Eric Lee / smarc-fsl-linux-kernel

17 Oct, 2011

1 commit

  • a5ff37696   cifs: Call id to SID mapping functions to change owner/group (try #4 repost) ... Browse Code »

    Now build security descriptor to change either owner or group at the
    server. Initially security descriptor was built to change only
    (D)ACL, that functionality has been extended.

    When either an Owner or a Group of a file object at the server is changed,
    rest of security descriptor remains same (DACL etc.).

    To set security descriptor, it is necessary to open that file
    with permission bits of either WRITE_DAC if DACL is being modified or
    WRITE_OWNER (Take Ownership) if Owner or Group is being changed.

    It is the server that decides whether a set security descriptor with
    either owner or group change succeeds or not.

    Signed-off-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Shirish Pargaonkar
     

13 Oct, 2011

2 commits

  • 21fed0d5b   cifs: Add data structures and functions for uid/gid to SID mapping (try #4) ... Browse Code »

    Add data structures and functions necessary to map a uid and gid to SID.
    These functions are very similar to the ones used to map a SID to uid and gid.
    This time, instead of storing sid to id mapping sorted on a sid value,
    id to sid is stored, sorted on an id.
    A cifs upcall sends an id (uid or gid) and expects a SID structure
    in return, if mapping was done successfully.

    A failed id to sid mapping to EINVAL.

    This patchset aims to enable chown and chgrp commands when
    cifsacl mount option is specified, especially to Windows SMB servers.
    Currently we can't do that. So now along with chmod command,
    chown and chgrp work.

    Winbind is used to map id to a SID. chown and chgrp use an upcall
    to provide an id to winbind and upcall returns with corrosponding
    SID if any exists. That SID is used to build security descriptor.
    The DACL part of a security descriptor is not changed by either
    chown or chgrp functionality.

    cifs client maintains a separate caches for uid to SID and
    gid to SID mapping. This is similar to the one used earlier
    to map SID to id (as part of ID mapping code).

    I tested it by mounting shares from a Windows (2003) server by
    authenticating as two users, one at a time, as Administrator and
    as a ordinary user.
    And then attempting to change owner of a file on the share.

    Depending on the permissions/privileges at the server for that file,
    chown request fails to either open a file (to change the ownership)
    or to set security descriptor.
    So it all depends on privileges on the file at the server and what
    user you are authenticated as at the server, cifs client is just a
    conduit.

    I compared the security descriptor during chown command to that
    what smbcacls sends when it is used with -M OWNNER: option
    and they are similar.

    This patchset aim to enable chown and chgrp commands when
    cifsacl mount option is specified, especially to Windows SMB servers.
    Currently we can't do that. So now along with chmod command,
    chown and chgrp work.

    I tested it by mounting shares from a Windows (2003) server by
    authenticating as two users, one at a time, as Administrator and
    as a ordinary user.
    And then attempting to change owner of a file on the share.

    Depending on the permissions/privileges at the server for that file,
    chown request fails to either open a file (to change the ownership)
    or to set security descriptor.
    So it all depends on privileges on the file at the server and what
    user you are authenticated as at the server, cifs client is just a
    conduit.

    Signed-off-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Shirish Pargaonkar
     
  • 3d3ea8e64   cifs: Add mount options for backup intent (try #6) ... Browse Code »

    Add mount options backupuid and backugid.

    It allows an authenticated user to access files with the intent to back them
    up including their ACLs, who may not have access permission but has
    "Backup files and directories user right" on them (by virtue of being part
    of the built-in group Backup Operators.

    When mount options backupuid is specified, cifs client restricts the
    use of backup intents to the user whose effective user id is specified
    along with the mount option.

    When mount options backupgid is specified, cifs client restricts the
    use of backup intents to the users whose effective user id belongs to the
    group id specified along with the mount option.

    If an authenticated user is not part of the built-in group Backup Operators
    at the server, access to such files is denied, even if allowed by the client.

    Signed-off-by: Shirish Pargaonkar
    Reviewed-by: Jeff Layton
    Signed-off-by: Steve French

    Shirish Pargaonkar
     

12 Aug, 2011

1 commit

  • e22906c56   cifs: Do not set cifs/ntfs acl using a file handle (try #4) ... Browse Code »

    Set security descriptor using path name instead of a file handle.
    We can't be sure that the file handle has adequate permission to
    set a security descriptor (to modify DACL).

