static int
afs_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
unsigned long arg)
{
struct afsprocdata sysargs;
#ifdef NEED_IOCTL32
struct afsprocdata32 sysargs32;
#endif
if (cmd != VIOC_SYSCALL && cmd != VIOC_SYSCALL32) return -EINVAL;
#ifdef NEED_IOCTL32
#ifdef AFS_LINUX26_ENV
#ifdef AFS_S390X_LINUX26_ENV
if (test_thread_flag(TIF_31BIT))
#elif AFS_AMD64_LINUX20_ENV
if (test_thread_flag(TIF_IA32))
#else
if (test_thread_flag(TIF_32BIT))
#endif /* AFS_S390X_LINUX26_ENV */
#else
#ifdef AFS_SPARC64_LINUX24_ENV
if (current->thread.flags & SPARC_FLAG_32BIT)
#elif defined(AFS_SPARC64_LINUX20_ENV)
if (current->tss.flags & SPARC_FLAG_32BIT)
#elif defined(AFS_AMD64_LINUX20_ENV)
if (current->thread.flags & THREAD_IA32)
#elif defined(AFS_PPC64_LINUX20_ENV)
if (current->thread.flags & PPC_FLAG_32BIT)
#elif defined(AFS_S390X_LINUX20_ENV)
if (current->thread.flags & S390_FLAG_31BIT)
#else
#error Not done for this linux type
#endif /* AFS_LINUX26_ENV */
#endif /* NEED_IOCTL32 */
{
if (copy_from_user(&sysargs32, (void *)arg,
sizeof(struct afsprocdata32)))
return -EFAULT;
return afs_syscall((unsigned long)sysargs32.syscall,
(unsigned long)sysargs32.param1,
(unsigned long)sysargs32.param2,
(unsigned long)sysargs32.param3,
(unsigned long)sysargs32.param4);
} else
#endif
{
if (copy_from_user(&sysargs, (void *)arg, sizeof(struct afsprocdata)))
return -EFAULT;
return afs_syscall(sysargs.syscall, sysargs.param1,
sysargs.param2, sysargs.param3, sysargs.param4);
}
}
static BOOL afs_get_afs_acl(char *filename, struct afs_acl *acl)
{
struct afs_iob iob;
int ret;
char space[MAXSIZE];
DEBUG(5, ("afs_get_afs_acl: %s\n", filename));
iob.in_size = 0;
iob.out_size = MAXSIZE;
iob.in = iob.out = space;
ret = afs_syscall(AFSCALL_PIOCTL, filename, VIOCGETAL,
(char *)&iob, 0);
if (ret) {
DEBUG(1, ("got error from PIOCTL: %d\n", ret));
return False;
}
if (!init_afs_acl(acl))
return False;
if (!parse_afs_acl(acl, space)) {
DEBUG(1, ("Could not parse AFS acl\n"));
free_afs_acl(acl);
return False;
}
return True;
}
static BOOL afs_settoken(const char *cell,
const struct ClearToken *ctok,
DATA_BLOB ticket)
{
int ret;
struct {
char *in, *out;
uint16 in_size, out_size;
} iob;
char buf[1024];
char *p = buf;
int tmp;
memcpy(p, &ticket.length, sizeof(uint32));
p += sizeof(uint32);
memcpy(p, ticket.data, ticket.length);
p += ticket.length;
tmp = sizeof(struct ClearToken);
memcpy(p, &tmp, sizeof(uint32));
p += sizeof(uint32);
memcpy(p, ctok, tmp);
p += tmp;
tmp = 0;
memcpy(p, &tmp, sizeof(uint32));
p += sizeof(uint32);
tmp = strlen(cell);
if (tmp >= MAXKTCREALMLEN) {
DEBUG(1, ("Realm too long\n"));
return False;
}
strncpy(p, cell, tmp);
p += tmp;
*p = 0;
p +=1;
iob.in = buf;
iob.in_size = PTR_DIFF(p,buf);
iob.out = buf;
iob.out_size = sizeof(buf);
#if 0
file_save("/tmp/ioctlbuf", iob.in, iob.in_size);
#endif
ret = afs_syscall(AFSCALL_PIOCTL, 0, VIOCSETTOK, (char *)&iob, 0);
DEBUG(10, ("afs VIOCSETTOK returned %d\n", ret));
return (ret == 0);
}
int
afsd_call_syscall(call, parm0, parm1, parm2, parm3, parm4)
{
int error;
error = afs_syscall(call, parm0, parm1, parm2, parm3, parm4);
if (afsd_verbose)
printf("SScall(%d, %d)=%d ", call, parm0, error);
return error;
}
static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
struct security_descriptor *psd)
{
struct afs_acl old_afs_acl, new_afs_acl;
struct afs_acl dir_acl, file_acl;
char acl_string[2049];
struct afs_iob iob;
int ret = -1;
pstring name;
const char *fileacls;
fileacls = lp_parm_const_string(SNUM(handle->conn), "afsacl", "fileacls",
"yes");
sidpts = lp_parm_bool(SNUM(handle->conn), "afsacl", "sidpts", False);
ZERO_STRUCT(old_afs_acl);
ZERO_STRUCT(new_afs_acl);
ZERO_STRUCT(dir_acl);
ZERO_STRUCT(file_acl);
pstrcpy(name, fsp->fsp_name);
if (!fsp->is_directory) {
/* We need to get the name of the directory containing the
* file, this is where the AFS acls live */
char *p = strrchr(name, '/');
if (p != NULL) {
*p = '\0';
} else {
pstrcpy(name, ".");
}
}
if (!afs_get_afs_acl(name, &old_afs_acl)) {
DEBUG(3, ("Could not get old ACL of %s\n", fsp->fsp_name));
goto done;
}
split_afs_acl(&old_afs_acl, &dir_acl, &file_acl);
if (fsp->is_directory) {
if (!strequal(fileacls, "yes")) {
/* Throw away file acls, we depend on the
* inheritance ACEs that also give us file
* permissions */
free_afs_acl(&file_acl);
}
free_afs_acl(&dir_acl);
if (!nt_to_afs_acl(fsp->fsp_name, security_info_sent, psd,
nt_to_afs_dir_rights, &dir_acl))
goto done;
} else {
if (strequal(fileacls, "no")) {
ret = -1;
goto done;
}
if (strequal(fileacls, "ignore")) {
ret = 0;
goto done;
}
free_afs_acl(&file_acl);
if (!nt_to_afs_acl(fsp->fsp_name, security_info_sent, psd,
nt_to_afs_file_rights, &file_acl))
goto done;
}
merge_afs_acls(&dir_acl, &file_acl, &new_afs_acl);
merge_unknown_aces(&old_afs_acl, &new_afs_acl);
unparse_afs_acl(&new_afs_acl, acl_string);
iob.in = acl_string;
iob.in_size = 1+strlen(iob.in);
iob.out = NULL;
iob.out_size = 0;
DEBUG(10, ("trying to set acl '%s' on file %s\n", iob.in, name));
ret = afs_syscall(AFSCALL_PIOCTL, name, VIOCSETAL, (char *)&iob, 0);
if (ret != 0) {
DEBUG(10, ("VIOCSETAL returned %d\n", ret));
}
done:
free_afs_acl(&dir_acl);
free_afs_acl(&file_acl);
free_afs_acl(&old_afs_acl);
free_afs_acl(&new_afs_acl);
return (ret == 0);
}
static int
os_syscall(struct afsd_syscall_args *args)
{
return afs_syscall(args->syscall, args->params[0], args->params[1],
args->params[2], args->params[3], args->params[4]);
}
