提交 9541b813 编写于 作者: B Boris Protopopov 提交者: Steve French

Add SMB 2 support for getting and setting SACLs

Fix passing of the additional security info via version
operations. Force new open when getting SACL and avoid
reuse of files that were previously open without
sufficient privileges to access SACLs.
Signed-off-by: NBoris Protopopov <pboris@amazon.com>
Reviewed-by: NShyam Prasad N <sprasad@microsoft.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>
上级 3970acf7
...@@ -3369,9 +3369,9 @@ get_smb2_acl(struct cifs_sb_info *cifs_sb, ...@@ -3369,9 +3369,9 @@ get_smb2_acl(struct cifs_sb_info *cifs_sb,
struct cifs_ntsd *pntsd = NULL; struct cifs_ntsd *pntsd = NULL;
struct cifsFileInfo *open_file = NULL; struct cifsFileInfo *open_file = NULL;
if (inode) if (inode && !(info & SACL_SECINFO))
open_file = find_readable_file(CIFS_I(inode), true); open_file = find_readable_file(CIFS_I(inode), true);
if (!open_file) if (!open_file || (info & SACL_SECINFO))
return get_smb2_acl_by_path(cifs_sb, path, pacllen, info); return get_smb2_acl_by_path(cifs_sb, path, pacllen, info);
pntsd = get_smb2_acl_by_fid(cifs_sb, &open_file->fid, pacllen, info); pntsd = get_smb2_acl_by_fid(cifs_sb, &open_file->fid, pacllen, info);
......
...@@ -3480,8 +3480,10 @@ SMB311_posix_query_info(const unsigned int xid, struct cifs_tcon *tcon, ...@@ -3480,8 +3480,10 @@ SMB311_posix_query_info(const unsigned int xid, struct cifs_tcon *tcon,
int int
SMB2_query_acl(const unsigned int xid, struct cifs_tcon *tcon, SMB2_query_acl(const unsigned int xid, struct cifs_tcon *tcon,
u64 persistent_fid, u64 volatile_fid, u64 persistent_fid, u64 volatile_fid,
void **data, u32 *plen, u32 additional_info) void **data, u32 *plen, u32 extra_info)
{ {
__u32 additional_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO |
extra_info;
*plen = 0; *plen = 0;
return query_info(xid, tcon, persistent_fid, volatile_fid, return query_info(xid, tcon, persistent_fid, volatile_fid,
......
...@@ -340,21 +340,19 @@ static int cifs_xattr_get(const struct xattr_handler *handler, ...@@ -340,21 +340,19 @@ static int cifs_xattr_get(const struct xattr_handler *handler,
* fetch owner, DACL, and SACL if asked for full descriptor, * fetch owner, DACL, and SACL if asked for full descriptor,
* fetch owner and DACL otherwise * fetch owner and DACL otherwise
*/ */
u32 acllen, additional_info = 0; u32 acllen, extra_info;
struct cifs_ntsd *pacl; struct cifs_ntsd *pacl;
if (pTcon->ses->server->ops->get_acl == NULL) if (pTcon->ses->server->ops->get_acl == NULL)
goto out; /* rc already EOPNOTSUPP */ goto out; /* rc already EOPNOTSUPP */
if (handler->flags == XATTR_CIFS_NTSD_FULL) { if (handler->flags == XATTR_CIFS_NTSD_FULL) {
additional_info = OWNER_SECINFO | GROUP_SECINFO | extra_info = SACL_SECINFO;
DACL_SECINFO | SACL_SECINFO;
} else { } else {
additional_info = OWNER_SECINFO | GROUP_SECINFO | extra_info = 0;
DACL_SECINFO;
} }
pacl = pTcon->ses->server->ops->get_acl(cifs_sb, pacl = pTcon->ses->server->ops->get_acl(cifs_sb,
inode, full_path, &acllen, additional_info); inode, full_path, &acllen, extra_info);
if (IS_ERR(pacl)) { if (IS_ERR(pacl)) {
rc = PTR_ERR(pacl); rc = PTR_ERR(pacl);
cifs_dbg(VFS, "%s: error %zd getting sec desc\n", cifs_dbg(VFS, "%s: error %zd getting sec desc\n",
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册