Lines Matching +full:set +full:- +full:aces

1 // SPDX-License-Identifier: LGPL-2.1
15 #include <linux/key-type.h>
19 #include <keys/user-type.h>
36 /* S-1-22-1 Unmapped Unix users */
40 /* S-1-22-2 Unmapped Unix groups */
45 * See https://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx
48 /* S-1-5-88 MS NFS and Apple style UID/GID/mode */
50 /* S-1-5-88-1 Unix uid */
55 /* S-1-5-88-2 Unix gid */
60 /* S-1-5-88-3 Unix mode */
80 if (prep->datalen <= sizeof(key->payload)) { in cifs_idmap_key_instantiate()
81 key->payload.data[0] = NULL; in cifs_idmap_key_instantiate()
82 memcpy(&key->payload, prep->data, prep->datalen); in cifs_idmap_key_instantiate()
84 payload = kmemdup(prep->data, prep->datalen, GFP_KERNEL); in cifs_idmap_key_instantiate()
86 return -ENOMEM; in cifs_idmap_key_instantiate()
87 key->payload.data[0] = payload; in cifs_idmap_key_instantiate()
90 key->datalen = prep->datalen; in cifs_idmap_key_instantiate()
97 if (key->datalen > sizeof(key->payload)) in cifs_idmap_key_destroy()
98 kfree(key->payload.data[0]); in cifs_idmap_key_destroy()
118 (SID_STRING_SUBAUTH_SIZE * sidptr->num_subauth), in sid_to_key_str()
124 len = sprintf(strptr, "%cs:S-%hhu", type == SIDOWNER ? 'o' : 'g', in sid_to_key_str()
125 sidptr->revision); in sid_to_key_str()
128 /* The authority field is a single 48-bit number */ in sid_to_key_str()
129 id_auth_val = (unsigned long long)sidptr->authority[5]; in sid_to_key_str()
130 id_auth_val |= (unsigned long long)sidptr->authority[4] << 8; in sid_to_key_str()
131 id_auth_val |= (unsigned long long)sidptr->authority[3] << 16; in sid_to_key_str()
132 id_auth_val |= (unsigned long long)sidptr->authority[2] << 24; in sid_to_key_str()
133 id_auth_val |= (unsigned long long)sidptr->authority[1] << 32; in sid_to_key_str()
134 id_auth_val |= (unsigned long long)sidptr->authority[0] << 48; in sid_to_key_str()
137 * MS-DTYP states that if the authority is >= 2^32, then it should be in sid_to_key_str()
141 len = sprintf(strptr, "-%llu", id_auth_val); in sid_to_key_str()
143 len = sprintf(strptr, "-0x%llx", id_auth_val); in sid_to_key_str()
147 for (i = 0; i < sidptr->num_subauth; ++i) { in sid_to_key_str()
148 saval = le32_to_cpu(sidptr->sub_auth[i]); in sid_to_key_str()
149 len = sprintf(strptr, "-%u", saval); in sid_to_key_str()
158 * the same returns zero, if they do not match returns non-zero.
170 if (ctsid->revision != cwsid->revision) { in compare_sids()
171 if (ctsid->revision > cwsid->revision) in compare_sids()
174 return -1; in compare_sids()
179 if (ctsid->authority[i] != cwsid->authority[i]) { in compare_sids()
180 if (ctsid->authority[i] > cwsid->authority[i]) in compare_sids()
183 return -1; in compare_sids()
188 num_sat = ctsid->num_subauth; in compare_sids()
189 num_saw = cwsid->num_subauth; in compare_sids()
193 if (ctsid->sub_auth[i] != cwsid->sub_auth[i]) { in compare_sids()
194 if (le32_to_cpu(ctsid->sub_auth[i]) > in compare_sids()
195 le32_to_cpu(cwsid->sub_auth[i])) in compare_sids()
198 return -1; in compare_sids()
216 num_subauth = psid->num_subauth; in is_well_known_sid()
233 if (psid->revision != pwell_known_sid->revision) in is_well_known_sid()
238 if (psid->authority[i] != pwell_known_sid->authority[i]) { in is_well_known_sid()
245 if (psid->sub_auth[0] != pwell_known_sid->sub_auth[0]) in is_well_known_sid()
248 *puid = le32_to_cpu(psid->sub_auth[1]); in is_well_known_sid()
