diff options
author | Aurelien Aptel <aaptel@suse.com> | 2019-09-17 01:47:27 +0200 |
---|---|---|
committer | Steve French <stfrench@microsoft.com> | 2019-09-17 01:49:11 +0200 |
commit | e37a02c7ebb9fa9af301c47c8c5a579cc51b509b (patch) | |
tree | 77a62d2b69486f485aca235e16d5a764ca4ff2c6 /fs | |
parent | cifs: cifsroot: add more err checking (diff) | |
download | linux-e37a02c7ebb9fa9af301c47c8c5a579cc51b509b.tar.xz linux-e37a02c7ebb9fa9af301c47c8c5a579cc51b509b.zip |
cifs: modefromsid: write mode ACE first
DACL should start with mode ACE first but we are putting it at the
end. reorder them to put it first.
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/cifs/cifsacl.c | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 3e0c5ed9ca20..f842944a5c76 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -809,30 +809,21 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid, struct cifs_sid *pgrpsid, __u64 nmode, bool modefromsid) { u16 size = 0; + u32 num_aces = 0; struct cifs_acl *pnndacl; pnndacl = (struct cifs_acl *)((char *)pndacl + sizeof(struct cifs_acl)); - size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size), - pownersid, nmode, S_IRWXU); - size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size), - pgrpsid, nmode, S_IRWXG); - size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size), - &sid_everyone, nmode, S_IRWXO); - - /* TBD: Move this ACE to the top of ACE list instead of bottom */ if (modefromsid) { struct cifs_ace *pntace = (struct cifs_ace *)((char *)pnndacl + size); int i; - pntace->type = ACCESS_DENIED; + pntace->type = ACCESS_ALLOWED; pntace->flags = 0x0; + pntace->access_req = 0; pntace->sid.num_subauth = 3; pntace->sid.revision = 1; - /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth * 4) */ - pntace->size = cpu_to_le16(28); - size += 28; for (i = 0; i < NUM_AUTHS; i++) pntace->sid.authority[i] = sid_unix_NFS_mode.authority[i]; @@ -840,12 +831,23 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid, pntace->sid.sub_auth[1] = sid_unix_NFS_mode.sub_auth[1]; pntace->sid.sub_auth[2] = cpu_to_le32(nmode & 07777); - pndacl->num_aces = cpu_to_le32(4); - size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size), - &sid_unix_NFS_mode, nmode, S_IRWXO); - } else - pndacl->num_aces = cpu_to_le32(3); + /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */ + pntace->size = cpu_to_le16(28); + size += 28; + num_aces++; + } + + size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size), + pownersid, nmode, S_IRWXU); + num_aces++; + size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size), + pgrpsid, nmode, S_IRWXG); + num_aces++; + size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size), + &sid_everyone, nmode, S_IRWXO); + num_aces++; + pndacl->num_aces = cpu_to_le32(num_aces); pndacl->size = cpu_to_le16(size + sizeof(struct cifs_acl)); return 0; |