From 9158974540d0e311021f04789ed75ebda466c5b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 10 Oct 2012 10:18:32 +1100 Subject: smbd: Add mem_ctx to sys_acl_init() and all callers This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett --- examples/VFS/skel_opaque.c | 9 +++++-- examples/VFS/skel_transparent.c | 13 ++++++---- source3/include/smb_acls.h | 8 ++++--- source3/include/vfs.h | 15 ++++++++---- source3/include/vfs_macros.h | 18 +++++++------- source3/lib/sysacls.c | 12 +++++----- source3/modules/vfs_aixacl2.c | 9 +++---- source3/modules/vfs_aixacl_util.c | 4 ++-- source3/modules/vfs_aixacl_util.h | 2 +- source3/modules/vfs_cap.c | 6 +++-- source3/modules/vfs_catia.c | 5 ++-- source3/modules/vfs_default.c | 13 ++++++---- source3/modules/vfs_fake_acls.c | 18 ++++++++------ source3/modules/vfs_full_audit.c | 9 +++---- source3/modules/vfs_gpfs.c | 24 +++++++++++-------- source3/modules/vfs_hpuxacl.c | 17 ++++++++------ source3/modules/vfs_media_harmony.c | 9 +++---- source3/modules/vfs_posixacl.c | 15 ++++++------ source3/modules/vfs_posixacl.h | 6 +++-- source3/modules/vfs_solarisacl.c | 12 +++++----- source3/modules/vfs_time_audit.c | 10 ++++---- source3/modules/vfs_tru64acl.c | 18 ++++++++------ source3/smbd/posix_acls.c | 47 +++++++++++++++++++++++++------------ source3/smbd/pysmbd.c | 40 +++++++++++++++---------------- source3/smbd/trans2.c | 12 ++++++---- source3/smbd/vfs.c | 10 ++++---- source3/torture/cmd_vfs.c | 4 ++-- 27 files changed, 219 insertions(+), 146 deletions(-) diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c index a786a234d4..3b918483a8 100644 --- a/examples/VFS/skel_opaque.c +++ b/examples/VFS/skel_opaque.c @@ -574,13 +574,18 @@ static int skel_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode_t return -1; } -static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type) +static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle, + const char *path_p, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { errno = ENOSYS; return (SMB_ACL_T)NULL; } -static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp) +static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, + files_struct *fsp, + TALLOC_CTX *mem_ctx) { errno = ENOSYS; return (SMB_ACL_T)NULL; diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c index 02a994c07f..a00b0e1bef 100644 --- a/examples/VFS/skel_transparent.c +++ b/examples/VFS/skel_transparent.c @@ -689,14 +689,19 @@ static int skel_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode_t return SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode); } -static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type) +static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle, + const char *path_p, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { - return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type); + return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx); } -static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp) +static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, + files_struct *fsp, + TALLOC_CTX *mem_ctx) { - return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp); + return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx); } static int skel_sys_acl_blob_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type, diff --git a/source3/include/smb_acls.h b/source3/include/smb_acls.h index dbcf3b7269..3ac23dbbfd 100644 --- a/source3/include/smb_acls.h +++ b/source3/include/smb_acls.h @@ -44,7 +44,7 @@ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d); int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm); int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm); char *sys_acl_to_text(const struct smb_acl_t *acl_d, ssize_t *len_p); -SMB_ACL_T sys_acl_init(void); +SMB_ACL_T sys_acl_init(TALLOC_CTX *mem_ctx); int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p); int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type); int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p); @@ -52,8 +52,10 @@ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d); int sys_acl_free_text(char *text); int sys_acl_valid(SMB_ACL_T acl_d); SMB_ACL_T sys_acl_get_file(struct vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type); -SMB_ACL_T sys_acl_get_fd(struct vfs_handle_struct *handle, struct files_struct *fsp); + const char *path_p, SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx); +SMB_ACL_T sys_acl_get_fd(struct vfs_handle_struct *handle, struct files_struct *fsp, + TALLOC_CTX *mem_ctx); int sys_acl_set_file(struct vfs_handle_struct *handle, const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d); int sys_acl_set_fd(struct vfs_handle_struct *handle, struct