250 *puid = le32_to_cpu(psid->sub_auth[0]); in is_well_known_sid()
251 if ((psid->sub_auth[0] != pwell_known_sid->sub_auth[0]) || in is_well_known_sid()
252 (psid->sub_auth[1] != pwell_known_sid->sub_auth[1])) in is_well_known_sid()
255 *puid = le32_to_cpu(psid->sub_auth[2]); in is_well_known_sid()
268 dst->revision = src->revision; in cifs_copy_sid()
269 dst->num_subauth = min_t(u8, src->num_subauth, SID_MAX_SUB_AUTHORITIES); in cifs_copy_sid()
271 dst->authority[i] = src->authority[i]; in cifs_copy_sid()
272 for (i = 0; i < dst->num_subauth; ++i) in cifs_copy_sid()
273 dst->sub_auth[i] = src->sub_auth[i]; in cifs_copy_sid()
274 size += (dst->num_subauth * 4); in cifs_copy_sid()
292 return -EINVAL; in id_to_sid()
298 rc = -EINVAL; in id_to_sid()
302 } else if (sidkey->datalen < CIFS_SID_BASE_SIZE) { in id_to_sid()
303 rc = -EIO; in id_to_sid()
305 __func__, sidkey->datalen); in id_to_sid()
311 * there are no subauthorities and the host has 8-byte pointers, then in id_to_sid()
314 ksid = sidkey->datalen <= sizeof(sidkey->payload) ? in id_to_sid()
315 (struct smb_sid *)&sidkey->payload : in id_to_sid()
316 (struct smb_sid *)sidkey->payload.data[0]; in id_to_sid()
318 ksid_size = CIFS_SID_BASE_SIZE + (ksid->num_subauth * sizeof(__le32)); in id_to_sid()
319 if (ksid_size > sidkey->datalen) { in id_to_sid()
320 rc = -EIO; in id_to_sid()
322 __func__, sidkey->datalen, ksid_size); in id_to_sid()
346 kuid_t fuid = cifs_sb->ctx->linux_uid; in sid_to_id()
347 kgid_t fgid = cifs_sb->ctx->linux_gid; in sid_to_id()
353 if (unlikely(psid->num_subauth > SID_MAX_SUB_AUTHORITIES)) { in sid_to_id()
355 __func__, psid->num_subauth); in sid_to_id()
356 return -EIO; in sid_to_id()
359 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_UID_FROM_ACL) || in sid_to_id()
360 (cifs_sb_master_tcon(cifs_sb)->posix_extensions)) { in sid_to_id()
399 return -ENOMEM; in sid_to_id()
415 if (sidkey->datalen != sizeof(uid_t)) { in sid_to_id()
417 __func__, sidkey->datalen); in sid_to_id()
425 memcpy(&id, &sidkey->payload.data[0], sizeof(uid_t)); in sid_to_id()
432 memcpy(&id, &sidkey->payload.data[0], sizeof(gid_t)); in sid_to_id()
446 * fails then we just fall back to using the ctx->linux_uid/linux_gid. in sid_to_id()
451 fattr->cf_uid = fuid; in sid_to_id()
453 fattr->cf_gid = fgid; in sid_to_id()
467 /* create an override credential set with a special thread keyring in in init_cifs_idmap()
475 return -ENOMEM; in init_cifs_idmap()
493 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); in init_cifs_idmap()
494 cred->thread_keyring = keyring; in init_cifs_idmap()
495 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; in init_cifs_idmap()
511 key_revoke(root_cred->thread_keyring); in exit_cifs_idmap()
528 pnntsd->revision = pntsd->revision; in copy_sec_desc()
529 pnntsd->type = pntsd->type; in copy_sec_desc()
530 pnntsd->dacloffset = cpu_to_le32(sizeof(struct smb_ntsd)); in copy_sec_desc()
531 pnntsd->sacloffset = 0; in copy_sec_desc()
532 pnntsd->osidoffset = cpu_to_le32(sidsoffset); in copy_sec_desc()
533 pnntsd->gsidoffset = cpu_to_le32(sidsoffset + sizeof(struct smb_sid)); in copy_sec_desc()
540 le32_to_cpu(pntsd->osidoffset)); in copy_sec_desc()
549 le32_to_cpu(pntsd->gsidoffset)); in copy_sec_desc()
561 bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 00007
571 * permission in later ACEs do not matter. in access_flags_to_mode()
624 /* If DELETE_CHILD is set only on an owner ACE, set sticky bit */ in access_flags_to_mode()
