aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--fs/cifs/Makefile2
-rw-r--r--fs/cifs/cifsacl.c134
-rw-r--r--fs/cifs/cifsacl.h2
-rw-r--r--fs/cifs/cifsproto.h1
-rw-r--r--fs/cifs/cifssmb.c107
5 files changed, 137 insertions, 109 deletions
diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile
index 6ecd9d6ba3f..ff6ba8d823f 100644
--- a/fs/cifs/Makefile
+++ b/fs/cifs/Makefile
@@ -3,4 +3,4 @@
#
obj-$(CONFIG_CIFS) += cifs.o
-cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o
+cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
new file mode 100644
index 00000000000..11ac13336ec
--- /dev/null
+++ b/fs/cifs/cifsacl.c
@@ -0,0 +1,134 @@
+/*
+ * fs/cifs/cifsacl.c
+ *
+ * Copyright (C) International Business Machines Corp., 2007
+ * Author(s): Steve French (sfrench@us.ibm.com)
+ *
+ * Contains the routines for mapping CIFS/NTFS ACLs
+ *
+ * This library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ * the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+/* security id for everyone */
+static const struct cifs_sid sid_everyone =
+ {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};
+/* group users */
+static const struct cifs_sid sid_user =
+ {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
+
+static int parse_sid(struct cifs_sid *psid, char *end_of_acl)
+{
+ /* BB need to add parm so we can store the SID BB */
+
+ /* validate that we do not go past end of acl */
+ if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
+ cERROR(1, ("ACL to small to parse SID"));
+ return -EINVAL;
+ }
+#ifdef CONFIG_CIFS_DEBUG2
+ cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
+ psid->revision, psid->num_auth, psid->sub_auth[0]));
+
+ /* BB add length check to make sure that we do not have huge num auths
+ and therefore go off the end */
+ cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
+#endif
+ return 0;
+}
+
+/* Convert CIFS ACL to POSIX form */
+int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
+{
+ int i;
+ int num_aces = 0;
+ int acl_size;
+ struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
+ struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
+ struct cifs_ntace **ppntace;
+ struct cifs_ace **ppace;
+ char *acl_base;
+ char *end_of_acl = ((char *)pntsd) + acl_len;
+
+ owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
+ cpu_to_le32(pntsd->osidoffset));
+ group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
+ cpu_to_le32(pntsd->gsidoffset));
+ dacl_ptr = (struct cifs_acl *)((char *)pntsd +
+ cpu_to_le32(pntsd->dacloffset));
+#ifdef CONFIG_CIFS_DEBUG2
+ cFYI(1, ("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
+ "sacloffset 0x%x dacloffset 0x%x",
+ pntsd->revision, pntsd->type,
+ pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
+ pntsd->dacloffset));
+#endif
+ rc = parse_sid(owner_sid_ptr, end_of_acl);
+ if (rc)
+ return rc;
+
+ rc = parse_sid(group_sid_ptr, end_of_acl);
+ if (rc)
+ return rc;
+
+/* cifscred->uid = owner_sid_ptr->rid;
+ cifscred->gid = group_sid_ptr->rid;
+ memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
+ sizeof (struct cifs_sid));
+ memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
+ sizeof (struct cifs_sid)); */
+
+ num_aces = cpu_to_le32(dacl_ptr->num_aces);
+ cFYI(1, ("num aces %d", num_aces));
+ if (num_aces > 0) {
+ ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
+ GFP_KERNEL);
+ ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
+ GFP_KERNEL);
+
+/* cifscred->cecount = dacl_ptr->num_aces;
+ cifscred->ntaces = kmalloc(num_aces *
+ sizeof(struct cifs_ntace *), GFP_KERNEL);
+ cifscred->aces = kmalloc(num_aces *
+ sizeof(struct cifs_ace *), GFP_KERNEL);*/
+
+ acl_base = (char *)dacl_ptr;
+ acl_size = sizeof(struct cifs_acl);
+
+ for (i = 0; i < num_aces; ++i) {
+ ppntace[i] = (struct cifs_ntace *)
+ (acl_base + acl_size);
+ ppace[i] = (struct cifs_ace *)
+ ((char *)ppntace[i] +
+ sizeof(struct cifs_ntace));
+
+/* memcpy((void *)(&(cifscred->ntaces[i])),
+ (void *)ntace_ptrptr[i],
+ sizeof(struct cifs_ntace));
+ memcpy((void *)(&(cifscred->aces[i])),
+ (void *)ace_ptrptr[i],
+ sizeof(struct cifs_ace)); */
+
+ acl_base = (char *)ppntace[i];
+ acl_size = cpu_to_le32(ppntace[i]->size);
+#ifdef CONFIG_CIFS_DEBUG2
+ cFYI(1, ("ACE revision:%d", ppace[i]->revision));
+#endif
+ }
+ kfree(ppace);
+ kfree(ppntace);
+ }
+
+ return (0);
+}
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h
index 97d03dc8169..b975ae11303 100644
