forked from luck/tmp_suning_uos_patched
[CIFS] CIFS ACL support (part 2)
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
a8a11d399f
commit
d0d66c443a
|
@ -24,48 +24,178 @@
|
|||
#include <linux/fs.h>
|
||||
#include "cifspdu.h"
|
||||
#include "cifsglob.h"
|
||||
#include "cifsacl.h"
|
||||
#include "cifsproto.h"
|
||||
#include "cifs_debug.h"
|
||||
#include "cifsacl.h"
|
||||
|
||||
/* security id for everyone */
|
||||
static const struct cifs_sid sid_everyone =
|
||||
{1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};
|
||||
{1, 1, {0, 0, 0, 0, 0, 0}, {}};
|
||||
/* group users */
|
||||
static const struct cifs_sid sid_user =
|
||||
{1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
|
||||
{1, 2 , {0, 0, 0, 0, 0, 5}, {}};
|
||||
|
||||
static void parse_ace(struct cifs_ace * pace, char * end_of_acl)
|
||||
{
|
||||
int i;
|
||||
int num_subauth;
|
||||
__u32 *psub_auth;
|
||||
|
||||
/* validate that we do not go past end of acl */
|
||||
if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) {
|
||||
cERROR(1, ("ACL too small to parse ACE"));
|
||||
return;
|
||||
}
|
||||
|
||||
num_subauth = cpu_to_le32(pace->num_subauth);
|
||||
if (num_subauth) {
|
||||
psub_auth = (__u32 *)((char *)pace + sizeof(struct cifs_ace));
|
||||
#ifdef CONFIG_CIFS_DEBUG2
|
||||
cFYI(1, ("ACE revision %d num_subauth %d",
|
||||
pace->revision, pace->num_subauth));
|
||||
for (i = 0; i < num_subauth; ++i) {
|
||||
cFYI(1, ("ACE sub_auth[%d]: 0x%x", i,
|
||||
le32_to_cpu(psub_auth[i])));
|
||||
}
|
||||
|
||||
/* BB add length check to make sure that we do not have huge
|
||||
num auths and therefore go off the end */
|
||||
|
||||
cFYI(1, ("RID %d", le32_to_cpu(psub_auth[num_subauth-1])));
|
||||
#endif
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static void parse_ntace(struct cifs_ntace * pntace, char * end_of_acl)
|
||||
{
|
||||
/* validate that we do not go past end of acl */
|
||||
if (end_of_acl < (char *)pntace + sizeof(struct cifs_ntace)) {
|
||||
cERROR(1, ("ACL too small to parse NT ACE"));
|
||||
return;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_CIFS_DEBUG2
|
||||
cFYI(1, ("NTACE type %d flags 0x%x size %d, access Req 0x%x",
|
||||
pntace->type, pntace->flags, pntace->size,
|
||||
pntace->access_req));
|
||||
#endif
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
|
||||
static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl)
|
||||
{
|
||||
int i;
|
||||
int num_aces = 0;
|
||||
int acl_size;
|
||||
char *acl_base;
|
||||
struct cifs_ntace **ppntace;
|
||||
struct cifs_ace **ppace;
|
||||
|
||||
/* BB need to add parm so we can store the SID BB */
|
||||
|
||||
/* validate that we do not go past end of acl */
|
||||
if (end_of_acl < (char *)pdacl + pdacl->size) {
|
||||
cERROR(1, ("ACL too small to parse DACL"));
|
||||
return;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_CIFS_DEBUG2
|
||||
cFYI(1, ("DACL revision %d size %d num aces %d",
|
||||
pdacl->revision, pdacl->size, pdacl->num_aces));
|
||||
#endif
|
||||
|
||||
acl_base = (char *)pdacl;
|
||||
acl_size = sizeof(struct cifs_acl);
|
||||
|
||||
num_aces = cpu_to_le32(pdacl->num_aces);
|
||||
if (num_aces > 0) {
|
||||
ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
|
||||
GFP_KERNEL);
|
||||
ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
|
||||
GFP_KERNEL);
|
||||
|
||||
/* cifscred->cecount = pdacl->num_aces;
|
||||
cifscred->ntaces = kmalloc(num_aces *
|
||||
sizeof(struct cifs_ntace *), GFP_KERNEL);
|
||||
cifscred->aces = kmalloc(num_aces *
|
||||
sizeof(struct cifs_ace *), GFP_KERNEL);*/
|
||||
|
||||
|
||||
for (i = 0; i < num_aces; ++i) {
|
||||
ppntace[i] = (struct cifs_ntace *)
|
||||
(acl_base + acl_size);
|
||||
ppace[i] = (struct cifs_ace *) ((char *)ppntace[i] +
|
||||
sizeof(struct cifs_ntace));
|
||||
|
||||
parse_ntace(ppntace[i], end_of_acl);
|
||||
parse_ace(ppace[i], end_of_acl);
|
||||
|
||||
/* memcpy((void *)(&(cifscred->ntaces[i])),
|
||||
(void *)ppntace[i],
|
||||
sizeof(struct cifs_ntace));
|
||||
memcpy((void *)(&(cifscred->aces[i])),
|
||||
(void *)ppace[i],
|
||||
sizeof(struct cifs_ace)); */
|
||||
|
||||
acl_base = (char *)ppntace[i];
|
||||
acl_size = cpu_to_le32(ppntace[i]->size);
|
||||
}
|
||||
|
||||
kfree(ppace);
|
||||
kfree(ppntace);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
static int parse_sid(struct cifs_sid *psid, char *end_of_acl)
|
||||
{
|
||||
int i;
|
||||
int num_subauth;
|
||||
__u32 *psub_auth;
|
||||
|
||||
/* BB need to add parm so we can store the SID BB */
|
||||
|
||||
/* validate that we do not go past end of acl */
|
||||
if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
|
||||
cERROR(1, ("ACL to small to parse SID"));
|
||||
cERROR(1, ("ACL too small to parse SID"));
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
num_subauth = cpu_to_le32(psid->num_subauth);
|
||||
if (num_subauth) {
|
||||
psub_auth = (__u32 *)((char *)psid + sizeof(struct cifs_sid));
|
||||
#ifdef CONFIG_CIFS_DEBUG2
|
||||
cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
|
||||
cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x",
|
||||
psid->revision, psid->num_subauth, psid->sub_auth[0]));
|
||||
|
||||
/* BB add length check to make sure that we do not have huge num auths
|
||||
and therefore go off the end */
|
||||
cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_subauth])));
|
||||
for (i = 0; i < num_subauth; ++i) {
|
||||
cFYI(1, ("SID sub_auth[%d]: 0x%x ", i,
|
||||
le32_to_cpu(psub_auth[i])));
|
||||
}
|
||||
|
||||
/* BB add length check to make sure that we do not have huge
|
||||
num auths and therefore go off the end */
|
||||
cFYI(1, ("RID 0x%x",
|
||||
le32_to_cpu(psid->sub_auth[psid->num_subauth])));
|
||||
#endif
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Convert CIFS ACL to POSIX form */
|
||||
int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
|
||||
{
|
||||
int i, rc;
|
||||
int num_aces = 0;
|
||||
int acl_size;
|
||||
int rc;
|
||||
struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
|
||||
struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
|
||||
struct cifs_ntace **ppntace;
|
||||
struct cifs_ace **ppace;
|
||||
char *acl_base;
|
||||
char *end_of_acl = ((char *)pntsd) + acl_len;
|
||||
|
||||
owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
|
||||
|
@ -89,6 +219,8 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