673 dst->type = src->type; in cifs_copy_ace()
674 dst->flags = src->flags; in cifs_copy_ace()
675 dst->access_req = src->access_req; in cifs_copy_ace()
679 size += cifs_copy_sid(&dst->sid, psid); in cifs_copy_ace()
681 size += cifs_copy_sid(&dst->sid, &src->sid); in cifs_copy_ace()
683 dst->size = cpu_to_le16(size); in cifs_copy_ace()
697 pntace->type = access_type; in fill_ace_for_sid()
698 pntace->flags = 0x0; in fill_ace_for_sid()
709 pntace->access_req = cpu_to_le32(access_req); in fill_ace_for_sid()
711 pntace->sid.revision = psid->revision; in fill_ace_for_sid()
712 pntace->sid.num_subauth = psid->num_subauth; in fill_ace_for_sid()
714 pntace->sid.authority[i] = psid->authority[i]; in fill_ace_for_sid()
715 for (i = 0; i < psid->num_subauth; i++) in fill_ace_for_sid()
716 pntace->sid.sub_auth[i] = psid->sub_auth[i]; in fill_ace_for_sid()
718 size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth * 4); in fill_ace_for_sid()
719 pntace->size = cpu_to_le16(size); in fill_ace_for_sid()
732 if (le16_to_cpu(pace->size) < 16) { in dump_ace()
733 cifs_dbg(VFS, "ACE too small %d\n", le16_to_cpu(pace->size)); in dump_ace()
737 if (end_of_acl < (char *)pace + le16_to_cpu(pace->size)) { in dump_ace()
742 num_subauth = pace->sid.num_subauth; in dump_ace()
746 pace->sid.revision, pace->sid.num_subauth, pace->type, in dump_ace()
747 pace->flags, le16_to_cpu(pace->size)); in dump_ace()
750 i, le32_to_cpu(pace->sid.sub_auth[i])); in dump_ace()
774 /* no DACL in the security descriptor, set in parse_dacl()
776 fattr->cf_mode |= 0777; in parse_dacl()
781 if (end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) { in parse_dacl()
786 cifs_dbg(NOISY, "DACL revision %d size %d num aces %d\n", in parse_dacl()
787 le16_to_cpu(pdacl->revision), le16_to_cpu(pdacl->size), in parse_dacl()
788 le32_to_cpu(pdacl->num_aces)); in parse_dacl()
791 Also, if num_aces is 0 i.e. DACL has no ACEs, in parse_dacl()
793 fattr->cf_mode &= ~(0777); in parse_dacl()
798 num_aces = le32_to_cpu(pdacl->num_aces); in parse_dacl()
815 (compare_sids(&(ppace[i]->sid), in parse_dacl()
822 fattr->cf_mode &= ~07777; in parse_dacl()
823 fattr->cf_mode |= in parse_dacl()
824 le32_to_cpu(ppace[i]->sid.sub_auth[2]); in parse_dacl()
827 if (compare_sids(&(ppace[i]->sid), pownersid) == 0) { in parse_dacl()
828 access_flags_to_mode(ppace[i]->access_req, in parse_dacl()
829 ppace[i]->type, in parse_dacl()
830 &fattr->cf_mode, in parse_dacl()
833 } else if (compare_sids(&(ppace[i]->sid), pgrpsid) == 0) { in parse_dacl()
834 access_flags_to_mode(ppace[i]->access_req, in parse_dacl()
835 ppace[i]->type, in parse_dacl()
836 &fattr->cf_mode, in parse_dacl()
839 } else if ((compare_sids(&(ppace[i]->sid), &sid_everyone) == 0) || in parse_dacl()
840 (compare_sids(&(ppace[i]->sid), &sid_authusers) == 0)) { in parse_dacl()
841 access_flags_to_mode(ppace[i]->access_req, in parse_dacl()
842 ppace[i]->type, in parse_dacl()
843 &fattr->cf_mode, in parse_dacl()
850 /* memcpy((void *)(&(cifscred->aces[i])), in parse_dacl()
855 acl_size = le16_to_cpu(ppace[i]->size); in parse_dacl()
869 pntace->type = ACCESS_ALLOWED_ACE_TYPE; in setup_authusers_ACE()
870 pntace->flags = 0x0; in setup_authusers_ACE()
871 pntace->access_req = cpu_to_le32(GENERIC_ALL); in setup_authusers_ACE()
872 pntace->sid.num_subauth = 1; in setup_authusers_ACE()
873 pntace->sid.revision = 1; in setup_authusers_ACE()
