cifs: modefromsid: write mode ACE first
authorAurelien Aptel <aaptel@suse.com>
Mon, 16 Sep 2019 23:47:27 +0000 (01:47 +0200)
committerSteve French <stfrench@microsoft.com>
Mon, 16 Sep 2019 23:49:11 +0000 (18:49 -0500)
DACL should start with mode ACE first but we are putting it at the
end. reorder them to put it first.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/cifs/cifsacl.c

index 3e0c5ed9ca2074d4725cc172a70a0f6886e21af5..f842944a5c76a3cd905bd405bd463c4ae49c9af7 100644 (file)
@@ -809,30 +809,21 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid,
                        struct cifs_sid *pgrpsid, __u64 nmode, bool modefromsid)
 {
        u16 size = 0;
+       u32 num_aces = 0;
        struct cifs_acl *pnndacl;
 
        pnndacl = (struct cifs_acl *)((char *)pndacl + sizeof(struct cifs_acl));
 
-       size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size),
-                                       pownersid, nmode, S_IRWXU);
-       size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-                                       pgrpsid, nmode, S_IRWXG);
-       size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-                                        &sid_everyone, nmode, S_IRWXO);
-
-       /* TBD: Move this ACE to the top of ACE list instead of bottom */
        if (modefromsid) {
                struct cifs_ace *pntace =
                        (struct cifs_ace *)((char *)pnndacl + size);
                int i;
 
-               pntace->type = ACCESS_DENIED;
+               pntace->type = ACCESS_ALLOWED;
                pntace->flags = 0x0;
+               pntace->access_req = 0;
                pntace->sid.num_subauth = 3;
                pntace->sid.revision = 1;
-               /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth * 4) */
-               pntace->size = cpu_to_le16(28);
-               size += 28;
                for (i = 0; i < NUM_AUTHS; i++)
                        pntace->sid.authority[i] =
                                sid_unix_NFS_mode.authority[i];
@@ -840,12 +831,23 @@ static int set_chmod_dacl(struct cifs_acl *pndacl, struct cifs_sid *pownersid,
                pntace->sid.sub_auth[1] = sid_unix_NFS_mode.sub_auth[1];
                pntace->sid.sub_auth[2] = cpu_to_le32(nmode & 07777);
 
-               pndacl->num_aces = cpu_to_le32(4);
-               size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
-                                        &sid_unix_NFS_mode, nmode, S_IRWXO);
-       } else
-               pndacl->num_aces = cpu_to_le32(3);
+               /* size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth*4) */
+               pntace->size = cpu_to_le16(28);
+               size += 28;
+               num_aces++;
+       }
+
+       size += fill_ace_for_sid((struct cifs_ace *) ((char *)pnndacl + size),
+                                       pownersid, nmode, S_IRWXU);
+       num_aces++;
+       size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
+                                       pgrpsid, nmode, S_IRWXG);
+       num_aces++;
+       size += fill_ace_for_sid((struct cifs_ace *)((char *)pnndacl + size),
+                                        &sid_everyone, nmode, S_IRWXO);
+       num_aces++;
 
+       pndacl->num_aces = cpu_to_le32(num_aces);
        pndacl->size = cpu_to_le16(size + sizeof(struct cifs_acl));
 
        return 0;