[CIFS] CIFS ACL support (part 2)

#include <linux/fs.h>

#include "cifspdu.h"

#include "cifsglob.h"

#include "cifsacl.h"

#include "cifsproto.h"

#include "cifs_debug.h"

#include "cifsacl.h"

/* security id for everyone */

static const struct cifs_sid sid_everyone =

		{1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}};

		{1, 1, {0, 0, 0, 0, 0, 0}, {}};

/* group users */

static const struct cifs_sid sid_user =

		{1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}};

		{1, 2 , {0, 0, 0, 0, 0, 5}, {}};

static void parse_ace(struct cifs_ace * pace, char * end_of_acl)

{

	int i;

	int num_subauth;

	 __u32 *psub_auth;

	/* validate that we do not go past end of acl */

	if (end_of_acl < (char *)pace + sizeof(struct cifs_ace)) {

		cERROR(1, ("ACL too small to parse ACE"));

		return;

	}

	num_subauth = cpu_to_le32(pace->num_subauth);

	if (num_subauth) {

		psub_auth = (__u32 *)((char *)pace + sizeof(struct cifs_ace));

#ifdef CONFIG_CIFS_DEBUG2 

		cFYI(1, ("ACE revision %d num_subauth %d", 

			pace->revision, pace->num_subauth)); 

		for (i = 0; i < num_subauth; ++i) { 

			cFYI(1, ("ACE sub_auth[%d]: 0x%x", i, 

				le32_to_cpu(psub_auth[i]))); 

		} 

		/* BB add length check to make sure that we do not have huge 

			num auths and therefore go off the end */ 

		cFYI(1, ("RID %d", le32_to_cpu(psub_auth[num_subauth-1]))); 

#endif 

	} 

	return; 

} 

static void parse_ntace(struct cifs_ntace * pntace, char * end_of_acl) 

{ 

	/* validate that we do not go past end of acl */ 

	if (end_of_acl < (char *)pntace + sizeof(struct cifs_ntace)) {

		cERROR(1, ("ACL too small to parse NT ACE"));

		return;

	}

#ifdef CONFIG_CIFS_DEBUG2

	cFYI(1, ("NTACE type %d flags 0x%x size %d, access Req 0x%x",

		pntace->type, pntace->flags, pntace->size,

		pntace->access_req));

#endif

	return;

}

static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl)

{

	int i;

	int num_aces = 0;

	int acl_size;

	char *acl_base;

	struct cifs_ntace **ppntace;

	struct cifs_ace **ppace;

	/* BB need to add parm so we can store the SID BB */

	/* validate that we do not go past end of acl */

	if (end_of_acl < (char *)pdacl + pdacl->size) {

		cERROR(1, ("ACL too small to parse DACL"));

		return;

	}

#ifdef CONFIG_CIFS_DEBUG2

	cFYI(1, ("DACL revision %d size %d num aces %d",

		pdacl->revision, pdacl->size, pdacl->num_aces));

#endif

	acl_base = (char *)pdacl;

	acl_size = sizeof(struct cifs_acl);

	num_aces = cpu_to_le32(pdacl->num_aces);

	if (num_aces  > 0) {

		ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),

				GFP_KERNEL);

		ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),

				GFP_KERNEL);

/*              cifscred->cecount = pdacl->num_aces;

                cifscred->ntaces = kmalloc(num_aces *

                        sizeof(struct cifs_ntace *), GFP_KERNEL);

                cifscred->aces = kmalloc(num_aces *

                        sizeof(struct cifs_ace *), GFP_KERNEL);*/

		for (i = 0; i < num_aces; ++i) {

			ppntace[i] = (struct cifs_ntace *)

					(acl_base + acl_size);

			ppace[i] = (struct cifs_ace *) ((char *)ppntace[i] +

					sizeof(struct cifs_ntace));

			parse_ntace(ppntace[i], end_of_acl);

			parse_ace(ppace[i], end_of_acl);

/*                      memcpy((void *)(&(cifscred->ntaces[i])),

                                (void *)ppntace[i],

                                sizeof(struct cifs_ntace));

                        memcpy((void *)(&(cifscred->aces[i])),

                                (void *)ppace[i],

                                sizeof(struct cifs_ace)); */

			acl_base = (char *)ppntace[i];

			acl_size = cpu_to_le32(ppntace[i]->size);

		}

		kfree(ppace);

		kfree(ppntace);

	}

	return;

}

static int parse_sid(struct cifs_sid *psid, char *end_of_acl)

{

	int i;

	int num_subauth;

	__u32 *psub_auth;

	/* BB need to add parm so we can store the SID BB */

	/* validate that we do not go past end of acl */

	if (end_of_acl < (char *)psid + sizeof(struct cifs_sid)) {

		cERROR(1, ("ACL to small to parse SID"));

		cERROR(1, ("ACL too small to parse SID"));

		return -EINVAL;