875 pntace->sid.authority[i] = sid_authusers.authority[i]; in setup_authusers_ACE()
877 pntace->sid.sub_auth[0] = sid_authusers.sub_auth[0]; in setup_authusers_ACE()
879 /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */ in setup_authusers_ACE()
880 pntace->size = cpu_to_le16(ace_size); in setup_authusers_ACE()
886 * https://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx
893 pntace->type = ACCESS_DENIED_ACE_TYPE; in setup_special_mode_ACE()
894 pntace->flags = 0x0; in setup_special_mode_ACE()
895 pntace->access_req = 0; in setup_special_mode_ACE()
896 pntace->sid.num_subauth = 3; in setup_special_mode_ACE()
897 pntace->sid.revision = 1; in setup_special_mode_ACE()
899 pntace->sid.authority[i] = sid_unix_NFS_mode.authority[i]; in setup_special_mode_ACE()
901 pntace->sid.sub_auth[0] = sid_unix_NFS_mode.sub_auth[0]; in setup_special_mode_ACE()
902 pntace->sid.sub_auth[1] = sid_unix_NFS_mode.sub_auth[1]; in setup_special_mode_ACE()
903 pntace->sid.sub_auth[2] = cpu_to_le32(nmode & 07777); in setup_special_mode_ACE()
905 /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */ in setup_special_mode_ACE()
906 pntace->size = cpu_to_le16(ace_size); in setup_special_mode_ACE()
915 pntace->type = ACCESS_ALLOWED_ACE_TYPE; in setup_special_user_owner_ACE()
916 pntace->flags = 0x0; in setup_special_user_owner_ACE()
917 pntace->access_req = cpu_to_le32(GENERIC_ALL); in setup_special_user_owner_ACE()
918 pntace->sid.num_subauth = 3; in setup_special_user_owner_ACE()
919 pntace->sid.revision = 1; in setup_special_user_owner_ACE()
921 pntace->sid.authority[i] = sid_unix_NFS_users.authority[i]; in setup_special_user_owner_ACE()
923 pntace->sid.sub_auth[0] = sid_unix_NFS_users.sub_auth[0]; in setup_special_user_owner_ACE()
924 pntace->sid.sub_auth[1] = sid_unix_NFS_users.sub_auth[1]; in setup_special_user_owner_ACE()
925 pntace->sid.sub_auth[2] = cpu_to_le32(current_fsgid().val); in setup_special_user_owner_ACE()
927 /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */ in setup_special_user_owner_ACE()
928 pntace->size = cpu_to_le16(ace_size); in setup_special_user_owner_ACE()
973 * Set the more restrictive of the two modes. in populate_new_aces()
1053 src_num_aces = le32_to_cpu(pdacl->num_aces); in replace_sids_and_copy_aces()
1058 /* Go through all the ACEs */ in replace_sids_and_copy_aces()
1063 if (pnownersid && compare_sids(&pntace->sid, pownersid) == 0) in replace_sids_and_copy_aces()
1065 else if (pngrpsid && compare_sids(&pntace->sid, pgrpsid) == 0) in replace_sids_and_copy_aces()
1070 size += le16_to_cpu(pntace->size); in replace_sids_and_copy_aces()
1107 src_num_aces = le32_to_cpu(pdacl->num_aces); in set_chmod_dacl()
1109 /* Retain old ACEs which we can retain */ in set_chmod_dacl()
1113 if (!new_aces_set && (pntace->flags & INHERITED_ACE)) { in set_chmod_dacl()
1114 /* Place the new ACEs in between existing explicit and inherited */ in set_chmod_dacl()
1124 if (((compare_sids(&pntace->sid, &sid_unix_NFS_mode) == 0) || in set_chmod_dacl()
1125 (compare_sids(&pntace->sid, pownersid) == 0) || in set_chmod_dacl()
1126 (compare_sids(&pntace->sid, pgrpsid) == 0) || in set_chmod_dacl()
1127 (compare_sids(&pntace->sid, &sid_everyone) == 0) || in set_chmod_dacl()
1128 (compare_sids(&pntace->sid, &sid_authusers) == 0))) { in set_chmod_dacl()
1139 size += le16_to_cpu(pntace->size); in set_chmod_dacl()
