |||
169 | if (end_of_acl < (char *)pace + le16_to_cpu(pace->size)) { | ||
164 | cERROR(1, ("ACL too small to parse ACE")); | 170 | cERROR(1, ("ACL too small to parse ACE")); |
165 | return; | 171 | return; |
166 | } */ | 172 | } |
167 | 173 | ||
168 | num_subauth = pace->num_subauth; | 174 | num_subauth = pace->sid.num_subauth; |
169 | if (num_subauth) { | 175 | if (num_subauth) { |
170 | #ifdef CONFIG_CIFS_DEBUG2 | 176 | #ifdef CONFIG_CIFS_DEBUG2 |
171 | int i; | 177 | int i; |
172 | cFYI(1, ("ACE revision %d num_subauth %d", | 178 | cFYI(1, ("ACE revision %d num_auth %d type %d flags %d size %d", |
173 | pace->revision, pace->num_subauth)); | 179 | pace->sid.revision, pace->sid.num_subauth, pace->type, |
180 | pace->flags, pace->size)); | ||
174 | for (i = 0; i < num_subauth; ++i) { | 181 | for (i = 0; i < num_subauth; ++i) { |
175 | cFYI(1, ("ACE sub_auth[%d]: 0x%x", i, | 182 | cFYI(1, ("ACE sub_auth[%d]: 0x%x", i, |
176 | le32_to_cpu(pace->sub_auth[i]))); | 183 | le32_to_cpu(pace->sid.sub_auth[i]))); |
177 | } | 184 | } |
178 | 185 | ||
179 | /* BB add length check to make sure that we do not have huge | 186 | /* BB add length check to make sure that we do not have huge |
180 | num auths and therefore go off the end */ | 187 | num auths and therefore go off the end */ |
181 | |||
182 | cFYI(1, ("RID %d", le32_to_cpu(pace->sub_auth[num_subauth-1]))); | ||
183 | #endif | 188 | #endif |
184 | } | 189 | } |
185 | 190 | ||
186 | return; | 191 | return; |
187 | } | 192 | } |
188 | 193 | ||
189 | static void parse_ntace(struct cifs_ntace *pntace, char *end_of_acl) | ||
190 | { | ||
191 | /* validate that we do not go past end of acl */ | ||
192 | if (end_of_acl < (char *)pntace + sizeof(struct cifs_ntace)) { | ||
193 | cERROR(1, ("ACL too small to parse NT ACE")); | ||
194 | return; | ||
195 | } | ||
196 | |||
197 | #ifdef CONFIG_CIFS_DEBUG2 | ||
198 | cFYI(1, ("NTACE type %d flags 0x%x size %d, access Req 0x%x", | ||
199 | pntace->type, pntace->flags, pntace->size, | ||
200 | pntace->access_req)); | ||
201 | #endif | ||
202 | return; | ||
203 | } | ||
204 | |||
205 | |||
206 | 194 | ||
207 | static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, | 195 | static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, |
208 | struct cifs_sid *pownersid, struct cifs_sid *pgrpsid) | 196 | struct cifs_sid *pownersid, struct cifs_sid *pgrpsid) |
@@ -211,7 +199,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, | |||
211 | int num_aces = 0; | 199 | int num_aces = 0; |
212 | int acl_size; | 200 | int acl_size; |
213 | char *acl_base; | 201 | char *acl_base; |
214 | struct cifs_ntace **ppntace; | ||
215 | struct cifs_ace **ppace; | 202 | struct cifs_ace **ppace; |
216 | 203 | ||
217 | /* BB need to add parm so we can store the SID BB */ | 204 | /* BB need to add parm so we can store the SID BB */ |
@@ -233,45 +220,27 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, | |||
233 | 220 | ||
234 | num_aces = le32_to_cpu(pdacl->num_aces); | 221 | num_aces = le32_to_cpu(pdacl->num_aces); |
235 | if (num_aces > 0) { | 222 | if (num_aces > 0) { |
236 | ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), | ||
237 | GFP_KERNEL); | ||
238 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), | 223 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), |
239 | GFP_KERNEL); | 224 | GFP_KERNEL); |
240 | 225 | ||
241 | /* cifscred->cecount = pdacl->num_aces; | 226 | /* cifscred->cecount = pdacl->num_aces; |
242 | cifscred->ntaces = kmalloc(num_aces * | ||
243 | sizeof(struct cifs_ntace *), GFP_KERNEL); | ||
244 | cifscred->aces = kmalloc(num_aces * | 227 | cifscred->aces = kmalloc(num_aces * |
245 | sizeof(struct cifs_ace *), GFP_KERNEL);*/ | 228 | sizeof(struct cifs_ace *), GFP_KERNEL);*/ |
246 | 229 | ||
247 | for (i = 0; i < num_aces; ++i) { | 230 | for (i = 0; i < num_aces; ++i) { |
248 | ppntace[i] = (struct cifs_ntace *) | 231 | ppace[i] = (struct cifs_ace *) (acl_base + acl_size); |
249 | (acl_base + acl_size); | 232 | |
250 | ppace[i] = (struct cifs_ace *) ((char *)ppntace[i] + | 233 | parse_ace(ppace[i], end_of_acl); |
251 | sizeof(struct cifs_ntace)); | ||
252 | |||
253 | parse_ntace(ppntace[i], end_of_acl); | ||
254 | if (end_of_acl < ((char *)ppace[i] + | ||
255 | (le16_to_cpu(ppntace[i]->size) - | ||
256 | sizeof(struct cifs_ntace)))) { | ||
257 | cERROR(1, ("ACL too small to parse ACE")); | ||
258 | break; | ||
259 | } else | ||
260 | parse_ace(ppace[i], end_of_acl); | ||
261 | 234 | ||
262 | /* memcpy((void *)(&(cifscred->ntaces[i])), | 235 | /* memcpy((void *)(&(cifscred->aces[i])), |
263 | (void *)ppntace[i], | ||
264 | sizeof(struct cifs_ntace)); | ||
265 | memcpy((void *)(&(cifscred->aces[i])), | ||
266 | (void *)ppace[i], | 236 | (void *)ppace[i], |
267 | sizeof(struct cifs_ace)); */ | 237 | sizeof(struct cifs_ace)); */ |
268 | 238 | ||
269 | acl_base = (char *)ppntace[i]; | 239 | acl_base = (char *)ppace[i]; |
270 | acl_size = le16_to_cpu(ppntace[i]->size); | 240 | acl_size = le16_to_cpu(ppace[i]->size); |
271 | } | 241 | } |
272 | 242 | ||
273 | kfree(ppace); | 243 | kfree(ppace); |
274 | kfree(ppntace); | ||
275 | } | 244 | } |
276 | 245 | ||
277 | return; | 246 | return; |
@@ -292,8 +261,8 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) | |||
292 | if (psid->num_subauth) { | 261 | if (psid->num_subauth) { |
293 | #ifdef CONFIG_CIFS_DEBUG2 | 262 | #ifdef CONFIG_CIFS_DEBUG2 |
294 | int i; | 263 | int i; |
295 | cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x", | 264 | cFYI(1, ("SID revision %d num_auth %d", |
296 | psid->revision, psid->num_subauth, psid->sub_auth[0])); | 265 | psid->revision, psid->num_subauth)); |
297 | 266 | ||
298 | for (i = 0; i < psid->num_subauth; i++) { | 267 | for (i = 0; i < psid->num_subauth; i++) { |
299 | cFYI(1, ("SID sub_auth[%d]: 0x%x ", i, | 268 | cFYI(1, ("SID sub_auth[%d]: 0x%x ", i, |