    Function set_cifs_acl_by_fid() has been removed since we can't be
    sure how a file was opened for writing, a valid request can fail
    if the file was not opened with two above mentioned permissions.
    We could have opted to add on WRITE_DAC and WRITE_OWNER permissions
    to file opens and then use that file handle but adding addtional
    permissions such as WRITE_DAC and WRITE_OWNER could cause an
    any open to fail.

    And it was incorrect to look for read file handle to set a
    security descriptor anyway.

    Signed-off-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Shirish Pargaonkar
     

30 May, 2011

1 commit

28 May, 2011

1 commit

27 May, 2011

2 commits

  • 383c55350   [CIFS] Fix endian error comparing authusers when cifsacl enabled ... Browse Code »

    Fix sparse warning:
    CHECK fs/cifs/cifsacl.c
    fs/cifs/cifsacl.c:41:36: warning: incorrect type in initializer
    (different base types)
    fs/cifs/cifsacl.c:41:36: expected restricted __le32
    fs/cifs/cifsacl.c:41:36: got int
    fs/cifs/cifsacl.c:461:52: warning: restricted __le32 degrades to integer
    fs/cifs/cifsacl.c:461:73: warning: restricted __le32 degrades to integer

    The second one looks harmless but the first one (sid_authusers)
    was added in commit 2fbc2f1729e785a7b2faf9d8d60926bb1ff62af0
    and only affects 2.6.38/2.6.39

    CC: Stable
    Reviewed-and-Tested-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Steve French
     
  • 96daf2b09   [CIFS] Rename three structures to avoid camel case ... Browse Code »

    secMode to sec_mode
    and
    cifsTconInfo to cifs_tcon
    and
    cifsSesInfo to cifs_ses

    Signed-off-by: Steve French

    Steve French
     

19 May, 2011

5 commits

  • c4aca0c09   cifs: Change key name to cifs.idmap, misc. clean-up ... Browse Code »

    Change idmap key name from cifs.cifs_idmap to cifs.idmap.
    Removed unused structure wksidarr and function match_sid().
    Handle errors correctly in function init_cifs().

    Signed-off-by: Shirish Pargaonkar
    Reviewed-by: Jeff Layton
    Signed-off-by: Steve French

    Shirish Pargaonkar
     
  • 0e6e37a7a   cifs: fix some unused variable warnings in id_rb_search ... Browse Code »

    fs/cifs/cifsacl.c: In function ‘id_rb_search’:
    fs/cifs/cifsacl.c:215:19: warning: variable ‘linkto’ set but not used
    [-Wunused-but-set-variable]
    fs/cifs/cifsacl.c:214:18: warning: variable ‘parent’ set but not used
    [-Wunused-but-set-variable]

    Reviewed-by: Shirish Pargaonkar
    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Jeff Layton
     
  • 9409ae58e   cifs: Invoke id mapping functions (try #17 repost) ... Browse Code »

    rb tree search and insertion routines.

    A SID which needs to be mapped, is looked up in one of the rb trees
    depending on whether SID is either owner or group SID.
    If found in the tree, a (mapped) id from that node is assigned to
    uid or gid as appropriate. If unmapped, an upcall is attempted to
    map the SID to an id. If upcall is successful, node is marked as
    mapped. If upcall fails, node stays marked as unmapped and a mapping
    is attempted again only after an arbitrary time period has passed.

    To map a SID, which can be either a Owner SID or a Group SID, key
    description starts with the string "os" or "gs" followed by SID converted
    to a string. Without "os" or "gs", cifs.upcall does not know whether
    SID needs to be mapped to either an uid or a gid.

    Nodes in rb tree have fields to prevent multiple upcalls for
    a SID. Searching, adding, and removing nodes is done within global locks.
    Whenever a node is either found or inserted in a tree, a reference
    is taken on that node.
    Shrinker routine prunes a node if it has expired but does not prune
    an expired node if its refcount is not zero (i.e. sid/id of that node
    is_being/will_be accessed).
    Thus a node, if its SID needs to be mapped by making an upcall,
    can safely stay and its fields accessed without shrinker pruning it.
    A reference (refcount) is put on the node without holding the spinlock
    but a reference is get on the node by holding the spinlock.