1142 /* If inherited ACEs are not present, place the new ones at the tail */ in set_chmod_dacl()
1153 pndacl->num_aces = cpu_to_le32(num_aces); in set_chmod_dacl()
1154 pndacl->size = cpu_to_le16(nsize); in set_chmod_dacl()
1163 /* validate that we do not go past end of ACL - sid must be at least 8 in parse_sid()
1164 bytes long (assuming no sub-auths - e.g. the null SID */ in parse_sid()
1167 return -EINVAL; in parse_sid()
1171 if (psid->num_subauth) { in parse_sid()
1174 psid->revision, psid->num_subauth); in parse_sid()
1176 for (i = 0; i < psid->num_subauth; i++) { in parse_sid()
1178 i, le32_to_cpu(psid->sub_auth[i])); in parse_sid()
1184 le32_to_cpu(psid->sub_auth[psid->num_subauth-1])); in parse_sid()
1204 return -EIO; in parse_sec_desc()
1207 le32_to_cpu(pntsd->osidoffset)); in parse_sec_desc()
1209 le32_to_cpu(pntsd->gsidoffset)); in parse_sec_desc()
1210 dacloffset = le32_to_cpu(pntsd->dacloffset); in parse_sec_desc()
1213 pntsd->revision, pntsd->type, le32_to_cpu(pntsd->osidoffset), in parse_sec_desc()
1214 le32_to_cpu(pntsd->gsidoffset), in parse_sec_desc()
1215 le32_to_cpu(pntsd->sacloffset), dacloffset); in parse_sec_desc()
1267 dacloffset = le32_to_cpu(pntsd->dacloffset); in build_sec_desc()
1270 if (end_of_acl < (char *)dacl_ptr + le16_to_cpu(dacl_ptr->size)) { in build_sec_desc()
1272 return -EINVAL; in build_sec_desc()
1277 le32_to_cpu(pntsd->osidoffset)); in build_sec_desc()
1279 le32_to_cpu(pntsd->gsidoffset)); in build_sec_desc()
1284 ndacl_ptr->revision = in build_sec_desc()
1285 dacloffset ? dacl_ptr->revision : cpu_to_le16(ACL_REVISION); in build_sec_desc()
1287 ndacl_ptr->size = cpu_to_le16(0); in build_sec_desc()
1288 ndacl_ptr->num_aces = cpu_to_le32(0); in build_sec_desc()
1293 sidsoffset = ndacloffset + le16_to_cpu(ndacl_ptr->size); in build_sec_desc()
1294 /* copy the non-dacl portion of secdesc */ in build_sec_desc()
1302 ndacl_ptr->revision = in build_sec_desc()
1303 dacloffset ? dacl_ptr->revision : cpu_to_le16(ACL_REVISION); in build_sec_desc()
1304 ndacl_ptr->num_aces = dacl_ptr ? dacl_ptr->num_aces : 0; in build_sec_desc()
1311 rc = -ENOMEM; in build_sec_desc()
1317 /* Populate the user ownership fields S-1-5-88-1 */ in build_sec_desc()
1318 osid->Revision = 1; in build_sec_desc()
1319 osid->NumAuth = 3; in build_sec_desc()
1320 osid->Authority[5] = 5; in build_sec_desc()
1321 osid->SubAuthorities[0] = cpu_to_le32(88); in build_sec_desc()
1322 osid->SubAuthorities[1] = cpu_to_le32(1); in build_sec_desc()
1323 osid->SubAuthorities[2] = cpu_to_le32(id); in build_sec_desc()
1340 rc = -ENOMEM; in build_sec_desc()
1346 /* Populate the group ownership fields S-1-5-88-2 */ in build_sec_desc()
1347 gsid->Revision = 1; in build_sec_desc()
1348 gsid->NumAuth = 3; in build_sec_desc()
1349 gsid->Authority[5] = 5; in build_sec_desc()
1350 gsid->SubAuthorities[0] = cpu_to_le32(88); in build_sec_desc()
1351 gsid->SubAuthorities[1] = cpu_to_le32(2); in build_sec_desc()
1352 gsid->SubAuthorities[2] = cpu_to_le32(id); in build_sec_desc()
1366 /* Replace ACEs for old owner with new one */ in build_sec_desc()
1370 ndacl_ptr->size = cpu_to_le16(size); in build_sec_desc()
1373 sidsoffset = ndacloffset + le16_to_cpu(ndacl_ptr->size); in build_sec_desc()
1374 /* copy the non-dacl portion of secdesc */ in build_sec_desc()
1401 rc = CIFSSMBGetCIFSACL(xid, tlink_tcon(tlink), cifsfid->netfid, &pntsd, in get_cifs_acl_by_fid()
