cifs: Fix getting DACL-only xattr system.cifs_acl and system.smb3_acl

Currently ->get_acl() callback always create request for OWNER, GROUP and
DACL, even when only DACLs was requested by user. Change API callback to
request only information for which the caller asked. Therefore when only
DACLs requested, then SMB client will prepare and send DACL-only request.

This change fixes retrieving of "system.cifs_acl" and "system.smb3_acl"
xattrs to contain only DACL structure as documented.

Note that setting/changing of "system.cifs_acl" and "system.smb3_acl"
xattrs already takes only DACL structure and ignores all other fields.

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index 64bd68f750f84229ff8cd768576d93a40fb6f700..c8676dd77fa7201ddd3c81d025933e42bbe34f0a 100644 (file)
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -1550,7 +1550,7 @@ cifs_acl_to_fattr(struct cifs_sb_info *cifs_sb, struct cifs_fattr *fattr,
        int rc = 0;
        struct tcon_link *tlink = cifs_sb_tlink(cifs_sb);
        struct smb_version_operations *ops;
-       const u32 info = 0;
+       const u32 info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO;
 
        cifs_dbg(NOISY, "converting ACL to mode for %s\n", path);
 
@@ -1604,7 +1604,7 @@ id_mode_to_cifs_acl(struct inode *inode, const char *path, __u64 *pnmode,
        struct tcon_link *tlink;
        struct smb_version_operations *ops;
        bool mode_from_sid, id_from_sid;
-       const u32 info = 0;
+       const u32 info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO;
        bool posix;
 
        tlink = cifs_sb_tlink(cifs_sb);

diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c
index 364ab7573b360223862c8ced91e923917d5a37ed..2cd6cb5ccea971f3d910bf3f0a025c6d411ae262 100644 (file)
--- a/fs/smb/client/cifssmb.c
+++ b/fs/smb/client/cifssmb.c
@@ -3403,8 +3403,7 @@ CIFSSMBGetCIFSACL(const unsigned int xid, struct cifs_tcon *tcon, __u16 fid,
        /* BB TEST with big acls that might need to be e.g. larger than 16K */
        pSMB->MaxSetupCount = 0;
        pSMB->Fid = fid; /* file handle always le */
-       pSMB->AclFlags = cpu_to_le32(CIFS_ACL_OWNER | CIFS_ACL_GROUP |
-                                    CIFS_ACL_DACL | info);
+       pSMB->AclFlags = cpu_to_le32(info);
        pSMB->ByteCount = cpu_to_le16(11); /* 3 bytes pad + 8 bytes parm */
        inc_rfc1001_len(pSMB, 11);
        iov[0].iov_base = (char *)pSMB;

diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c
index f9c521b3c65ee7aed4a6bee79de6d5914fa55e7d..4f69a1825e42626493fb03463aea125dad126074 100644 (file)
--- a/fs/smb/client/smb2pdu.c
+++ b/fs/smb/client/smb2pdu.c
@@ -3916,12 +3916,10 @@ SMB2_query_acl(const unsigned int xid, struct cifs_tcon *tcon,
               u64 persistent_fid, u64 volatile_fid,
               void **data, u32 *plen, u32 extra_info)
 {
-       __u32 additional_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO |
-                               extra_info;
        *plen = 0;
 
        return query_info(xid, tcon, persistent_fid, volatile_fid,
-                         0, SMB2_O_INFO_SECURITY, additional_info,
+                         0, SMB2_O_INFO_SECURITY, extra_info,
                          SMB2_MAX_BUFFER_SIZE, MIN_SEC_DESC_LEN, data, plen);
 }
 

diff --git a/fs/smb/client/xattr.c b/fs/smb/client/xattr.c
index 58a584f0b27e9150c9a882fc3438a2aa34b5bf1d..7d49f38f01f3e704f316f8500b11d0b673e2f60b 100644 (file)
--- a/fs/smb/client/xattr.c
+++ b/fs/smb/client/xattr.c
@@ -320,10 +320,17 @@ static int cifs_xattr_get(const struct xattr_handler *handler,
                if (pTcon->ses->server->ops->get_acl == NULL)
                        goto out; /* rc already EOPNOTSUPP */
 
-               if (handler->flags == XATTR_CIFS_NTSD_FULL) {
-                       extra_info = SACL_SECINFO;
-               } else {
-                       extra_info = 0;
+               switch (handler->flags) {
+               case XATTR_CIFS_NTSD_FULL:
+                       extra_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO | SACL_SECINFO;
+                       break;
+               case XATTR_CIFS_NTSD:
+                       extra_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO;
+                       break;
+               case XATTR_CIFS_ACL:
+               default:
+                       extra_info = DACL_SECINFO;
+                       break;
                }
                pacl = pTcon->ses->server->ops->get_acl(cifs_sb,
                                inode, full_path, &acllen, extra_info);