diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-12-12 18:24:13 +0100 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-12-12 18:24:13 +0100 |
| commit | 6facac1ab68fbf9cbad31a9d521f3a0d6aa9470e (patch) | |
| tree | 1b00b4d9aab6c5567036157044da98857a84237a /fs/cifs/cifsacl.h | |
| parent | Merge tag 'for-linus-v3.8-rc1' of git://oss.sgi.com/xfs/xfs (diff) | |
| parent | CIFS: Fix write after setting a read lock for read oplock files (diff) | |
| download | linux-6facac1ab68fbf9cbad31a9d521f3a0d6aa9470e.tar.xz linux-6facac1ab68fbf9cbad31a9d521f3a0d6aa9470e.zip | |
Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6
Pull CIFS fixes from Steve French:
"This includes a set of misc. cifs fixes (most importantly some byte
range lock related write fixes from Pavel, and some ACL and idmap
related fixes from Jeff) but also includes the SMB2.02 dialect
enablement, and a key fix for SMB3 mounts.
Default authentication upgraded to ntlmv2 for cifs (it was already
ntlmv2 for smb2)"
* 'for-next' of git://git.samba.org/sfrench/cifs-2.6: (43 commits)
CIFS: Fix write after setting a read lock for read oplock files
cifs: parse the device name into UNC and prepath
cifs: fix up handling of prefixpath= option
cifs: clean up handling of unc= option
cifs: fix SID binary to string conversion
fix "disabling echoes and oplocks" on SMB2 mounts
Do not send SMB2 signatures for SMB3 frames
cifs: deal with id_to_sid embedded sid reply corner case
cifs: fix hardcoded default security descriptor length
cifs: extra sanity checking for cifs.idmap keys
cifs: avoid extra allocation for small cifs.idmap keys
cifs: simplify id_to_sid and sid_to_id mapping code
CIFS: Fix possible data coherency problem after oplock break to None
CIFS: Do not permit write to a range mandatory locked with a read lock
cifs: rename cifs_readdir_lookup to cifs_prime_dcache and make it void return
cifs: Add CONFIG_CIFS_DEBUG and rename use of CIFS_DEBUG
cifs: Make CIFS_DEBUG possible to undefine
SMB3 mounts fail with access denied to some servers
cifs: Remove unused cEVENT macro
cifs: always zero out smb_vol before parsing options
...
Diffstat (limited to 'fs/cifs/cifsacl.h')
| -rw-r--r-- | fs/cifs/cifsacl.h | 66 |
1 files changed, 32 insertions, 34 deletions
diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 5c902c7ce524..4f3884835267 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -23,11 +23,8 @@ #define _CIFSACL_H -#define NUM_AUTHS 6 /* number of authority fields */ -#define NUM_SUBAUTHS 5 /* number of sub authority fields */ -#define NUM_WK_SIDS 7 /* number of well known sids */ -#define SIDNAMELENGTH 20 /* long enough for the ones we care about */ -#define DEFSECDESCLEN 192 /* sec desc len contaiting a dacl with three aces */ +#define NUM_AUTHS (6) /* number of authority fields */ +#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */ #define READ_BIT 0x4 #define WRITE_BIT 0x2 @@ -41,12 +38,32 @@ #define SIDOWNER 1 #define SIDGROUP 2 -#define SIDLEN 150 /* S- 1 revision- 6 authorities- max 5 sub authorities */ -#define SID_ID_MAPPED 0 -#define SID_ID_PENDING 1 -#define SID_MAP_EXPIRE (3600 * HZ) /* map entry expires after one hour */ -#define SID_MAP_RETRY (300 * HZ) /* wait 5 minutes for next attempt to map */ +/* + * Security Descriptor length containing DACL with 3 ACEs (one each for + * owner, group and world). + */ +#define DEFAULT_SEC_DESC_LEN (sizeof(struct cifs_ntsd) + \ + sizeof(struct cifs_acl) + \ + (sizeof(struct cifs_ace) * 3)) + +/* + * Maximum size of a string representation of a SID: + * + * The fields are unsigned values in decimal. So: + * + * u8: max 3 bytes in decimal + * u32: max 10 bytes in decimal + * + * "S-" + 3 bytes for version field + 15 for authority field + NULL terminator + * + * For authority field, max is when all 6 values are non-zero and it must be + * represented in hex. So "-0x" + 12 hex digits. + * + * Add 11 bytes for each subauthority field (10 bytes each + 1 for '-') + */ +#define SID_STRING_BASE_SIZE (2 + 3 + 15 + 1) +#define SID_STRING_SUBAUTH_SIZE (11) /* size of a single subauth string */ struct cifs_ntsd { __le16 revision; /* revision level */ @@ -60,10 +77,13 @@ struct cifs_ntsd { struct cifs_sid { __u8 revision; /* revision level */ __u8 num_subauth; - __u8 authority[6]; - __le32 sub_auth[5]; /* sub_auth[num_subauth] */ + __u8 authority[NUM_AUTHS]; + __le32 sub_auth[SID_MAX_SUB_AUTHORITIES]; /* sub_auth[num_subauth] */ } __attribute__((packed)); +/* size of a struct cifs_sid, sans sub_auth array */ +#define CIFS_SID_BASE_SIZE (1 + 1 + NUM_AUTHS) + struct cifs_acl { __le16 revision; /* revision level */ __le16 size; @@ -78,26 +98,4 @@ struct cifs_ace { struct cifs_sid sid; /* ie UUID of user or group who gets these perms */ } __attribute__((packed)); -struct cifs_wksid { - struct cifs_sid cifssid; - char sidname[SIDNAMELENGTH]; -} __attribute__((packed)); - -struct cifs_sid_id { - unsigned int refcount; /* increment with spinlock, decrement without */ - unsigned long id; - unsigned long time; - unsigned long state; - char *sidstr; - struct rb_node rbnode; - struct cifs_sid sid; -}; - -#ifdef __KERNEL__ -extern struct key_type cifs_idmap_key_type; -extern const struct cred *root_cred; -#endif /* KERNEL */ - -extern int compare_sids(const struct cifs_sid *, const struct cifs_sid *); - #endif /* _CIFSACL_H */ |