files_struct *fsp, diff --git a/source3/include/vfs.h b/source3/include/vfs.h index c83e7ed54b..4ba11be94e 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -692,8 +692,13 @@ struct vfs_fn_pointers { int (*chmod_acl_fn)(struct vfs_handle_struct *handle, const char *name, mode_t mode); int (*fchmod_acl_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, mode_t mode); - SMB_ACL_T (*sys_acl_get_file_fn)(struct vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type); - SMB_ACL_T (*sys_acl_get_fd_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp); + SMB_ACL_T (*sys_acl_get_file_fn)(struct vfs_handle_struct *handle, + const char *path_p, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx); + SMB_ACL_T (*sys_acl_get_fd_fn)(struct vfs_handle_struct *handle, + struct files_struct *fsp, + TALLOC_CTX *mem_ctx); int (*sys_acl_blob_get_file_fn)(struct vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx, char **blob_description, DATA_BLOB *blob); @@ -1094,9 +1099,11 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle, struct files_struct *fsp, mode_t mode); SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type); + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx); SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle, - struct files_struct *fsp); + struct files_struct *fsp, + TALLOC_CTX *mem_ctx); int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 4eca1b0748..f1bc8ffa4c 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -429,15 +429,15 @@ #define SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode) \ smb_vfs_call_fchmod_acl((handle)->next, (fsp), (mode)) -#define SMB_VFS_SYS_ACL_GET_FILE(conn, path_p, type) \ - smb_vfs_call_sys_acl_get_file((conn)->vfs_handles, (path_p), (type)) -#define SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type) \ - smb_vfs_call_sys_acl_get_file((handle)->next, (path_p), (type)) - -#define SMB_VFS_SYS_ACL_GET_FD(fsp) \ - smb_vfs_call_sys_acl_get_fd((fsp)->conn->vfs_handles, (fsp)) -#define SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp) \ - smb_vfs_call_sys_acl_get_fd((handle)->next, (fsp)) +#define SMB_VFS_SYS_ACL_GET_FILE(conn, path_p, type, mem_ctx) \ + smb_vfs_call_sys_acl_get_file((conn)->vfs_handles, (path_p), (type), (mem_ctx)) +#define SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx) \ + smb_vfs_call_sys_acl_get_file((handle)->next, (path_p), (type), (mem_ctx)) + +#define SMB_VFS_SYS_ACL_GET_FD(fsp, mem_ctx) \ + smb_vfs_call_sys_acl_get_fd((fsp)->conn->vfs_handles, (fsp), (mem_ctx)) +#define SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx) \ + smb_vfs_call_sys_acl_get_fd((handle)->next, (fsp), (mem_ctx)) #define SMB_VFS_SYS_ACL_BLOB_GET_FILE(conn, path_p, type, mem_ctx, blob_description, blob) \ smb_vfs_call_sys_acl_blob_get_file((conn)->vfs_handles, (path_p), (type), (mem_ctx), (blob_description), (blob)) diff --git a/source3/lib/sysacls.c b/source3/lib/sysacls.c index a5430d6a0d..2245491030 100644 --- a/source3/lib/sysacls.c +++ b/source3/lib/sysacls.c @@ -249,11 +249,11 @@ char *sys_acl_to_text(const struct smb_acl_t *acl_d, ssize_t *len_p) return text; } -SMB_ACL_T sys_acl_init(void) +SMB_ACL_T sys_acl_init(TALLOC_CTX *mem_ctx) { SMB_ACL_T a; - if ((a = talloc(NULL, struct smb_acl_t)) == NULL) { + if ((a = talloc(mem_ctx, struct smb_acl_t)) == NULL) { errno = ENOMEM; return NULL; } @@ -364,14 +364,14 @@ int sys_acl_valid(SMB_ACL_T acl_d) #if defined(HAVE_POSIX_ACLS) SMB_ACL_T sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type) + const char *path_p, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx) { - return posixacl_sys_acl_get_file(handle, path_p, type); + return posixacl_sys_acl_get_file(handle, path_p, type, mem_ctx); } -SMB_ACL_T sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp) +SMB_ACL_T sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp, TALLOC_CTX *mem_ctx) { - return posixacl_sys_acl_get_fd(handle, fsp); + return posixacl_sys_acl_get_fd(handle, fsp, mem_ctx); } int sys_acl_set_file(vfs_handle_struct *handle, diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c index dd705ea319..0d754d7b43 100644 --- a/source3/modules/vfs_aixacl2.c +++ b/source3/modules/vfs_aixacl2.c @@ -200,7 +200,7 @@ static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle, pacl); } -static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type) +static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type, TALLOC_CTX *mem_ctx) { aixc_acl_t *pacl; AIXJFS2_ACL_T *acl; @@ -222,7 +222,7 @@ static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type) DEBUG(10, ("len: %d, mode: %d\n", pacl->acl_len, pacl->acl_mode)); - result = aixacl_to_smbacl(pacl); + result = aixacl_to_smbacl(pacl, mem_ctx); if (result == NULL) { goto done; } @@ -236,7 +236,8 @@ static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type) SMB_ACL_T aixjfs2_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { acl_type_t aixjfs2_type; @@ -252,7 +253,7 @@ SMB_ACL_T aixjfs2_sys_acl_get_file(vfs_handle_struct *handle, smb_panic("exiting"); } - return aixjfs2_get_posix_acl(path_p, aixjfs2_type); + return aixjfs2_get_posix_acl(path_p, aixjfs2_type, mem_ctx); } SMB_ACL_T aixjfs2_sys_acl_get_fd(vfs_handle_struct *handle, diff --git a/source3/modules/vfs_aixacl_util.c b/source3/modules/vfs_aixacl_util.c index 82e8bd1580..1194d27df2 100644 --- a/source3/modules/vfs_aixacl_util.c +++ b/source3/modules/vfs_aixacl_util.c @@ -22,12 +22,12 @@ #include "smbd/smbd.h" #include "vfs_aixacl_util.h" -SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl) +SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl, TALLOC_CTX *mem_ctx) { struct acl_entry *acl_entry; struct ace_id *idp; - struct smb_acl_t *result = sys_acl_init(); + struct smb_acl_t *result = sys_acl_init(mem_ctx); struct smb_acl_entry *ace; int i; diff --git a/source3/modules/vfs_aixacl_util.h b/source3/modules/vfs_aixacl_util.h index 2447252eba..e283a3d1d4 100644 --- a/source3/modules/vfs_aixacl_util.h +++ b/source3/modules/vfs_aixacl_util.h @@ -17,6 +17,6 @@ along with this program. If not, see . */ -SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl); +SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl, TALLOC_CTX *mem_ctx); struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl); diff --git a/source3/modules/vfs_cap.c b/source3/modules/vfs_cap.c index 2454e12b6f..f2f8d7174f 100644 --- a/source3/modules/vfs_cap.c +++ b/source3/modules/vfs_cap.c @@ -409,7 +409,9 @@ static int cap_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mod return SMB_VFS_NEXT_CHMOD_ACL(handle, cappath, mode); } -static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T type) +static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle, + const char *path, SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { char *cappath = capencode(talloc_tos(), path); @@ -417,7 +419,7 @@ static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle, const char *pat errno = ENOMEM; return (SMB_ACL_T)NULL; } - return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, cappath, type); + return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, cappath, type, mem_ctx); } static int cap_sys_acl_set_file(vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl) diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c index 821a755e06..a2bef44370 100644 --- a/source3/modules/vfs_catia.c +++ b/source3/modules/vfs_catia.c @@ -745,7 +745,8 @@ catia_chmod_acl(vfs_handle_struct *handle, static SMB_ACL_T catia_sys_acl_get_file(vfs_handle_struct *handle, const char *path, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { char *mapped_name = NULL; NTSTATUS status; @@ -758,7 +759,7 @@ catia_sys_acl_get_file(vfs_handle_struct *handle, return NULL; } - ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, mapped_name, type); + ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, mapped_name, type, mem_ctx); TALLOC_FREE(mapped_name); return ret; diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 8392feb8c4..aa91a48a2e 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -2111,14 +2111,19 @@ static int vfswrap_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode #endif } -static SMB_ACL_T vfswrap_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type) +static SMB_ACL_T vfswrap_sys_acl_get_file(vfs_handle_struct *handle, + const char *path_p, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { - return sys_acl_get_file(handle, path_p, type); + return sys_acl_get_file(handle, path_p, type, mem_ctx); } -static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp) +static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle, + files_struct *fsp, + TALLOC_CTX *mem_ctx) { - return sys_acl_get_fd(handle, fsp); + return sys_acl_get_fd(handle, fsp, mem_ctx); } static int vfswrap_sys_acl_set_file(vfs_handle_struct *handle, const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl) diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c index 6390b67395..a6e01b061e 100644 --- a/source3/modules/vfs_fake_acls.c +++ b/source3/modules/vfs_fake_acls.c @@ -189,11 +189,10 @@ static int fake_acls_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STR return ret; } -static SMB_ACL_T fake_acls_blob2acl(DATA_BLOB *blob) +static SMB_ACL_T fake_acls_blob2acl(DATA_BLOB *blob, TALLOC_CTX *mem_ctx) { enum ndr_err_code ndr_err; - /* For now, ACLs are allocated on NULL */ - struct smb_acl_t *acl = talloc(NULL, struct