	}

	num_subauth = cpu_to_le32(psid->num_subauth);

	if (num_subauth) {

		psub_auth = (__u32 *)((char *)psid + sizeof(struct cifs_sid));

#ifdef CONFIG_CIFS_DEBUG2

	cFYI(1, ("revision %d num_auth %d First subauth 0x%x",

		cFYI(1, ("SID revision %d num_auth %d First subauth 0x%x",

			psid->revision, psid->num_subauth, psid->sub_auth[0]));

	/* BB add length check to make sure that we do not have huge num auths

	      and therefore go off the end */

	cFYI(1, ("RID 0x%x", le32_to_cpu(psid->sub_auth[psid->num_subauth])));

		for (i = 0; i < num_subauth; ++i) {

			cFYI(1, ("SID sub_auth[%d]: 0x%x ", i,

			le32_to_cpu(psub_auth[i])));

		}

		/* BB add length check to make sure that we do not have huge 

			num auths and therefore go off the end */

		cFYI(1, ("RID 0x%x", 

			le32_to_cpu(psid->sub_auth[psid->num_subauth])));

#endif

	}

	return 0;

}

/* Convert CIFS ACL to POSIX form */

int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len)

{

	int i, rc;

	int num_aces = 0;

	int acl_size;

	int rc;

	struct cifs_sid *owner_sid_ptr, *group_sid_ptr;

	struct cifs_acl *dacl_ptr; /* no need for SACL ptr */

	struct cifs_ntace **ppntace;

	struct cifs_ace **ppace;

	char *acl_base;

	char *end_of_acl = ((char *)pntsd) + acl_len;

	owner_sid_ptr = (struct cifs_sid *)((char *)pntsd +

	if (rc)

		return rc;

	parse_dacl(dacl_ptr, end_of_acl);

/*	cifscred->uid = owner_sid_ptr->rid;

	cifscred->gid = group_sid_ptr->rid;

	memcpy((void *)(&(cifscred->osid)), (void *)owner_sid_ptr,

	memcpy((void *)(&(cifscred->gsid)), (void *)group_sid_ptr,

			sizeof (struct cifs_sid)); */

	num_aces = cpu_to_le32(dacl_ptr->num_aces);

	cFYI(1, ("num aces %d", num_aces));

	if (num_aces  > 0) {

		ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *),

				GFP_KERNEL);

		ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),

				GFP_KERNEL);

/*		cifscred->cecount = dacl_ptr->num_aces;

		cifscred->ntaces = kmalloc(num_aces *

				sizeof(struct cifs_ntace *), GFP_KERNEL);

		cifscred->aces = kmalloc(num_aces *

				sizeof(struct cifs_ace *), GFP_KERNEL);*/

		acl_base = (char *)dacl_ptr;

		acl_size = sizeof(struct cifs_acl);

		for (i = 0; i < num_aces; ++i) {

			ppntace[i] = (struct cifs_ntace *)

						(acl_base + acl_size);

			ppace[i] = (struct cifs_ace *)

					((char *)ppntace[i] +

					sizeof(struct cifs_ntace));

/*			memcpy((void *)(&(cifscred->ntaces[i])),

				(void *)ntace_ptrptr[i],

				sizeof(struct cifs_ntace));

			memcpy((void *)(&(cifscred->aces[i])),

				(void *)ace_ptrptr[i],

				sizeof(struct cifs_ace)); */

			acl_base = (char *)ppntace[i];

			acl_size = cpu_to_le32(ppntace[i]->size);

#ifdef CONFIG_CIFS_DEBUG2

			cFYI(1, ("ACE revision:%d", ppace[i]->revision));

#endif

		}

		kfree(ppace);

		kfree(ppntace);

	}

	return (0);

}

	__u32 num_aces;

} __attribute__((packed));

struct cifs_ntace {

struct cifs_ntace { /* first part of ACE which contains perms */

	__u8 type;

	__u8 flags;

	__u16 size;

	__u32 access_req;

} __attribute__((packed));

struct cifs_ace {

struct cifs_ace { /* last part of ACE which includes user info */

	__u8 revision; /* revision level */

	__u8 num_subauth;

	__u8 authority[6];

#ifdef CONFIG_CIFS_WEAK_PW_HASH

extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key);

#endif /* CIFS_WEAK_PW_HASH */

extern int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len);

extern int parse_sec_desc(struct cifs_ntsd *, int);

extern int CIFSSMBCopy(int xid,

			struct cifsTconInfo *source_tcon,

			const char *fromName,

#include <asm/uaccess.h>

#include "cifspdu.h"

#include "cifsglob.h"

#include "cifsacl.h"

#include "cifsproto.h"

#include "cifs_unicode.h"

#include "cifs_debug.h"

#include "cifsacl.h"

#ifdef CONFIG_CIFS_POSIX

static struct {