diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-10-10 11:50:27 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-10-11 12:25:11 +1100 |
| commit | c8ade07760ae0ccfdf2d875c9f3027926e62321b (patch) | |
| tree | abac36ce81b1e0737bfeb607699a41773beb958e /source3/modules | |
| parent | 9158974540d0e311021f04789ed75ebda466c5b3 (diff) | |
| download | samba-c8ade07760ae0ccfdf2d875c9f3027926e62321b.tar.gz samba-c8ade07760ae0ccfdf2d875c9f3027926e62321b.tar.bz2 samba-c8ade07760ae0ccfdf2d875c9f3027926e62321b.zip | |
smbd: Add mem_ctx to {f,}get_nt_acl VFS call
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett
Diffstat (limited to 'source3/modules')
| -rw-r--r-- | source3/modules/nfs4_acls.c | 18 | ||||
| -rw-r--r-- | source3/modules/nfs4_acls.h | 2 | ||||
| -rw-r--r-- | source3/modules/vfs_acl_common.c | 68 | ||||
| -rw-r--r-- | source3/modules/vfs_afsacl.c | 16 | ||||
| -rw-r--r-- | source3/modules/vfs_aixacl2.c | 16 | ||||
| -rw-r--r-- | source3/modules/vfs_catia.c | 3 | ||||
| -rw-r--r-- | source3/modules/vfs_default.c | 8 | ||||
| -rw-r--r-- | source3/modules/vfs_full_audit.c | 12 | ||||
| -rw-r--r-- | source3/modules/vfs_gpfs.c | 14 | ||||
| -rw-r--r-- | source3/modules/vfs_media_harmony.c | 13 | ||||
| -rw-r--r-- | source3/modules/vfs_shadow_copy2.c | 11 | ||||
| -rw-r--r-- | source3/modules/vfs_time_audit.c | 8 | ||||
| -rw-r--r-- | source3/modules/vfs_zfsacl.c | 18 |
13 files changed, 139 insertions, 68 deletions
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 05f90f77df..48b045feb0 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -370,7 +370,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ } static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, - uint32 security_info, + uint32 security_info, TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { int good_aces = 0; @@ -378,7 +378,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, size_t sd_size = 0; struct security_ace *nt_ace_list = NULL; struct security_acl *psa = NULL; - TALLOC_CTX *mem_ctx = talloc_tos(); + TALLOC_CTX *frame = talloc_stackframe(); if (theacl==NULL || smb_get_naces(theacl)==0) return NT_STATUS_ACCESS_DENIED; /* special because we @@ -392,12 +392,14 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, S_ISDIR(sbuf->st_ex_mode), &nt_ace_list, &good_aces)==False) { DEBUG(8,("smbacl4_nfs42win failed\n")); + TALLOC_FREE(frame); return map_nt_error_from_unix(errno); } - psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, good_aces, nt_ace_list); + psa = make_sec_acl(frame, NT4_ACL_REVISION, good_aces, nt_ace_list); if (psa == NULL) { DEBUG(2,("make_sec_acl failed\n")); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } @@ -409,6 +411,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, NULL, psa, &sd_size); if (*ppdesc==NULL) { DEBUG(2,("make_sec_desc failed\n")); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } @@ -416,11 +419,13 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, "sd_size %d\n", (int)ndr_size_security_descriptor(*ppdesc, 0))); + TALLOC_FREE(frame); return NT_STATUS_OK; } NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { @@ -432,13 +437,15 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, return map_nt_error_from_unix(errno); } - return smb_get_nt_acl_nfs4_common(&sbuf, security_info, ppdesc, + return smb_get_nt_acl_nfs4_common(&sbuf, security_info, + mem_ctx, ppdesc, theacl); } NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn, const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { @@ -450,7 +457,8 @@ NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn, return map_nt_error_from_unix(errno); } - return smb_get_nt_acl_nfs4_common(&sbuf, security_info, ppdesc, + return smb_get_nt_acl_nfs4_common(&sbuf, security_info, + mem_ctx, ppdesc, theacl); } diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h index fcab635915..c461229c6c 100644 --- a/source3/modules/nfs4_acls.h +++ b/source3/modules/nfs4_acls.h @@ -132,11 +132,13 @@ uint32 smb_get_naces(SMB4ACL_T *theacl); NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, SMB4ACL_T *theacl); NTSTATUS smb_get_nt_acl_nfs4(connection_struct *conn, const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, SMB4ACL_T *theacl); /* Callback function needed to set the native acl diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index c2ac875fa1..ef2dda1b45 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -74,27 +74,29 @@ static NTSTATUS hash_sd_sha256(struct security_descriptor *psd, *******************************************************************/ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc, uint16_t *p_hash_type, uint8_t hash[XATTR_SD_HASH_SIZE]) { - TALLOC_CTX *ctx = talloc_tos(); struct xattr_NTACL xacl; enum ndr_err_code ndr_err; size_t sd_size; + TALLOC_CTX *frame = talloc_stackframe(); - ndr_err = ndr_pull_struct_blob(pblob, ctx, &xacl, + ndr_err = ndr_pull_struct_blob(pblob, frame, &xacl, (ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(5, ("parse_acl_blob: ndr_pull_xattr_NTACL failed: %s\n", ndr_errstr(ndr_err))); + TALLOC_FREE(frame); return ndr_map_error2ntstatus(ndr_err); } switch (xacl.version) { case 1: - *ppdesc = make_sec_desc(ctx, SD_REVISION, + *ppdesc = make_sec_desc(mem_ctx, SD_REVISION, xacl.info.sd->type | SEC_DESC_SELF_RELATIVE, xacl.info.sd->owner_sid, xacl.info.sd->group_sid, @@ -106,7 +108,7 @@ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob, memset(hash, '\0', XATTR_SD_HASH_SIZE); break; case 2: - *ppdesc = make_sec_desc(ctx, SD_REVISION, + *ppdesc = make_sec_desc(mem_ctx, SD_REVISION, xacl.info.sd_hs2->sd->type | SEC_DESC_SELF_RELATIVE, xacl.info.sd_hs2->sd->owner_sid, xacl.info.sd_hs2->sd->group_sid, @@ -118,7 +120,7 @@ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob, memset(hash, '\0', XATTR_SD_HASH_SIZE); break; case 3: - *ppdesc = make_sec_desc(ctx, SD_REVISION, + *ppdesc = make_sec_desc(mem_ctx, SD_REVISION, xacl.info.sd_hs3->sd->type | SEC_DESC_SELF_RELATIVE, xacl.info.sd_hs3->sd->owner_sid, xacl.info.sd_hs3->sd->group_sid, @@ -130,10 +132,11 @@ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob, memcpy(hash, xacl.info.sd_hs3->hash, XATTR_SD_HASH_SIZE); break; default: + TALLOC_FREE(frame); return NT_STATUS_REVISION_MISMATCH; } - TALLOC_FREE(xacl.info.sd); + TALLOC_FREE(frame); return (*ppdesc != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY; } @@ -274,7 +277,8 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32_t security_info, - struct security_descriptor **ppdesc) + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { DATA_BLOB blob = data_blob_null; NTSTATUS status; @@ -298,14 +302,16 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, or to return as backup. */ if (fsp) { status = SMB_VFS_NEXT_FGET_NT_ACL(handle, - fsp, - HASH_SECURITY_INFO, - &pdesc_next); + fsp, + HASH_SECURITY_INFO, + mem_ctx, + &pdesc_next); } else { status = SMB_VFS_NEXT_GET_NT_ACL(handle, - name, - HASH_SECURITY_INFO, - &pdesc_next); + name, + HASH_SECURITY_INFO, + mem_ctx, + &pdesc_next); } if (!NT_STATUS_IS_OK(status)) { @@ -324,7 +330,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, goto out; } - status = parse_acl_blob(&blob, &psd, + status = parse_acl_blob(&blob, mem_ctx, &psd, &hash_type, &hash[0]); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("parse_acl_blob returned %s\n", @@ -417,7 +423,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, if (ignore_file_system_acl) { TALLOC_FREE(pdesc_next); - status = make_default_filesystem_acl(talloc_tos(), + status = make_default_filesystem_acl(mem_ctx, name, psbuf, &psd); @@ -476,11 +482,14 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, Fetch a security descriptor given an fsp. *********************************************************************/ -static NTSTATUS fget_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, - uint32_t security_info, struct security_descriptor **ppdesc) +static NTSTATUS fget_nt_acl_common(vfs_handle_struct *handle, + files_struct *fsp, + uint32_t