linux-cifs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Aurelien Aptel <aaptel@suse.com>
To: linux-cifs@vger.kernel.org
Cc: smfrench@gmail.com, Aurelien Aptel <aaptel@suse.com>,
	Steve French <stfrench@microsoft.com>
Subject: [PATCH v3 2/2] cifs: modefromsid: write mode ACE first
Date: Tue, 17 Sep 2019 01:47:27 +0200	[thread overview]
Message-ID: <20190916234727.1501-1-aaptel@suse.com> (raw)
In-Reply-To: <20190916190943.21560-1-aaptel@suse.com>

DACL should start with mode ACE first but we are putting it at the
end. reorder them to put it first.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
---
 fs/cifs/cifsacl.c | 36 +++++++++++++++++++-----------------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 3e0c5ed9ca20..f842944a5c76 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -809,30 +809,21 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid,
 			struct cifs_sid *pgrpsid, __u64 nmode, bool modefromsid)
 {
 	u16 size = 0;
+	u32 num_aces = 0;
 	struct cifs_acl *pnndacl;
 
 	pnndacl = (struct cifs_acl *)((char *)pndacl + sizeof(struct cifs_acl));
 
-	size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size),
-					pownersid, nmode, S_IRWXU);
-	size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-					pgrpsid, nmode, S_IRWXG);
-	size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-					 &sid_everyone, nmode, S_IRWXO);
-
-	/* TBD: Move this ACE to the top of ACE list instead of bottom */
 	if (modefromsid) {
 		struct cifs_ace *pntace =
 			(struct cifs_ace *)((char *)pnndacl + size);
 		int i;
 
-		pntace->type = ACCESS_DENIED;
+		pntace->type = ACCESS_ALLOWED;
 		pntace->flags = 0x0;
+		pntace->access_req = 0;
 		pntace->sid.num_subauth = 3;
 		pntace->sid.revision = 1;
-		/* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth * 4) */
-		pntace->size = cpu_to_le16(28);
-		size += 28;
 		for (i = 0; i < NUM_AUTHS; i++)
 			pntace->sid.authority[i] =
 				sid_unix_NFS_mode.authority[i];
@@ -840,12 +831,23 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid,
 		pntace->sid.sub_auth[1] = sid_unix_NFS_mode.sub_auth[1];
 		pntace->sid.sub_auth[2] = cpu_to_le32(nmode & 07777);
 
-		pndacl->num_aces = cpu_to_le32(4);
-		size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-					 &sid_unix_NFS_mode, nmode, S_IRWXO);
-	} else
-		pndacl->num_aces = cpu_to_le32(3);
+		/* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */
+		pntace->size = cpu_to_le16(28);
+		size += 28;
+		num_aces++;
+	}
+
+	size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size),
+					pownersid, nmode, S_IRWXU);
+	num_aces++;
+	size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
+					pgrpsid, nmode, S_IRWXG);
+	num_aces++;
+	size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
+					 &sid_everyone, nmode, S_IRWXO);
+	num_aces++;
 
+	pndacl->num_aces = cpu_to_le32(num_aces);
 	pndacl->size = cpu_to_le16(size + sizeof(struct cifs_acl));
 
 	return 0;
-- 
2.16.4


      reply	other threads:[~2019-09-16 23:47 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CAH2r5mu+=ACLDGiauPAMh-7DDzhsORpuUvVKMoAhxC6WTT7bsw@mail.gmail.com>
2019-09-16 19:09 ` [PATCH v2 2/2] cifs: modefromsid: write mode ACE with DENY first Aurelien Aptel
2019-09-16 23:47   ` Aurelien Aptel [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190916234727.1501-1-aaptel@suse.com \
    --to=aaptel@suse.com \
    --cc=linux-cifs@vger.kernel.org \
    --cc=smfrench@gmail.com \
    --cc=stfrench@microsoft.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).