|
|||
if (rc)
|
||||
return rc;
|
||||
|
||||
parse_dacl(dacl_ptr, end_of_acl);
|
||||
|
||||
/* cifscred->uid = owner_sid_ptr->rid;
|
||||
cifscred->gid = group_sid_ptr->rid;
|
||||
memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
|
||||
|
@ -96,46 +228,5 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
|
|||
memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
|
||||
sizeof (struct cifs_sid)); */
|
||||
|
||||
num_aces = cpu_to_le32(dacl_ptr->num_aces);
|
||||
cFYI(1, ("num aces %d", num_aces));
|
||||
if (num_aces > 0) {
|
||||
ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
|
||||
GFP_KERNEL);
|
||||
ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
|
||||
GFP_KERNEL);
|
||||
|
||||
/* cifscred->cecount = dacl_ptr->num_aces;
|
||||
cifscred->ntaces = kmalloc(num_aces *
|
||||
sizeof(struct cifs_ntace *), GFP_KERNEL);
|
||||
cifscred->aces = kmalloc(num_aces *
|
||||
sizeof(struct cifs_ace *), GFP_KERNEL);*/
|
||||
|
||||
acl_base = (char *)dacl_ptr;
|
||||
acl_size = sizeof(struct cifs_acl);
|
||||
|
||||
for (i = 0; i < num_aces; ++i) {
|
||||
ppntace[i] = (struct cifs_ntace *)
|
||||
(acl_base + acl_size);
|
||||
ppace[i] = (struct cifs_ace *)
|
||||
((char *)ppntace[i] +
|
||||
sizeof(struct cifs_ntace));
|
||||
|
||||
/* memcpy((void *)(&(cifscred->ntaces[i])),
|
||||
(void *)ntace_ptrptr[i],
|
||||
sizeof(struct cifs_ntace));
|
||||
memcpy((void *)(&(cifscred->aces[i])),
|
||||
(void *)ace_ptrptr[i],
|
||||
sizeof(struct cifs_ace)); */
|
||||
|
||||
acl_base = (char *)ppntace[i];
|
||||
acl_size = cpu_to_le32(ppntace[i]->size);
|
||||
#ifdef CONFIG_CIFS_DEBUG2
|
||||
cFYI(1, ("ACE revision:%d", ppace[i]->revision));
|
||||
#endif
|
||||
}
|
||||
kfree(ppace);
|
||||
kfree(ppntace);
|
||||
}
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
|
|
@ -44,14 +44,14 @@ struct cifs_acl {
|
|||
__u32 num_aces;
|
||||
} __attribute__((packed));
|
||||
|
||||
struct cifs_ntace {
|
||||
struct cifs_ntace { /* first part of ACE which contains perms */
|
||||
__u8 type;
|
||||
__u8 flags;
|
||||
__u16 size;
|
||||
__u32 access_req;
|
||||
} __attribute__((packed));
|
||||
|
||||
struct cifs_ace {
|
||||
struct cifs_ace { /* last part of ACE which includes user info */
|
||||
__u8 revision; /* revision level */
|
||||
__u8 num_subauth;
|
||||
__u8 authority[6];
|
||||
|
|
|
@ -310,7 +310,7 @@ extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
|
|||
#ifdef CONFIG_CIFS_WEAK_PW_HASH
|
||||
extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key);
|
||||
#endif /* CIFS_WEAK_PW_HASH */
|
||||
extern int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len);
|
||||
extern int parse_sec_desc(struct cifs_ntsd *, int);
|
||||
extern int CIFSSMBCopy(int xid,
|
||||
struct cifsTconInfo *source_tcon,
|
||||
const char *fromName,
|
||||
|
|
|
@ -34,10 +34,10 @@
|
|||
#include <asm/uaccess.h>
|
||||
#include "cifspdu.h"
|
||||
#include "cifsglob.h"
|
||||
#include "cifsacl.h"
|
||||
#include "cifsproto.h"
|
||||
#include "cifs_unicode.h"
|
||||
#include "cifs_debug.h"
|
||||
#include "cifsacl.h"
|
||||
|
||||
#ifdef CONFIG_CIFS_POSIX
|
||||
static struct {
|
||||
|
|
Loading…
Reference in New Issue
Block a user