From 9158974540d0e311021f04789ed75ebda466c5b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 10 Oct 2012 10:18:32 +1100 Subject: smbd: Add mem_ctx to sys_acl_init() and all callers This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett --- source3/smbd/posix_acls.c | 47 ++++++++++++++++++++++++++++++++--------------- source3/smbd/pysmbd.c | 40 ++++++++++++++++++++-------------------- source3/smbd/trans2.c | 12 ++++++++---- source3/smbd/vfs.c | 10 ++++++---- 4 files changed, 66 insertions(+), 43 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 45a921f747..c535502efe 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -2915,7 +2915,7 @@ static bool set_canon_ace_list(files_struct *fsp, { connection_struct *conn = fsp->conn; bool ret = False; - SMB_ACL_T the_acl = sys_acl_init(); + SMB_ACL_T the_acl = sys_acl_init(talloc_tos()); canon_ace *p_ace; int i; SMB_ACL_ENTRY_T mask_entry; @@ -3675,7 +3675,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, } /* Get the ACL from the fd. */ - posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos()); pal = fload_inherited_info(fsp); @@ -3712,11 +3712,14 @@ NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, } /* Get the ACL from the path. */ - posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_ACCESS); + posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, + SMB_ACL_TYPE_ACCESS, talloc_tos()); /* If it's a directory get the default POSIX ACL. */ if(S_ISDIR(smb_fname.st.st_ex_mode)) { - def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_DEFAULT); + def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); def_acl = free_empty_sys_acl(conn, def_acl); } @@ -4353,7 +4356,8 @@ int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode SMB_ACL_T posix_acl; int result = -1; - posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, SMB_ACL_TYPE_ACCESS); + posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_ACCESS, talloc_tos()); if (posix_acl == (SMB_ACL_T)NULL) return -1; @@ -4461,7 +4465,9 @@ static int copy_access_posix_acl(connection_struct *conn, const char *from, cons SMB_ACL_T posix_acl = NULL; int ret = -1; - if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, SMB_ACL_TYPE_ACCESS)) == NULL) + if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, + SMB_ACL_TYPE_ACCESS, + talloc_tos())) == NULL) return -1; if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1) @@ -4492,7 +4498,9 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode) static bool directory_has_default_posix_acl(connection_struct *conn, const char *fname) { - SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT); + SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); bool has_acl = False; SMB_ACL_ENTRY_T entry; @@ -4531,7 +4539,7 @@ int fchmod_acl(files_struct *fsp, mode_t mode) SMB_ACL_T posix_acl = NULL; int ret = -1; - if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp)) == NULL) + if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos())) == NULL) return -1; if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1) @@ -4613,10 +4621,13 @@ static bool unix_ex_wire_to_tagtype(unsigned char wire_tt, SMB_ACL_TAG_T *p_tt) FIXME ! How does the share mask/mode fit into this.... ? ****************************************************************************/ -static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, uint16 num_acls, const char *pdata) +static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, + uint16 num_acls, + const char *pdata, + TALLOC_CTX *mem_ctx) { unsigned int i; - SMB_ACL_T the_acl = sys_acl_init(); + SMB_ACL_T the_acl = sys_acl_init(mem_ctx); if (the_acl == NULL) { return NULL; @@ -4729,7 +4740,9 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname, cons return True; } - if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, pdata)) == NULL) { + if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, + pdata, + talloc_tos())) == NULL) { return False; } @@ -4760,7 +4773,7 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c SMB_ACL_ENTRY_T entry; bool ret = False; /* Create a new ACL with only 3 entries, u/g/w. */ - SMB_ACL_T new_file_acl = sys_acl_init(); + SMB_ACL_T new_file_acl = sys_acl_init(talloc_tos()); SMB_ACL_ENTRY_T user_ent = NULL; SMB_ACL_ENTRY_T group_ent = NULL; SMB_ACL_ENTRY_T other_ent = NULL; @@ -4806,9 +4819,11 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c /* Get the current file ACL. */ if (fsp && fsp->fh->fd != -1) { - file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos()); } else { - file_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_ACCESS); + file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, + SMB_ACL_TYPE_ACCESS, + talloc_tos()); } if (file_acl == NULL) { @@ -4898,7 +4913,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char * return remove_posix_acl(conn, fsp, fname); } - if ((file_acl = create_posix_acl_from_wire(conn, num_acls, pdata)) == NULL) { + if ((file_acl = create_posix_acl_from_wire(conn, num_acls, + pdata, + talloc_tos())) == NULL) { return False; } diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 4012e6e3c7..66aba21fa8 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c @@ -154,98 +154,99 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) { + TALLOC_CTX *frame = talloc_stackframe(); + mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE; mode_t mode_user = (chmod_mode & 0700) >> 16; mode_t mode_group = (chmod_mode & 070) >> 8; mode_t mode_other = chmod_mode & 07; - SMB_ACL_ENTRY_T entry; - SMB_ACL_T acl = sys_acl_init(); + SMB_ACL_T acl = sys_acl_init(frame); if (!acl) { return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_USER_OBJ) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_user) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP_OBJ) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_group) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_OTHER) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_other) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (gid != -1) { if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_qualifier(entry, &gid) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode_group) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } } if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_tag_type(entry, SMB_ACL_MASK) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } if (sys_acl_set_permset(entry, &mode) != 0) { - TALLOC_FREE(acl); + TALLOC_FREE(frame); return NULL; } return acl; @@ -455,7 +456,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args) smbd_vfs_init(conn); - acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type); + acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type, frame); if (!acl) { TALLOC_FREE(frame); status = map_nt_error_from_unix_common(errno); @@ -463,7 +464,6 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args) PyErr_NTSTATUS_IS_ERR_RAISE(status); } - talloc_steal(frame, acl); conn_free(conn); py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 44c457cae5..61d755c03f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -4911,12 +4911,14 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, uint16 num_def_acls = 0; if (fsp && fsp->fh->fd != -1) { - file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); + file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, + talloc_tos()); } else { file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, smb_fname->base_name, - SMB_ACL_TYPE_ACCESS); + SMB_ACL_TYPE_ACCESS, + talloc_tos()); } if (file_acl == NULL && no_acl_syscall_error(errno)) { @@ -4933,13 +4935,15 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SMB_VFS_SYS_ACL_GET_FILE( conn, fsp->fsp_name->base_name, - SMB_ACL_TYPE_DEFAULT); + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); } else { def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, smb_fname->base_name, - SMB_ACL_TYPE_DEFAULT); + SMB_ACL_TYPE_DEFAULT, + talloc_tos()); } def_acl = free_empty_sys_acl(conn, def_acl); } diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index fe99ee29e9..182e334ade 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -2221,17 +2221,19 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle, SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle, const char *path_p, - SMB_ACL_TYPE_T type) + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { VFS_FIND(sys_acl_get_file); - return handle->fns->sys_acl_get_file_fn(handle, path_p, type); + return handle->fns->sys_acl_get_file_fn(handle, path_p, type, mem_ctx); } SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle, - struct files_struct *fsp) + struct files_struct *fsp, + TALLOC_CTX *mem_ctx) { VFS_FIND(sys_acl_get_fd); - return handle->fns->sys_acl_get_fd_fn(handle, fsp); + return handle->fns->sys_acl_get_fd_fn(handle, fsp, mem_ctx); } int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle, -- cgit