security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { return get_nt_acl_internal(handle, fsp, - NULL, security_info, ppdesc); + NULL, security_info, mem_ctx, ppdesc); } /********************************************************************* @@ -488,10 +497,13 @@ static NTSTATUS fget_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, *********************************************************************/ static NTSTATUS get_nt_acl_common(vfs_handle_struct *handle, - const char *name, uint32_t security_info, struct security_descriptor **ppdesc) + const char *name, + uint32_t security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { return get_nt_acl_internal(handle, NULL, - name, security_info, ppdesc); + name, security_info, mem_ctx, ppdesc); } /********************************************************************* @@ -507,6 +519,7 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, struct security_descriptor *psd = NULL; uint8_t hash[XATTR_SD_HASH_SIZE]; bool chown_needed = false; + TALLOC_CTX *frame = talloc_stackframe(); if (DEBUGLEVEL >= 10) { DEBUG(10,("fset_nt_acl_xattr: incoming sd for file %s\n", @@ -518,9 +531,11 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, status = get_nt_acl_internal(handle, fsp, NULL, SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL, + frame, &psd); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); return status; } @@ -554,6 +569,7 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd); if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + TALLOC_FREE(frame); return status; } /* We got access denied here. If we're already root, @@ -578,22 +594,26 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, security_info_sent, psd); unbecome_root(); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); return status; } } /* Get the full underlying sd, then hash. */ status = SMB_VFS_NEXT_FGET_NT_ACL(handle, - fsp, - HASH_SECURITY_INFO, - &pdesc_next); + fsp, + HASH_SECURITY_INFO, + frame, + &pdesc_next); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); return status; } status = hash_sd_sha256(pdesc_next, hash); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); return status; } @@ -610,11 +630,13 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, status = create_acl_blob(psd, &blob, XATTR_SD_HASH_TYPE_SHA256, hash); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("fset_nt_acl_xattr: create_acl_blob failed\n")); + TALLOC_FREE(frame); return status; } status = store_acl_blob_fsp(handle, fsp, &blob); + TALLOC_FREE(frame); return status; } diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index 770f6a33f0..96521bc266 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -594,6 +594,7 @@ static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, SMB_STRUCT_STAT *psbuf, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { struct security_ace *nt_ace_list; @@ -601,7 +602,6 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, struct security_acl *psa = NULL; int good_aces; size_t sd_size; - TALLOC_CTX *mem_ctx = talloc_tos(); struct afs_ace *afs_ace; @@ -663,6 +663,7 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl, struct connection_struct *conn, struct smb_filename *smb_fname, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { int ret; @@ -678,12 +679,13 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl, } return afs_to_nt_acl_common(afs_acl, &smb_fname->st, security_info, - ppdesc); + mem_ctx, ppdesc); } static size_t afs_fto_nt_acl(struct afs_acl *afs_acl, struct files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { SMB_STRUCT_STAT sbuf; @@ -691,7 +693,7 @@ static size_t afs_fto_nt_acl(struct afs_acl *afs_acl, if (fsp->fh->fd == -1) { /* Get the stat struct for the owner info. */ return afs_to_nt_acl(afs_acl, fsp->conn, fsp->fsp_name, - security_info, ppdesc); + security_info, mem_ctx, ppdesc); } if(SMB_VFS_FSTAT(fsp, &sbuf) != 0) { @@ -1008,6 +1010,7 @@ static NTSTATUS afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, static NTSTATUS