    Every time an existing mapped node is accessed or mapping is attempted,
    its timestamp is updated to prevent it from getting erased or a
    to prevent multiple unnecessary repeat mapping retries respectively.

    For now, cifs.upcall is only used to map a SID to an id (uid or gid) but
    it would be used to obtain an SID for an id.

    Signed-off-by: Shirish Pargaonkar
    Reviewed-by: Jeff Layton
    Signed-off-by: Steve French

    Shirish Pargaonkar
     
  • 4d79dba0e   cifs: Add idmap key and related data structures and functions (try #17 repost) ... Browse Code »

    Define (global) data structures to store ids, uids and gids, to which a
    SID maps. There are two separate trees, one for SID/uid and another one
    for SID/gid.

    A new type of key, cifs_idmap_key_type, is used.

    Keys are instantiated and searched using credential of the root by
    overriding and restoring the credentials of the caller requesting the key.

    Id mapping functions are invoked under config option of cifs acl.

    Signed-off-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Shirish Pargaonkar
     
  • b73b9a4ba   [CIFS] Allow to set extended attribute cifs_acl (try #2) ... Browse Code »

    Allow setting cifs_acl on the server.
    Pass on to the server the ACL blob generated by an application.
    cifs is just a pass-through, it does not monitor or inspect the contents
    of the blob, server decides whether to enforce/apply the ACL blob composed
    by an application.
    If setting of ACL is succeessful, mark the inode for revalidation.

    Signed-off-by: Shirish Pargaonkar
    Acked-by: Jeff Layton
    Signed-off-by: Steve French

    Steve French
     

06 Feb, 2011

1 commit

20 Jan, 2011

1 commit

07 Dec, 2010

1 commit

  • 79df1baee   cifs: fix use of CONFIG_CIFS_ACL ... Browse Code »

    Some of the code under CONFIG_CIFS_ACL is dependent upon code under
    CONFIG_CIFS_EXPERIMENTAL, but the Kconfig options don't reflect that
    dependency. Move more of the ACL code out from under
    CONFIG_CIFS_EXPERIMENTAL and under CONFIG_CIFS_ACL.

    Also move find_readable_file out from other any sort of Kconfig
    option and make it a function normally compiled in.

    Reported-and-Acked-by: Randy Dunlap
    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Jeff Layton
     

30 Nov, 2010

2 commits

11 Nov, 2010

1 commit

07 Oct, 2010

2 commits

  • 6508d904e   cifs: have find_readable/writable_file filter by fsuid ... Browse Code »

    When we implement multiuser mounts, we'll need to filter filehandles
    by fsuid. Add a flag for multiuser mounts and code to filter by
    fsuid when it's set.

    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Jeff Layton
     
  • 7ffec3724   cifs: add refcounted and timestamped container for holding tcons ... Browse Code »

    Eventually, we'll need to track the use of tcons on a per-sb basis, so that
    we know when it's ok to tear them down. Begin this conversion by adding a
    new "tcon_link" struct and accessors that get it. For now, the core data
    structures are untouched -- cifs_sb still just points to a single tcon and
    the pointers are just cast to deal with the accessor functions. A later
    patch will flesh this out.

    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Jeff Layton
     

30 Sep, 2010

1 commit

  • a6e8a8455   cifs: add function to get a tcon from cifs_sb ... Browse Code »

    When we convert cifs to do multiple sessions per mount, we'll need more
    than one tcon per superblock. At that point "cifs_sb->tcon" will make
    no sense. Add a new accessor function that gets a tcon given a cifs_sb.
    For now, it just returns cifs_sb->tcon. Later it'll do more.