smb_acl_t); + struct smb_acl_t *acl = talloc(mem_ctx, struct smb_acl_t); if (!acl) { errno = ENOMEM; return NULL; @@ -226,7 +225,10 @@ static DATA_BLOB fake_acls_acl2blob(TALLOC_CTX *mem_ctx, SMB_ACL_T acl) return blob; } -static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T type) +static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle, + const char *path, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { DATA_BLOB blob = data_blob_null; ssize_t length; @@ -258,13 +260,15 @@ static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle, co return NULL; } if (length != -1) { - acl = fake_acls_blob2acl(&blob); + acl = fake_acls_blob2acl(&blob, mem_ctx); } TALLOC_FREE(frame); return acl; } -static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle, files_struct *fsp) +static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle, + files_struct *fsp, + TALLOC_CTX *mem_ctx) { DATA_BLOB blob = data_blob_null; ssize_t length; @@ -288,7 +292,7 @@ static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle, file return NULL; } if (length != -1) { - acl = fake_acls_blob2acl(&blob); + acl = fake_acls_blob2acl(&blob, mem_ctx); } TALLOC_FREE(frame); return acl; diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 6050c55027..e56c4a82a0 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -1803,11 +1803,12 @@ static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fs static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { SMB_ACL_T result; - result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type); + result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx); do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle, "%s", path_p); @@ -1816,11 +1817,11 @@ static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle, } static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, TALLOC_CTX *mem_ctx) { SMB_ACL_T result; - result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp); + result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx); do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle, "%s", fsp_str_do_log(fsp)); diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 8959fe6056..412c48c440 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -549,12 +549,12 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } -static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) +static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx) { SMB_ACL_T result; gpfs_aclCount_t i; - result = sys_acl_init(); + result = sys_acl_init(mem_ctx); if (result == NULL) { errno = ENOMEM; return NULL; @@ -614,7 +614,8 @@ static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) return result; } -static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) +static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type, + TALLOC_CTX *mem_ctx) { struct gpfs_acl *pacl; SMB_ACL_T result = NULL; @@ -641,7 +642,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); - result = gpfs2smb_acl(pacl); + result = gpfs2smb_acl(pacl, mem_ctx); if (result != NULL) { errno = 0; } @@ -656,7 +657,8 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { gpfs_aclType_t gpfs_type; struct gpfs_config_data *config; @@ -666,7 +668,8 @@ static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, return NULL); if (!config->acl) { - return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type); + return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, + type, mem_ctx); } switch(type) { @@ -681,11 +684,12 @@ static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, smb_panic("exiting"); } - return gpfsacl_get_posix_acl(path_p, gpfs_type); + return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx); } static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, + TALLOC_CTX *mem_ctx) { struct gpfs_config_data *config; @@ -694,11 +698,11 @@ static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle, return NULL); if (!config->acl) { - return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp); + return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx); } return gpfsacl_get_posix_acl(fsp->fsp_name->base_name, - GPFS_ACL_TYPE_ACCESS); + GPFS_ACL_TYPE_ACCESS, mem_ctx); } static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, diff --git a/source3/modules/vfs_hpuxacl.c b/source3/modules/vfs_hpuxacl.c index 884cc5c6f6..6a0fb9b618 100644 --- a/source3/modules/vfs_hpuxacl.c +++ b/source3/modules/vfs_hpuxacl.c @@ -112,7 +112,7 @@ static bool smb_acl_to_hpux_acl(SMB_ACL_T smb_acl, HPUX_ACL_T *solariacl, int *count, SMB_ACL_TYPE_T type); static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpuxacl, int count, - SMB_ACL_TYPE_T type); + SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx); static HPUX_ACL_TAG_T smb_tag_to_hpux_tag(SMB_ACL_TAG_T smb_tag); static SMB_ACL_TAG_T hpux_tag_to_smb_tag(HPUX_ACL_TAG_T hpux_tag); static bool hpux_add_to_acl(HPUX_ACL_T *hpux_acl, int *count, @@ -140,7 +140,8 @@ static bool hpux_aclsort_call_present(void); SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { SMB_ACL_T result = NULL; int count; @@ -168,7 +169,7 @@ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, if (!hpux_acl_get_file(path_p, &hpux_acl, &count)) { goto done; } - result = hpux_acl_to_smb_acl(hpux_acl, count, type); + result = hpux_acl_to_smb_acl(hpux_acl, count, type, mem_ctx); if (result == NULL) { DEBUG(10, ("conversion hpux_acl -> smb_acl failed (%s).