afsacl_fget_nt_acl(struct vfs_handle_struct *handle, struct files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { struct afs_acl acl; @@ -1021,7 +1024,7 @@ static NTSTATUS afsacl_fget_nt_acl(struct vfs_handle_struct *handle, return NT_STATUS_ACCESS_DENIED; } - sd_size = afs_fto_nt_acl(&acl, fsp, security_info, ppdesc); + sd_size = afs_fto_nt_acl(&acl, fsp, security_info, mem_ctx, ppdesc); free_afs_acl(&acl); @@ -1029,7 +1032,8 @@ static NTSTATUS afsacl_fget_nt_acl(struct vfs_handle_struct *handle, } static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle, - const char *name, uint32 security_info, + const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { struct afs_acl acl; @@ -1053,7 +1057,7 @@ static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle, } sd_size = afs_to_nt_acl(&acl, handle->conn, smb_fname, security_info, - ppdesc); + mem_ctx, ppdesc); TALLOC_FREE(smb_fname); free_afs_acl(&acl); diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c index 0d754d7b43..0f89eb6647 100644 --- a/source3/modules/vfs_aixacl2.c +++ b/source3/modules/vfs_aixacl2.c @@ -157,6 +157,7 @@ static bool aixjfs2_get_nfs4_acl(const char *name, static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; @@ -169,17 +170,21 @@ static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle, if (retryPosix) { DEBUG(10, ("retrying with posix acl...\n")); - return posix_fget_nt_acl(fsp, security_info, ppdesc); + return posix_fget_nt_acl(fsp, security_info, + mem_ctx, ppdesc); } if (result==False) return NT_STATUS_ACCESS_DENIED; - return smb_fget_nt_acl_nfs4(fsp, security_info, ppdesc, pacl); + return smb_fget_nt_acl_nfs4(fsp, security_info, ppdesc, + mem_ctx, pacl); } static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle, const char *name, - uint32 security_info, struct security_descriptor **ppdesc) + uint32 security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; bool result; @@ -191,12 +196,13 @@ static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle, { DEBUG(10, ("retrying with posix acl...\n")); return posix_get_nt_acl(handle->conn, name, security_info, - ppdesc); + mem_ctx, ppdesc); } if (result==False) return NT_STATUS_ACCESS_DENIED; - return smb_get_nt_acl_nfs4(handle->conn, name, security_info, ppdesc, + return smb_get_nt_acl_nfs4(handle->conn, name, security_info, + mem_ctx, ppdesc, pacl); } diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c index a2bef44370..b9f241e240 100644 --- a/source3/modules/vfs_catia.c +++ b/source3/modules/vfs_catia.c @@ -703,6 +703,7 @@ static NTSTATUS catia_get_nt_acl(struct vfs_handle_struct *handle, const char *path, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { char *mapped_name = NULL; @@ -715,7 +716,7 @@ catia_get_nt_acl(struct vfs_handle_struct *handle, return status; } status = SMB_VFS_NEXT_GET_NT_ACL(handle, mapped_name, - security_info, ppdesc); + security_info, mem_ctx, ppdesc); TALLOC_FREE(mapped_name); return status; diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index aa91a48a2e..2aa4ca5b14 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -2039,12 +2039,14 @@ static void vfswrap_strict_unlock(struct vfs_handle_struct *handle, static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { NTSTATUS result; START_PROFILE(fget_nt_acl); - result = posix_fget_nt_acl(fsp, security_info, ppdesc); + result = posix_fget_nt_acl(fsp, security_info, + mem_ctx, ppdesc); END_PROFILE(fget_nt_acl); return result; } @@ -2052,12 +2054,14 @@ static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle, const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { NTSTATUS result; START_PROFILE(get_nt_acl); - result = posix_get_nt_acl(handle->conn, name, security_info, ppdesc); + result = posix_get_nt_acl(handle->conn, name, security_info, + mem_ctx, ppdesc); END_PROFILE(get_nt_acl); return result; } diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index e56c4a82a0..be8989cdb5 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -1733,12 +1733,14 @@ static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle, } static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, - struct security_descriptor **ppdesc) + uint32 security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { NTSTATUS result; - result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc); + result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, + mem_ctx, ppdesc); do_log(SMB_VFS_OP_FGET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp_str_do_log(fsp)); @@ -1749,11 +1751,13 @@ static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_stru static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { NTSTATUS result; - result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc); + result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, + mem_ctx, ppdesc); do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", name); diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 412c48c440..5ab5d4a2ad 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -348,6 +348,7 @@ static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl) static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; @@ -367,11 +368,11 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle, result = gpfs_get_nfs4_acl(fsp->fsp_name->base_name, &pacl); if (result == 0) - return smb_fget_nt_acl_nfs4(fsp, security_info, ppdesc, pacl); + return smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx, ppdesc, pacl); if (result > 0) { DEBUG(10, ("retrying with posix acl...\n")); - return posix_fget_nt_acl(fsp, security_info, ppdesc); + return posix_fget_nt_acl(fsp, security_info, mem_ctx, ppdesc); } /* GPFS ACL was not read, something wrong happened, error code is set in errno */ @@ -380,7 +381,8 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle, const char *name, - uint32 security_info, struct security_descriptor **ppdesc) + uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; int result; @@ -399,11 +401,13 @@ static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle, result = gpfs_get_nfs4_acl(name, &pacl); if (result == 0) - return smb_get_nt_acl_nfs4(handle->conn, name, security_info, ppdesc, pacl); + return smb_get_nt_acl_nfs4(handle->conn, name, security_info, + mem_ctx, ppdesc, pacl); if (result > 0) { DEBUG(10, ("retrying with posix acl...\n")); - return posix_get_nt_acl(handle->conn, name, security_info, ppdesc); + return posix_get_nt_acl(handle->conn, name, security_info, + mem_ctx, ppdesc); } /* GPFS ACL was not read, something wrong happened, error code is set in errno */ diff --git a/source3/modules/vfs_media_harmony.c b/source3/modules/vfs_media_harmony.c index a10eb5e5d3..360fca6929 100644 --- a/source3/modules/vfs_media_harmony.c +++ b/source3/modules/vfs_media_harmony.c @@ -2009,9 +2009,10 @@ out: * In this case, "name" is a path. */ static NTSTATUS mh_get_nt_acl(vfs_handle_struct *handle, - const char *name, - uint32 security_info, - struct security_descriptor **ppdesc) + const char *name, + uint32 security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { NTSTATUS status; char *clientPath; @@ -2021,7 +2022,8 @@ static NTSTATUS mh_get_nt_acl(vfs_handle_struct *handle, if (!is_in_media_files(name)) { status = SMB_VFS_NEXT_GET_NT_ACL(handle, name, - security_info, ppdesc); + security_info, + mem_ctx, ppdesc); goto out; } @@ -2037,7 +2039,8 @@ static NTSTATUS mh_get_nt_acl(vfs_handle_struct *handle, } status = SMB_VFS_NEXT_GET_NT_ACL(handle, clientPath, - security_info, ppdesc); + security_info, + mem_ctx, ppdesc); err: TALLOC_FREE(clientPath); out: diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index 7c42052af7..1cf8e37ba4 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -1188,6 +1188,7 @@ static int shadow_copy2_get_shadow_copy_data( static NTSTATUS shadow_copy2_fget_nt_acl(vfs_handle_struct *handle, struct files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { time_t timestamp; @@ -1202,6 +1203,7 @@ static NTSTATUS shadow_copy2_fget_nt_acl(vfs_handle_struct *handle, } if (timestamp == 0) { return SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, + mem_ctx, ppdesc); } conv = shadow_copy2_convert(talloc_tos(), handle, stripped, timestamp); @@ -1209,7 +1211,8 @@ static NTSTATUS shadow_copy2_fget_nt_acl(vfs_handle_struct *handle, if (conv == NULL) { return map_nt_error_from_unix(errno); } - status = SMB_VFS_NEXT_GET_NT_ACL(handle, conv, security_info, ppdesc); + status = SMB_VFS_NEXT_GET_NT_ACL(handle, conv, security_info, + mem_ctx, ppdesc); TALLOC_FREE(conv); return status; } @@ -1217,6 +1220,7 @@ static NTSTATUS shadow_copy2_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS shadow_copy2_get_nt_acl(vfs_handle_struct *handle, const char *fname, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { time_t timestamp; @@ -1230,14 +1234,15 @@ static NTSTATUS shadow_copy2_get_nt_acl(vfs_handle_struct *handle, } if (timestamp == 0) { return SMB_VFS_NEXT_GET_NT_ACL(handle, fname, security_info, - ppdesc); + mem_ctx, ppdesc); } conv = shadow_copy2_convert(talloc_tos(), handle, stripped, timestamp); TALLOC_FREE(stripped); if (conv == NULL) { return map_nt_error_from_unix(errno); } - status = SMB_VFS_NEXT_GET_NT_ACL(handle, conv, security_info, ppdesc); + status = SMB_VFS_NEXT_GET_NT_ACL(handle, conv, security_info, + mem_ctx, ppdesc); TALLOC_FREE(conv); return status; } diff --git a/source3/modules/vfs_time_audit.c b/source3/modules/vfs_time_audit.c index b7d399b263..6ff1a5571d 100644 --- a/source3/modules/vfs_time_audit.c +++ b/source3/modules/vfs_time_audit.c @@ -1671,6 +1671,7 @@ static NTSTATUS smb_time_audit_translate_name(struct vfs_handle_struct *handle, static NTSTATUS smb_time_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1678,7 +1679,8 @@ static NTSTATUS smb_time_audit_fget_nt_acl(vfs_handle_struct *handle, double timediff; clock_gettime_mono(&ts1); - result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc); + result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, + mem_ctx, ppdesc); clock_gettime_mono(&ts2); timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9; @@ -1692,6 +1694,7 @@ static NTSTATUS smb_time_audit_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS smb_time_audit_get_nt_acl(vfs_handle_struct *handle, const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1699,7 +1702,8 @@ static NTSTATUS smb_time_audit_get_nt_acl(vfs_handle_struct *handle, double timediff; clock_gettime_mono(&ts1); - result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc); + result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, + mem_ctx, ppdesc); clock_gettime_mono(&ts2); timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9; diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index 7858a6a475..bf06881462 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -192,14 +192,16 @@ static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, } static NTSTATUS zfsacl_fget_nt_acl(struct vfs_handle_struct *handle, - struct files_struct *fsp, - uint32 security_info, - struct security_descriptor **ppdesc) + struct files_struct *fsp, + uint32 security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { SMB4ACL_T *pacl; NTSTATUS status; - status = zfs_get_nt_acl_common(fsp->fsp_name->base_name, security_info, + status = zfs_get_nt_acl_common(fsp->fsp_name->base_name, + mem_ctx, security_info, &pacl); if (!NT_STATUS_IS_OK(status)) { return status; @@ -209,8 +211,9 @@ static NTSTATUS zfsacl_fget_nt_acl(struct vfs_handle_struct *handle, } static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle, - const char *name, uint32 security_info, - struct security_descriptor **ppdesc) + const char *name, uint32 security_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **ppdesc) { SMB4ACL_T *pacl; NTSTATUS status; @@ -220,7 +223,8 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle, return status; } - return smb_get_nt_acl_nfs4(handle->conn, name, security_info, ppdesc, + return smb_get_nt_acl_nfs4(handle->conn, name, security_info, + mem_ctx, ppdesc, pacl); } |