    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Jeff Layton
     

21 Apr, 2010

1 commit

  • b6b38f704   [CIFS] Neaten cERROR and cFYI macros, reduce text space ... Browse Code »

    Neaten cERROR and cFYI macros, reduce text space
    ~2.5K

    Convert '__FILE__ ": " fmt' to '"%s: " fmt', __FILE__' to save text space
    Surround macros with do {} while
    Add parentheses to macros
    Make statement expression macro from macro with assign
    Remove now unnecessary parentheses from cFYI and cERROR uses

    defconfig with CIFS support old
    $ size fs/cifs/built-in.o
    text data bss dec hex filename
    156012 1760 148 157920 268e0 fs/cifs/built-in.o

    defconfig with CIFS support old
    $ size fs/cifs/built-in.o
    text data bss dec hex filename
    153508 1760 148 155416 25f18 fs/cifs/built-in.o

    allyesconfig old:
    $ size fs/cifs/built-in.o
    text data bss dec hex filename
    309138 3864 74824 387826 5eaf2 fs/cifs/built-in.o

    allyesconfig new
    $ size fs/cifs/built-in.o
    text data bss dec hex filename
    305655 3864 74824 384343 5dd57 fs/cifs/built-in.o

    Signed-off-by: Joe Perches
    Signed-off-by: Steve French

    Joe Perches
     

30 Mar, 2010

1 commit

  • 5a0e3ad6a   include cleanup: Update gfp.h and slab.h includes to prepare for breaking implic… ... Browse Code »

    …it slab.h inclusion from percpu.h

    percpu.h is included by sched.h and module.h and thus ends up being
    included when building most .c files. percpu.h includes slab.h which
    in turn includes gfp.h making everything defined by the two files
    universally available and complicating inclusion dependencies.

    percpu.h -> slab.h dependency is about to be removed. Prepare for
    this change by updating users of gfp and slab facilities include those
    headers directly instead of assuming availability. As this conversion
    needs to touch large number of source files, the following script is
    used as the basis of conversion.

    http://userweb.kernel.org/~tj/misc/slabh-sweep.py

    The script does the followings.

    * Scan files for gfp and slab usages and update includes such that
    only the necessary includes are there. ie. if only gfp is used,
    gfp.h, if slab is used, slab.h.

    * When the script inserts a new include, it looks at the include
    blocks and try to put the new include such that its order conforms
    to its surrounding. It's put in the include block which contains
    core kernel includes, in the same order that the rest are ordered -
    alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
    doesn't seem to be any matching order.

    * If the script can't find a place to put a new include (mostly
    because the file doesn't have fitting include block), it prints out
    an error message indicating which .h file needs to be added to the
    file.

    The conversion was done in the following steps.

    1. The initial automatic conversion of all .c files updated slightly
    over 4000 files, deleting around 700 includes and adding ~480 gfp.h
    and ~3000 slab.h inclusions. The script emitted errors for ~400
    files.

    2. Each error was manually checked. Some didn't need the inclusion,
    some needed manual addition while adding it to implementation .h or
    embedding .c file was more appropriate for others. This step added
    inclusions to around 150 files.

    3. The script was run again and the output was compared to the edits
    from #2 to make sure no file was left behind.

    4. Several build tests were done and a couple of problems were fixed.
    e.g. lib/decompress_*.c used malloc/free() wrappers around slab
    APIs requiring slab.h to be added manually.

    5. The script was run on all .h files but without automatically
    editing them as sprinkling gfp.h and slab.h inclusions around .h
    files could easily lead to inclusion dependency hell. Most gfp.h
    inclusion directives were ignored as stuff from gfp.h was usually
    wildly available and often used in preprocessor macros. Each
    slab.h inclusion directive was examined and added manually as
    necessary.

    6. percpu.h was updated not to include slab.h.

    7. Build test were done on the following configurations and failures
    were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
    distributed build env didn't work with gcov compiles) and a few
    more options had to be turned off depending on archs to make things
    build (like ipr on powerpc/64 which failed due to missing writeq).

    * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
    * powerpc and powerpc64 SMP allmodconfig
    * sparc and sparc64 SMP allmodconfig
    * ia64 SMP allmodconfig
    * s390 SMP allmodconfig
    * alpha SMP allmodconfig
    * um on x86_64 SMP allmodconfig

    8. percpu.h modifications were reverted so that it could be applied as
    a separate patch and serve as bisection point.