\n", strerror(errno))); @@ -186,7 +187,8 @@ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, * get the access ACL of a file referred to by a fd */ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, + TALLOC_CTX *mem_ctx) { /* * HPUX doesn't have the facl call. Fake it using the path.... JRA. @@ -200,7 +202,8 @@ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, return hpuxacl_sys_acl_get_file(handle, fsp->fsp_name->base_name, - SMB_ACL_TYPE_ACCESS); + SMB_ACL_TYPE_ACCESS, + mem_ctx); } @@ -490,12 +493,12 @@ static bool smb_acl_to_hpux_acl(SMB_ACL_T smb_acl, * soaris acl to the SMB_ACL format. */ static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpux_acl, int count, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx) { SMB_ACL_T result; int i; - if ((result = sys_acl_init()) == NULL) { + if ((result = sys_acl_init(mem_ctx)) == NULL) { DEBUG(10, ("error allocating memory for SMB_ACL\n")); goto fail; } diff --git a/source3/modules/vfs_media_harmony.c b/source3/modules/vfs_media_harmony.c index 647db7c161..a10eb5e5d3 100644 --- a/source3/modules/vfs_media_harmony.c +++ b/source3/modules/vfs_media_harmony.c @@ -2085,8 +2085,9 @@ out: * Failure: set errno, return NULL */ static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, - SMB_ACL_TYPE_T type) + const char *path_p, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { SMB_ACL_T ret; char *clientPath; @@ -2095,7 +2096,7 @@ static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle, DEBUG(MH_INFO_DEBUG, ("Entering mh_sys_acl_get_file\n")); if (!is_in_media_files(path_p)) { - ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type); + ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx); goto out; } @@ -2110,7 +2111,7 @@ static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle, goto err; } - ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, clientPath, type); + ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, clientPath, type, mem_ctx); err: TALLOC_FREE(clientPath); out: diff --git a/source3/modules/vfs_posixacl.c b/source3/modules/vfs_posixacl.c index 50487ff4de..1714b137d6 100644 --- a/source3/modules/vfs_posixacl.c +++ b/source3/modules/vfs_posixacl.c @@ -26,7 +26,7 @@ static bool smb_ace_to_internal(acl_entry_t posix_ace, struct smb_acl_entry *ace); -static struct smb_acl_t *smb_acl_to_internal(acl_t acl); +static struct smb_acl_t *smb_acl_to_internal(acl_t acl, TALLOC_CTX *mem_ctx); static int smb_acl_set_mode(acl_entry_t entry, SMB_ACL_PERM_T perm); static acl_t smb_acl_to_posix(const struct smb_acl_t *acl); @@ -35,7 +35,8 @@ static acl_t smb_acl_to_posix(const struct smb_acl_t *acl); SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { struct smb_acl_t *result; acl_type_t acl_type; @@ -59,13 +60,13 @@ SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle, return NULL; } - result = smb_acl_to_internal(acl); + result = smb_acl_to_internal(acl, mem_ctx); acl_free(acl); return result; } SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, TALLOC_CTX *mem_ctx) { struct smb_acl_t *result; acl_t acl = acl_get_fd(fsp->fh->fd); @@ -74,7 +75,7 @@ SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle, return NULL; } - result = smb_acl_to_internal(acl); + result = smb_acl_to_internal(acl, mem_ctx); acl_free(acl); return result; } @@ -212,9 +213,9 @@ static bool smb_ace_to_internal(acl_entry_t posix_ace, return True; } -static struct smb_acl_t *smb_acl_to_internal(acl_t acl) +static struct smb_acl_t *smb_acl_to_internal(acl_t acl, TALLOC_CTX *mem_ctx) { - struct smb_acl_t *result = sys_acl_init(); + struct smb_acl_t *result = sys_acl_init(mem_ctx); int entry_id = ACL_FIRST_ENTRY; acl_entry_t e; if (result == NULL) { diff --git a/source3/modules/vfs_posixacl.h b/source3/modules/vfs_posixacl.h index 9ef3f86620..b0fe841e1b 100644 --- a/source3/modules/vfs_posixacl.h +++ b/source3/modules/vfs_posixacl.h @@ -23,10 +23,12 @@ SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type); + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx); SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp); + files_struct *fsp, + TALLOC_CTX *mem_ctx); int posixacl_sys_acl_set_file(vfs_handle_struct *handle, const char *name, diff --git a/source3/modules/vfs_solarisacl.c b/source3/modules/vfs_solarisacl.c index 10b6f707d7..ad25e88f62 100644 --- a/source3/modules/vfs_solarisacl.c +++ b/source3/modules/vfs_solarisacl.c @@ -45,7 +45,7 @@ static bool smb_acl_to_solaris_acl(SMB_ACL_T smb_acl, SOLARIS_ACL_T *solariacl, int *count, SMB_ACL_TYPE_T type); static SMB_ACL_T solaris_acl_to_smb_acl(SOLARIS_ACL_T solarisacl, int count, - SMB_ACL_TYPE_T type); + SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx); static SOLARIS_ACL_TAG_T smb_tag_to_solaris_tag(SMB_ACL_TAG_T smb_tag); static SMB_ACL_TAG_T solaris_tag_to_smb_tag(SOLARIS_ACL_TAG_T solaris_tag); static bool solaris_add_to_acl(SOLARIS_ACL_T *solaris_acl, int *count, @@ -64,7 +64,7 @@ static bool solaris_acl_check(SOLARIS_ACL_T solaris_acl, int count); SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx) { SMB_ACL_T result = NULL; int count; @@ -85,7 +85,7 @@ SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle, if (!solaris_acl_get_file(path_p, &solaris_acl, &count)) { goto done; } - result = solaris_acl_to_smb_acl(solaris_acl, count, type); + result = solaris_acl_to_smb_acl(solaris_acl, count, type, mem_ctx); if (result == NULL) { DEBUG(10, ("conversion solaris_acl -> smb_acl failed (%s).\n", strerror(errno))); @@ -103,7 +103,7 @@ SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle, * get the access ACL of a file referred to by a fd */ SMB_ACL_T solarisacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, TALLOC_CTX *mem_ctx) { SMB_ACL_T result = NULL; int count; @@ -424,12 +424,12 @@ static bool smb_acl_to_solaris_acl(SMB_ACL_T smb_acl, * soaris acl to the SMB_ACL format. */ static SMB_ACL_T solaris_acl_to_smb_acl(SOLARIS_ACL_T solaris_acl, int count, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx) { SMB_ACL_T result; int i; - if ((result = sys_acl_init()) == NULL) { + if ((result = sys_acl_init(mem_ctx)) == NULL) { DEBUG(10, ("error allocating memory for SMB_ACL\n")); goto fail; } diff --git a/source3/modules/vfs_time_audit.c b/source3/modules/vfs_time_audit.c index 7571b2f340..b7d399b263 100644 --- a/source3/modules/vfs_time_audit.c +++ b/source3/modules/vfs_time_audit.c @@ -1772,14 +1772,15 @@ static int smb_time_audit_fchmod_acl(vfs_handle_struct *handle, static SMB_ACL_T smb_time_audit_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { SMB_ACL_T result; struct timespec ts1,ts2; double timediff; clock_gettime_mono(&ts1); - result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type); + result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx); clock_gettime_mono(&ts2); timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9; @@ -1791,14 +1792,15 @@ static SMB_ACL_T smb_time_audit_sys_acl_get_file(vfs_handle_struct *handle, } static SMB_ACL_T smb_time_audit_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, + TALLOC_CTX *mem_ctx) { SMB_ACL_T result; struct timespec ts1,ts2; double timediff; clock_gettime_mono(&ts1); - result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp); + result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx); clock_gettime_mono(&ts2); timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9; diff --git a/source3/modules/vfs_tru64acl.c b/source3/modules/vfs_tru64acl.c index 918f7c6d00..6eadee613c 100644 --- a/source3/modules/vfs_tru64acl.c +++ b/source3/modules/vfs_tru64acl.c @@ -24,7 +24,8 @@ /* prototypes for private functions first - for clarity */ -static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl); +static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl, + TALLOC_CTX *mem_ctx); static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace, struct smb_acl_entry *smb_ace); static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl); @@ -38,7 +39,8 @@ static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset); SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { struct smb_acl_t *result; acl_type_t the_acl_type; @@ -64,13 +66,14 @@ SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle, return NULL; } - result = tru64_acl_to_smb_acl(tru64_acl); + result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx); acl_free(tru64_acl); return result; } SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp) + files_struct *fsp, + TALLOC_CTX *mem_ctx) { struct smb_acl_t *result; acl_t tru64_acl = acl_get_fd(fsp->fh->fd, ACL_TYPE_ACCESS); @@ -79,7 +82,7 @@ SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle, return NULL; } - result = tru64_acl_to_smb_acl(tru64_acl); + result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx); acl_free(tru64_acl); return