1469 pntsd = get_cifs_acl_by_fid(cifs_sb, &open_file->fid, pacllen, info); in get_cifs_acl()
1474 /* Set an ACL on the server */
1482 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb); in set_cifs_acl()
1510 cifs_dbg(VFS, "Unable to open file to set ACL\n"); in set_cifs_acl()
1543 ops = tlink_tcon(tlink)->ses->server->ops; in cifs_acl_to_fattr()
1545 if (pfid && (ops->get_acl_by_fid)) in cifs_acl_to_fattr()
1546 pntsd = ops->get_acl_by_fid(cifs_sb, pfid, &acllen, info); in cifs_acl_to_fattr()
1547 else if (ops->get_acl) in cifs_acl_to_fattr()
1548 pntsd = ops->get_acl(cifs_sb, inode, path, &acllen, info); in cifs_acl_to_fattr()
1551 return -EOPNOTSUPP; in cifs_acl_to_fattr()
1553 /* if we can retrieve the ACL, now parse Access Control Entries, ACEs */ in cifs_acl_to_fattr()
1579 int aclflag = CIFS_ACL_DACL; /* default flag to set */ in id_mode_to_cifs_acl()
1586 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb); in id_mode_to_cifs_acl()
1595 ops = tlink_tcon(tlink)->ses->server->ops; in id_mode_to_cifs_acl()
1597 cifs_dbg(NOISY, "set ACL from mode for %s\n", path); in id_mode_to_cifs_acl()
1601 if (ops->get_acl == NULL) { in id_mode_to_cifs_acl()
1603 return -EOPNOTSUPP; in id_mode_to_cifs_acl()
1606 pntsd = ops->get_acl(cifs_sb, inode, path, &secdesclen, info); in id_mode_to_cifs_acl()
1614 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MODE_FROM_SID) in id_mode_to_cifs_acl()
1619 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_UID_FROM_ACL) in id_mode_to_cifs_acl()
1624 /* Potentially, five new ACEs can be added to the ACL for U,G,O mapping */ in id_mode_to_cifs_acl()
1634 dacloffset = le32_to_cpu(pntsd->dacloffset); in id_mode_to_cifs_acl()
1639 le32_to_cpu(dacl_ptr->num_aces) * sizeof(struct smb_ace); in id_mode_to_cifs_acl()
1641 nsecdesclen += le16_to_cpu(dacl_ptr->size); in id_mode_to_cifs_acl()
1646 * Add three ACEs for owner, group, everyone getting rid of other ACEs in id_mode_to_cifs_acl()
1647 * as chmod disables ACEs and set the security descriptor. Allocate in id_mode_to_cifs_acl()
1648 * memory for the smb header, set security descriptor request security in id_mode_to_cifs_acl()
1656 return -ENOMEM; in id_mode_to_cifs_acl()
1664 if (ops->set_acl == NULL) in id_mode_to_cifs_acl()
1665 rc = -EOPNOTSUPP; in id_mode_to_cifs_acl()
1668 /* Set the security descriptor */ in id_mode_to_cifs_acl()
1669 rc = ops->set_acl(pnntsd, nsecdesclen, inode, path, aclflag); in id_mode_to_cifs_acl()
1684 ssize_t rc = -EOPNOTSUPP; in cifs_get_acl()
1686 struct super_block *sb = dentry->d_sb; in cifs_get_acl()
1710 if (sb->s_flags & SB_POSIXACL) in cifs_get_acl()
1713 cifs_sb->local_nls, in cifs_get_acl()
1718 if (sb->s_flags & SB_POSIXACL) in cifs_get_acl()
1721 cifs_sb->local_nls, in cifs_get_acl()
1727 if (rc == -EINVAL) in cifs_get_acl()
1728 acl = ERR_PTR(-EOPNOTSUPP); in cifs_get_acl()
1739 return ERR_PTR(-EOPNOTSUPP); in cifs_get_acl()
1747 int rc = -EOPNOTSUPP; in cifs_set_acl()
1749 struct super_block *sb = dentry->d_sb; in cifs_set_acl()
1776 /* if proc/fs/cifs/streamstoxattr is set then in cifs_set_acl()
1779 if (posix_acl_xattr_size(acl->a_count) > CIFSMaxBufSize) { in cifs_set_acl()
1781 rc = -EOPNOTSUPP; in cifs_set_acl()
1787 if (sb->s_flags & SB_POSIXACL) in cifs_set_acl()
1790 cifs_sb->local_nls, in cifs_set_acl()
1795 if (sb->s_flags & SB_POSIXACL) in cifs_set_acl()
1798 cifs_sb->local_nls, in cifs_set_acl()
1809 return -EOPNOTSUPP; in cifs_set_acl()