    Given the fact that I had only a couple of failures from tests on step
    6, I'm fairly confident about the coverage of this conversion patch.
    If there is a breakage, it's likely to be something in one of the arch
    headers which should be easily discoverable easily on most builds of
    the specific arch.

    Signed-off-by: Tejun Heo <tj@kernel.org>
    Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>

    Tejun Heo
     

02 Sep, 2009

1 commit

  • 6ab409b53   cifs: Replace wrtPending with a real reference count ... Browse Code »

    Currently, cifs_close() tries to wait until all I/O is complete and then
    frees the file private data. If I/O does not completely in a reasonable
    amount of time it frees the structure anyway, leaving a potential use-
    after-free situation.

    This patch changes the wrtPending counter to a complete reference count and
    lets the last user free the structure.

    Signed-off-by: Dave Kleikamp
    Reviewed-by: Jeff Layton
    Tested-by: Shirish Pargaonkar
    Signed-off-by: Steve French

    Dave Kleikamp
     

10 Jul, 2009

1 commit

  • 0b8f18e35   cifs: convert cifs_get_inode_info and non-posix readdir to use cifs_iget ... Browse Code »

    cifs: convert cifs_get_inode_info and non-posix readdir to use cifs_iget

    Rather than allocating an inode and filling it out, have
    cifs_get_inode_info fill out a cifs_fattr and call cifs_iget. This means
    a pretty hefty reorganization of cifs_get_inode_info.

    For the readdir codepath, add a couple of new functions for filling out
    cifs_fattr's from different FindFile response infolevels.

    Finally, remove cifs_new_inode since there are no more callers.

    Signed-off-by: Jeff Layton
    Reviewed-by: Christoph Hellwig
    Signed-off-by: Steve French

    Jeff Layton
     

29 May, 2009

2 commits

  • b96d31a62   cifs: clean up set_cifs_acl interfaces ... Browse Code »

    Signed-off-by: Christoph Hellwig
    Reviewed-by: Shirish Pargaonkar
    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Christoph Hellwig
     
  • 1bf4072da   cifs: reorganize get_cifs_acl ... Browse Code »

    Thus spake Christoph:

    "But this whole set_cifs_acl function is a real mess anyway and needs
    some splitting up."

    With this change too, it's possible to call acl_to_uid_mode() with a
    NULL inode pointer. That (or something close to it) will eventually be
    necessary when cifs_get_inode_info is reorganized.

    Signed-off-by: Christoph Hellwig
    Reviewed-by: Shirish Pargaonkar
    Signed-off-by: Jeff Layton
    Signed-off-by: Steve French

    Christoph Hellwig
     

24 Jul, 2008

2 commits

13 Jul, 2008

1 commit

  • 536abdb08   cifs: fix wksidarr declaration to be big-endian friendly ... Browse Code »

    The current definition of wksidarr works fine on little endian arches
    (since cpu_to_le32 is a no-op there), but on big-endian arches, it fails
    to compile with this error:

    error: braced-group within expression allowed only inside a function

    The problem is that this static declaration has cpu_to_le32 embedded
    within it, and that expands into a function macro. We need to use
    __constant_cpu_to_le32() instead.

    Signed-off-by: Jeff Layton
    Cc: Steven French
    Cc:
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Jeff Layton
     

09 May, 2008

1 commit

29 Apr, 2008

1 commit

10 Apr, 2008

1 commit

31 Mar, 2008

1 commit

15 Mar, 2008

1 commit

  • 8b1327f6e   [CIFS] file create with acl support enabled is slow ... Browse Code »

    Shirish Pargaonkar noted:
    With cifsacl mount option, when a file is created on the Windows server,
    exclusive oplock is broken right away because the get cifs acl code
    again opens the file to obtain security descriptor.
    The client does not have the newly created file handle or inode in any
    of its lists yet so it does not respond to oplock break and server waits for
    its duration and then responds to the second open. This slows down file
    creation signficantly. The fix is to pass the file descriptor to the get
    cifsacl code wherever available so that get cifs acl code does not send
    second open (NT Create ANDX) and oplock is not broken.

    CC: Shirish Pargaonkar
    Signed-off-by: Steve French

    Steve French
     

13 Feb, 2008

2 commits

08 Feb, 2008

1 commit

31 Dec, 2007

1 commit