--- a/fs/cifs/cifsacl.h
+++ b/fs/cifs/cifsacl.h
@@ -1,7 +1,7 @@
/*
* fs/cifs/cifsacl.h
*
- * Copyright (c) International Business Machines Corp., 2005
+ * Copyright (c) International Business Machines Corp., 2007
* Author(s): Steve French (sfrench@us.ibm.com)
*
* This library is free software; you can redistribute it and/or modify
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 4ffae9d9291..7dbb79b8dd5 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -310,6 +310,7 @@ extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
#ifdef CONFIG_CIFS_WEAK_PW_HASH
extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key);
#endif /* CIFS_WEAK_PW_HASH */
+extern int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len);
extern int CIFSSMBCopy(int xid,
struct cifsTconInfo *source_tcon,
const char *fromName,
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 46c2bb45512..cc05a26ab07 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -3040,113 +3040,6 @@ GetExtAttrOut:
#endif /* CONFIG_POSIX */
-
-/* security id for everyone */
-static const struct cifs_sid sid_everyone =
- {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};
-/* group users */
-static const struct cifs_sid sid_user =
- {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};
-
-static void parse_sid(struct cifs_sid * psid, char * end_of_acl)
-{
- /* BB need to add parm so we can store the SID BB */
-
- /* validate that we do not go past end of acl */
- if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {
- cERROR(1, ("ACL to small to parse SID"));
- return;
- }
-#ifdef CONFIG_CIFS_DEBUG2
- cFYI(1, ("revision %d num_auth %d First subauth 0x%x",
- psid->revision, psid->num_auth, psid->sub_auth[0]));
-
- /* BB add length check to make sure that we do not have huge num auths
- and therefore go off the end */
- cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_auth])));
-#endif
- return;
-}
-
-/* Convert CIFS ACL to POSIX form */
-static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)
-{
- int i;
- int num_aces = 0;
- int acl_size;
- struct cifs_sid *owner_sid_ptr, *group_sid_ptr;
- struct cifs_acl *dacl_ptr; /* no need for SACL ptr */
- struct cifs_ntace **ppntace;
- struct cifs_ace **ppace;
- char *acl_base;
- char *end_of_acl = ((char *)pntsd) + acl_len;
-
- owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +
- cpu_to_le32(pntsd->osidoffset));
- group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
- cpu_to_le32(pntsd->gsidoffset));
- dacl_ptr = (struct cifs_acl *)((char *)pntsd +
- cpu_to_le32(pntsd->dacloffset));
-#ifdef CONFIG_CIFS_DEBUG2
- cFYI(1,("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
- "sacloffset 0x%x dacloffset 0x%x", pntsd->revision, pntsd->type,
- pntsd->osidoffset, pntsd->gsidoffset, pntsd->sacloffset,
- pntsd->dacloffset));
-#endif
- parse_sid(owner_sid_ptr, end_of_acl);
- parse_sid(group_sid_ptr, end_of_acl);
-
-/* cifscred->uid = owner_sid_ptr->rid;
- cifscred->gid = group_sid_ptr->rid;
- memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,
- sizeof (struct cifs_sid));
- memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,
- sizeof (struct cifs_sid)); */
-
- num_aces = cpu_to_le32(dacl_ptr->num_aces);
- cFYI(1, ("num aces %d", num_aces));
- if (num_aces > 0) {
- ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),
- GFP_KERNEL);
- ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
- GFP_KERNEL);
-
-/* cifscred->cecount = dacl_ptr->num_aces;
- cifscred->ntaces = kmalloc(num_aces *
- sizeof(struct cifs_ntace *), GFP_KERNEL);
- cifscred->aces = kmalloc(num_aces *
- sizeof(struct cifs_ace *), GFP_KERNEL);*/
-
- acl_base = (char *)dacl_ptr;
- acl_size = sizeof(struct cifs_acl);
-
- for (i = 0; i < num_aces; ++i) {
- ppntace[i] = (struct cifs_ntace *)
- (acl_base + acl_size);
- ppace[i] = (struct cifs_ace *)
- ((char *)ppntace[i] +
- sizeof(struct cifs_ntace));
-
-/* memcpy((void *)(&(cifscred->ntaces[i])),
- (void *)ntace_ptrptr[i],
- sizeof(struct cifs_ntace));
- memcpy((void *)(&(cifscred->aces[i])),
- (void *)ace_ptrptr[i],
- sizeof(struct cifs_ace)); */
-
- acl_base = (char *)ppntace[i];
- acl_size = cpu_to_le32(ppntace[i]->size);
-#ifdef CONFIG_CIFS_DEBUG2
- cFYI(1, ("ACE revision:%d", ppace[i]->revision));
- }
-#endif
- kfree(ppace);
- kfree(ppntace);
- }
-
- return (0);
-}
-
/* Get Security Descriptor (by handle) from remote server for a file or dir */
int
CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,