Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 953f868138dbf4300196780379476ab9f07f263a^! / . / fs / cifs / cifsacl.c
commit953f868138dbf4300196780379476ab9f07f263a[log] [tgz]
authorSteve French <sfrench@us.ibm.com>Wed Oct 31 04:54:42 2007 +0000
committerSteve French <sfrench@us.ibm.com>Wed Oct 31 04:54:42 2007 +0000
treee0dfbaebe02e75094033425fc4274328c5928dd0
parente01b64001359034d04c695388870936ed3d1b56b [diff] [blame]
[CIFS] Don't request too much permission when reading an ACL

We were requesting GENERIC_READ but that fails when  we do not have
read permission on the file (even if we could read the ACL).

Also move the dump access control entry code into debug ifdef.

Signed-off-by: Steve French <sfrench@us.ibm.com>

diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 629b96c..f1215df 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c

@@ -162,7 +162,8 @@
 }
 
 
-static void parse_ace(struct cifs_ace *pace, char *end_of_acl)
+#ifdef CONFIG_CIFS_DEBUG2
+static void dump_ace(struct cifs_ace *pace, char *end_of_acl)
 {
 	int num_subauth;
 
@@ -180,7 +181,6 @@
 
 	num_subauth = pace->sid.num_subauth;
 	if (num_subauth) {
-#ifdef CONFIG_CIFS_DEBUG2
 		int i;
 		cFYI(1, ("ACE revision %d num_auth %d type %d flags %d size %d",
 			pace->sid.revision, pace->sid.num_subauth, pace->type,
@@ -192,11 +192,11 @@
 
 		/* BB add length check to make sure that we do not have huge
 			num auths and therefore go off the end */
-#endif
 	}
 
 	return;
 }
+#endif
 
 
 static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl,
@@ -240,9 +240,9 @@
 
 		for (i = 0; i < num_aces; ++i) {
 			ppace[i] = (struct cifs_ace *) (acl_base + acl_size);
-
-			parse_ace(ppace[i], end_of_acl);
-
+#ifdef CONFIG_CIFS_DEBUG2
+			dump_ace(ppace[i], end_of_acl);
+#endif
 			if (compare_sids(&(ppace[i]->sid), pownersid))
 				access_flags_to_mode(ppace[i]->access_req,
 						&(inode->i_mode), S_IRWXU);
@@ -385,7 +385,7 @@
 		int oplock = FALSE;
 		/* open file */
 		rc = CIFSSMBOpen(xid, cifs_sb->tcon, path, FILE_OPEN,
-				GENERIC_READ, 0, &fid, &oplock, NULL,
+				READ_CONTROL, 0, &fid, &oplock, NULL,
 				cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
 					CIFS_MOUNT_MAP_SPECIAL_CHR);
 		if (rc != 0) {
@@ -409,4 +409,22 @@
 	FreeXid(xid);
 	return;
 }
+
+int mode_to_acl(struct inode *inode, const char *path)
+{
+	int rc = 0;
+	__u32 acllen = 0;
+	struct cifs_ntsd *pntsd = NULL;
+
+	cFYI(1, ("set ACL from mode for %s", path));
+
+	/* Get the security descriptor */
+
+	/* Add/Modify the three ACEs for owner, group, everyone */
+
+	/* Set the security descriptor */
+	kfree(pntsd);
+
+	return rc;
+}
 #endif /* CONFIG_CIFS_EXPERIMENTAL */