* Fill in the special SID based on the mode. See
* https://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx
*/
-unsigned int setup_special_mode_ACE(struct smb_ace *pntace, __u64 nmode)
+unsigned int setup_special_mode_ACE(struct smb_ace *pntace,
+ bool posix,
+ __u64 nmode)
{
int i;
unsigned int ace_size = 28;
- pntace->type = ACCESS_DENIED_ACE_TYPE;
+ if (posix)
+ pntace->type = ACCESS_ALLOWED_ACE_TYPE;
+ else
+ pntace->type = ACCESS_DENIED_ACE_TYPE;
pntace->flags = 0x0;
pntace->access_req = 0;
pntace->sid.num_subauth = 3;
struct smb_sid *pownersid,
struct smb_sid *pgrpsid,
__u64 *pnmode, u32 *pnum_aces, u16 *pnsize,
- bool modefromsid)
+ bool modefromsid,
+ bool posix)
{
__u64 nmode;
u32 num_aces = 0;
num_aces = *pnum_aces;
nsize = *pnsize;
- if (modefromsid) {
- pnntace = (struct smb_ace *) (nacl_base + nsize);
- nsize += setup_special_mode_ACE(pnntace, nmode);
- num_aces++;
+ if (modefromsid || posix) {
pnntace = (struct smb_ace *) (nacl_base + nsize);
- nsize += setup_authusers_ACE(pnntace);
+ nsize += setup_special_mode_ACE(pnntace, posix, nmode);
num_aces++;
+ if (modefromsid) {
+ pnntace = (struct smb_ace *) (nacl_base + nsize);
+ nsize += setup_authusers_ACE(pnntace);
+ num_aces++;
+ }
goto set_size;
}
static int set_chmod_dacl(struct smb_acl *pdacl, struct smb_acl *pndacl,
struct smb_sid *pownersid, struct smb_sid *pgrpsid,
- __u64 *pnmode, bool mode_from_sid)
+ __u64 *pnmode, bool mode_from_sid, bool posix)
{
int i;
u16 size = 0;
nsize = sizeof(struct smb_acl);
/* If pdacl is NULL, we don't have a src. Simply populate new ACL. */
- if (!pdacl) {
+ if (!pdacl || posix) {
populate_new_aces(nacl_base,
pownersid, pgrpsid,
pnmode, &num_aces, &nsize,
- mode_from_sid);
+ mode_from_sid, posix);
goto finalize_dacl;
}
populate_new_aces(nacl_base,
pownersid, pgrpsid,
pnmode, &num_aces, &nsize,
- mode_from_sid);
+ mode_from_sid, posix);
new_aces_set = true;
}
populate_new_aces(nacl_base,
pownersid, pgrpsid,
pnmode, &num_aces, &nsize,
- mode_from_sid);
+ mode_from_sid, posix);
new_aces_set = true;
}
/* Convert permission bits from mode to equivalent CIFS ACL */
static int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *pnntsd,
__u32 secdesclen, __u32 *pnsecdesclen, __u64 *pnmode, kuid_t uid, kgid_t gid,
- bool mode_from_sid, bool id_from_sid, int *aclflag)
+ bool mode_from_sid, bool id_from_sid, bool posix, int *aclflag)
{
int rc = 0;
__u32 dacloffset;
ndacl_ptr->num_aces = cpu_to_le32(0);
rc = set_chmod_dacl(dacl_ptr, ndacl_ptr, owner_sid_ptr, group_sid_ptr,
- pnmode, mode_from_sid);
+ pnmode, mode_from_sid, posix);
sidsoffset = ndacloffset + le16_to_cpu(ndacl_ptr->size);
/* copy the non-dacl portion of secdesc */
struct tcon_link *tlink = cifs_sb_tlink(cifs_sb);
struct smb_version_operations *ops;
bool mode_from_sid, id_from_sid;
+ bool posix = tlink_tcon(tlink)->posix_extensions;
const u32 info = 0;
if (IS_ERR(tlink))
id_from_sid = false;
/* Potentially, five new ACEs can be added to the ACL for U,G,O mapping */
- nsecdesclen = secdesclen;
if (pnmode && *pnmode != NO_CHANGE_64) { /* chmod */
- if (mode_from_sid)
- nsecdesclen += 2 * sizeof(struct smb_ace);
+ if (posix)
+ nsecdesclen = 1 * sizeof(struct smb_ace);
+ else if (mode_from_sid)
+ nsecdesclen = secdesclen + (2 * sizeof(struct smb_ace));
else /* cifsacl */
- nsecdesclen += 5 * sizeof(struct smb_ace);
+ nsecdesclen = secdesclen + (5 * sizeof(struct smb_ace));
} else { /* chown */
/* When ownership changes, changes new owner sid length could be different */
nsecdesclen = sizeof(struct smb_ntsd) + (sizeof(struct smb_sid) * 2);
}
rc = build_sec_desc(pntsd, pnntsd, secdesclen, &nsecdesclen, pnmode, uid, gid,
- mode_from_sid, id_from_sid, &aclflag);
+ mode_from_sid, id_from_sid, posix, &aclflag);
cifs_dbg(NOISY, "build_sec_desc rc: %d\n", rc);
projects / users / jedix / linux-maple.git / commitdiff