summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2012-11-25 14:00:37 +0100
committerSteve French <smfrench@gmail.com>2012-12-05 20:13:11 +0100
commit30c9d6cca526243abe6c08eb6fa03db9d2b1a630 (patch)
tree1f520868df107ccad9c78b88be0ccea87a24766b
parentcifs: make cifs_copy_sid handle a source sid with variable size subauth arrays (diff)
downloadlinux-30c9d6cca526243abe6c08eb6fa03db9d2b1a630.tar.xz
linux-30c9d6cca526243abe6c08eb6fa03db9d2b1a630.zip
cifs: redefine NUM_SUBAUTH constant from 5 to 15
According to several places on the Internet and the samba winbind code, this is hard limited to 15 in windows, not 5. This does balloon out the allocation of each by 40 bytes, but I don't see any alternative. Also, rename it to SID_MAX_SUB_AUTHORITIES to match the alleged name of this constant in the windows header files Finally, rename SIDLEN to SID_STRING_MAX, fix the value to reflect the change to SID_MAX_SUB_AUTHORITIES and document how it was determined. Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
-rw-r--r--fs/cifs/cifsacl.c6
-rw-r--r--fs/cifs/cifsacl.h19
2 files changed, 19 insertions, 6 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 141a944c9dfd..dd8d3df74298 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -280,7 +280,7 @@ cifs_copy_sid(struct cifs_sid *dst, const struct cifs_sid *src)
int i;
dst->revision = src->revision;
- dst->num_subauth = min_t(u8, src->num_subauth, NUM_SUBAUTHS);
+ dst->num_subauth = min_t(u8, src->num_subauth, SID_MAX_SUB_AUTHORITIES);
for (i = 0; i < NUM_AUTHS; ++i)
dst->authority[i] = src->authority[i];
for (i = 0; i < dst->num_subauth; ++i)
@@ -383,7 +383,7 @@ id_to_sid(unsigned long cid, uint sidtype, struct cifs_sid *ssid)
if (!npsidid)
return -ENOMEM;
- npsidid->sidstr = kmalloc(SIDLEN, GFP_KERNEL);
+ npsidid->sidstr = kmalloc(SID_STRING_MAX, GFP_KERNEL);
if (!npsidid->sidstr) {
kfree(npsidid);
return -ENOMEM;
@@ -500,7 +500,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct cifs_sid *psid,
if (!npsidid)
return -ENOMEM;
- npsidid->sidstr = kmalloc(SIDLEN, GFP_KERNEL);
+ npsidid->sidstr = kmalloc(SID_STRING_MAX, GFP_KERNEL);
if (!npsidid->sidstr) {
kfree(npsidid);
return -ENOMEM;
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h
index 7e52f19f996f..8b980cd445c0 100644
--- a/fs/cifs/cifsacl.h
+++ b/fs/cifs/cifsacl.h
@@ -24,7 +24,7 @@
#define NUM_AUTHS 6 /* number of authority fields */
-#define NUM_SUBAUTHS 5 /* number of sub authority fields */
+#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
#define NUM_WK_SIDS 7 /* number of well known sids */
#define SIDNAMELENGTH 20 /* long enough for the ones we care about */
#define DEFSECDESCLEN 192 /* sec desc len contaiting a dacl with three aces */
@@ -41,7 +41,20 @@
#define SIDOWNER 1
#define SIDGROUP 2
-#define SIDLEN 150 /* S- 1 revision- 6 authorities- max 5 sub authorities */
+
+/*
+ * Maximum size of a string representation of a SID:
+ *
+ * The fields are unsigned values in decimal. So:
+ *
+ * u8: max 3 bytes in decimal
+ * u32: max 10 bytes in decimal
+ *
+ * "S-" + 3 bytes for version field + 4 bytes for each authority field (3 bytes
+ * per number + 1 for '-') + 11 bytes for each subauthority field (10 bytes
+ * per number + 1 for '-') + NULL terminator.
+ */
+#define SID_STRING_MAX (195)
#define SID_ID_MAPPED 0
#define SID_ID_PENDING 1
@@ -61,7 +74,7 @@ struct cifs_sid {
__u8 revision; /* revision level */
__u8 num_subauth;
__u8 authority[NUM_AUTHS];
- __le32 sub_auth[NUM_SUBAUTHS]; /* sub_auth[num_subauth] */
+ __le32 sub_auth[SID_MAX_SUB_AUTHORITIES]; /* sub_auth[num_subauth] */
} __attribute__((packed));
/* size of a struct cifs_sid, sans sub_auth array */