result; } @@ -153,14 +156,15 @@ int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle, /* private functions */ -static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl) +static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl, + TALLOC_CTX *mem_ctx) { struct smb_acl_t *result; acl_entry_t entry; DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n")); - if ((result = sys_acl_init()) == NULL) { + if ((result = sys_acl_init(mem_ctx)) == NULL) { DEBUG(0, ("sys_acl_init() failed in tru64_acl_to_smb_acl\n")); errno = ENOMEM; goto fail; diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 45a921f747..c535502efe 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -2915,7 +2915,7 @@ static bool set_canon_ace_list(files_struct *fsp, { connection_struct *conn = fsp->conn; bool ret = False; - SMB_ACL_T the_acl = sys_acl_init(); + SMB_ACL_T the_acl = sys_acl_init(talloc_tos()); canon_ace *p_ace; int i; SMB_ACL_ENTRY_T mask_entry; @@ -3675,7 +3675,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, } /* Get the ACL from the fd. */ - posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos()); pal = fload_inherited_info(fsp); @@ -3712,11 +3712,14 @@ NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, } /* Get the ACL from the path. */ - posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_ACCESS); + posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, + SMB_ACL_TYPE_ACCESS, talloc_tos()); /* If it's a directory get the default POSIX ACL. */ if(S_ISDIR(smb_fname.st.st_ex_mode)) { - def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_DEFAULT); + def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); def_acl = free_empty_sys_acl(conn, def_acl); } @@ -4353,7 +4356,8 @@ int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode SMB_ACL_T posix_acl; int result = -1; - posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, SMB_ACL_TYPE_ACCESS); + posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_ACCESS, talloc_tos()); if (posix_acl == (SMB_ACL_T)NULL) return -1; @@ -4461,7 +4465,9 @@ static int copy_access_posix_acl(connection_struct *conn, const char *from, cons SMB_ACL_T posix_acl = NULL; int ret = -1; - if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, SMB_ACL_TYPE_ACCESS)) == NULL) + if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, + SMB_ACL_TYPE_ACCESS, + talloc_tos())) == NULL) return -1; if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1) @@ -4492,7 +4498,9 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode) static bool directory_has_default_posix_acl(connection_struct *conn, const char *fname) { - SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT); + SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); bool has_acl = False; SMB_ACL_ENTRY_T entry; @@ -4531,7 +4539,7 @@ int fchmod_acl(files_struct *fsp, mode_t mode) SMB_ACL_T posix_acl = NULL; int ret = -1; - if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp)) == NULL) + if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos())) == NULL) return -1; if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1) @@ -4613,10 +4621,13 @@ static bool unix_ex_wire_to_tagtype(unsigned char wire_tt, SMB_ACL_TAG_T *p_tt) FIXME ! How does the share mask/mode fit into this.... ? ****************************************************************************/ -static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, uint16 num_acls, const char *pdata) +static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, + uint16 num_acls, + const char *pdata, + TALLOC_CTX *mem_ctx) { unsigned int i; - SMB_ACL_T the_acl = sys_acl_init(); + SMB_ACL_T the_acl = sys_acl_init(mem_ctx); if (the_acl == NULL) { return NULL; @@ -4729,7 +4740,9 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname, cons return True; } - if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, pdata)) == NULL) { + if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, + pdata, + talloc_tos())) == NULL) { return False; } @@ -4760,7 +4773,7 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c SMB_ACL_ENTRY_T entry; bool ret = False; /* Create a new ACL with only 3 entries, u/g/w. */ - SMB_ACL_T new_file_acl = sys_acl_init(); + SMB_ACL_T new_file_acl = sys_acl_init(talloc_tos()); SMB_ACL_ENTRY_T user_ent = NULL; SMB_ACL_ENTRY_T group_ent = NULL; SMB_ACL_ENTRY_T other_ent = NULL; @@ -4806,9 +4819,11 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c /* Get the current file ACL. */ if (fsp && fsp->fh->fd != -1) { - file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos()); } else { - file_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_ACCESS); + file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_ACCESS, + talloc_tos()); } if (file_acl == NULL) { @@ -4898,7 +4913,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char * return remove_posix_acl(conn, fsp, fname); } - if ((file_acl = create_posix_acl_from_wire(conn, num_acls, pdata)) == NULL) { + if ((file_acl = create_posix_acl_from_wire(conn, num_acls, + pdata, + talloc_tos())) == NULL) { return False; } diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 4012e6e3c7..66aba21fa8 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c @@ -154,98 +154,99 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) { + TALLOC_CTX *frame = talloc_stackframe(); + mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE; mode_t mode_user = (chmod_mode & 0700) >> 16; mode_t mode_group = (chmod_mode & 070) >> 8; mode_t mode_other = chmod_mode & 07; - SMB_ACL_ENTRY_T entry; - SMB_ACL_T acl = sys_acl_init(); + SMB_ACL_T acl = sys_acl_init(frame); if (!acl) { return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_USER_OBJ) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_user) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP_OBJ) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_group) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_OTHER) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_other) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (gid != -1) { if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_qualifier(entry, &gid) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_group) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_MASK) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } return acl; @@ -455,7 +456,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args) smbd_vfs_init(conn); - acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type); + acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type, frame); if (!acl) { TALLOC_FREE(frame); status = map_nt_error_from_unix_common(errno); @@ -463,7 +464,6 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args) PyErr_NTSTATUS_IS_ERR_RAISE(status); } - talloc_steal(frame, acl); conn_free(conn); py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 44c457cae5..61d755c03f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -4911,12 +4911,14 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, uint16 num_def_acls = 0; if (fsp && fsp->fh->fd != -1) { - file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, + talloc_tos()); } else { file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, smb_fname->base_name, - SMB_ACL_TYPE_ACCESS); + SMB_ACL_TYPE_ACCESS, + talloc_tos()); } if (file_acl == NULL && no_acl_syscall_error(errno)) { @@ -4933,13 +4935,15 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SMB_VFS_SYS_ACL_GET_FILE( conn, fsp->fsp_name->base_name, - SMB_ACL_TYPE_DEFAULT); + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); } else { def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, smb_fname->base_name, - SMB_ACL_TYPE_DEFAULT); + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); } def_acl = free_empty_sys_acl(conn, def_acl); } diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index fe99ee29e9..182e334ade 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -2221,17 +2221,19 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle, SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { VFS_FIND(sys_acl_get_file); - return handle->fns->sys_acl_get_file_fn(handle, path_p, type); + return handle->fns->sys_acl_get_file_fn(handle, path_p, type, mem_ctx); } SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle, - struct files_struct *fsp) + struct files_struct *fsp, + TALLOC_CTX *mem_ctx) { VFS_FIND(sys_acl_get_fd); - return handle->fns->sys_acl_get_fd_fn(handle, fsp); + return handle->fns->sys_acl_get_fd_fn(handle, fsp, mem_ctx); } int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle, diff --git a/source3/torture/cmd_vfs.c b/source3/torture/cmd_vfs.c index 236b9c09f8..7755f8ac2a 100644 --- a/source3/torture/cmd_vfs.c +++ b/source3/torture/cmd_vfs.c @@ -1572,7 +1572,7 @@ static NTSTATUS cmd_sys_acl_get_fd(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - acl = SMB_VFS_SYS_ACL_GET_FD(vfs->files[fd]); + acl = SMB_VFS_SYS_ACL_GET_FD(vfs->files[fd], talloc_tos()); if (!acl) { printf("sys_acl_get_fd failed (%s)\n", strerror(errno)); return status; @@ -1597,7 +1597,7 @@ static NTSTATUS cmd_sys_acl_get_file(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, } type = atoi(argv[2]); - acl = SMB_VFS_SYS_ACL_GET_FILE(vfs->conn, argv[1], type); + acl = SMB_VFS_SYS_ACL_GET_FILE(vfs->conn, argv[1], type, talloc_tos()); if (!acl) { printf("sys_acl_get_file failed (%s)\n", strerror(errno)); return status; -- cgit