7568150a58e78021968b6c22bc28e9787b33496agwr * CDDL HEADER START
7568150a58e78021968b6c22bc28e9787b33496agwr * The contents of this file are subject to the terms of the
7568150a58e78021968b6c22bc28e9787b33496agwr * Common Development and Distribution License (the "License").
7568150a58e78021968b6c22bc28e9787b33496agwr * You may not use this file except in compliance with the License.
7568150a58e78021968b6c22bc28e9787b33496agwr * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
7568150a58e78021968b6c22bc28e9787b33496agwr * See the License for the specific language governing permissions
7568150a58e78021968b6c22bc28e9787b33496agwr * and limitations under the License.
7568150a58e78021968b6c22bc28e9787b33496agwr * When distributing Covered Code, include this CDDL HEADER in each
7568150a58e78021968b6c22bc28e9787b33496agwr * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
7568150a58e78021968b6c22bc28e9787b33496agwr * If applicable, add the following below this CDDL HEADER, with the
7568150a58e78021968b6c22bc28e9787b33496agwr * fields enclosed by brackets "[]" replaced with your own identifying
7568150a58e78021968b6c22bc28e9787b33496agwr * information: Portions Copyright [yyyy] [name of copyright owner]
7568150a58e78021968b6c22bc28e9787b33496agwr * CDDL HEADER END
bd7c6f51f14365fc31d408903b38c02177384d3dGordon Ross * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
7568150a58e78021968b6c22bc28e9787b33496agwr * Use is subject to license terms.
7568150a58e78021968b6c22bc28e9787b33496agwr * ACL API for smbfs
7568150a58e78021968b6c22bc28e9787b33496agwr/* Sanity check SD sizes */
7568150a58e78021968b6c22bc28e9787b33496agwr * Get/set a Windows security descriptor (SD)
7568150a58e78021968b6c22bc28e9787b33496agwr * using the (private) smbfs ioctl mechanism.
7568150a58e78021968b6c22bc28e9787b33496agwr * Note: Get allocates mbp->mb_top
7568150a58e78021968b6c22bc28e9787b33496agwr/* ARGSUSED */
7568150a58e78021968b6c22bc28e9787b33496agwrsmbfs_acl_iocget(int fd, uint32_t selector, mbdata_t *mbp)
7568150a58e78021968b6c22bc28e9787b33496agwr struct mbuf *m;
7568150a58e78021968b6c22bc28e9787b33496agwr * This does the OTW Get.
7568150a58e78021968b6c22bc28e9787b33496agwr return (0);
7568150a58e78021968b6c22bc28e9787b33496agwr/* ARGSUSED */
7568150a58e78021968b6c22bc28e9787b33496agwrsmbfs_acl_iocset(int fd, uint32_t selector, mbdata_t *mbp)
7568150a58e78021968b6c22bc28e9787b33496agwr struct mbuf *m;
7568150a58e78021968b6c22bc28e9787b33496agwr /* Make the data contiguous. */
7568150a58e78021968b6c22bc28e9787b33496agwr * This does the OTW Set.
7568150a58e78021968b6c22bc28e9787b33496agwr * Get an NT SD from the open file via ioctl.
7568150a58e78021968b6c22bc28e9787b33496agwrsmbfs_acl_getsd(int fd, uint32_t selector, i_ntsd_t **sdp)
7568150a58e78021968b6c22bc28e9787b33496agwr * Get the raw Windows SD via ioctl.
7568150a58e78021968b6c22bc28e9787b33496agwr * Returns allocated mbchain in mbp.
7568150a58e78021968b6c22bc28e9787b33496agwr if (error == 0) {
7568150a58e78021968b6c22bc28e9787b33496agwr * Import the raw SD into "internal" form.
7568150a58e78021968b6c22bc28e9787b33496agwr * (like "absolute" form per. NT docs)
7568150a58e78021968b6c22bc28e9787b33496agwr * Returns allocated data in sdp
7568150a58e78021968b6c22bc28e9787b33496agwr * Set an NT SD onto the open file via ioctl.
7568150a58e78021968b6c22bc28e9787b33496agwr * Export the "internal" SD into an mb chain.
7568150a58e78021968b6c22bc28e9787b33496agwr * (a.k.a "self-relative" form per. NT docs)
7568150a58e78021968b6c22bc28e9787b33496agwr * Returns allocated mbchain in mbp.
7568150a58e78021968b6c22bc28e9787b33496agwr if (error == 0) {
7568150a58e78021968b6c22bc28e9787b33496agwr * Set the raw Windows SD via ioctl.
7568150a58e78021968b6c22bc28e9787b33496agwr * Convenience function to Get security using a
7568150a58e78021968b6c22bc28e9787b33496agwr * ZFS-style ACL (libsec acl, type=ACE_T)
7568150a58e78021968b6c22bc28e9787b33496agwr * Intentionally similar to: facl_get(3SEC)
7568150a58e78021968b6c22bc28e9787b33496agwrsmbfs_acl_get(int fd, acl_t **aclp, uid_t *uidp, gid_t *gidp)
7568150a58e78021968b6c22bc28e9787b33496agwr * Which parts of the SD are being requested?
7568150a58e78021968b6c22bc28e9787b33496agwr * XXX: Should we request the SACL too? If so,
7568150a58e78021968b6c22bc28e9787b33496agwr * might that cause this access to be denied?
7568150a58e78021968b6c22bc28e9787b33496agwr * Or maybe: if we get access denied, try the
7568150a58e78021968b6c22bc28e9787b33496agwr * open/fetch again without the SACL bit.
7568150a58e78021968b6c22bc28e9787b33496agwr return (0);
7568150a58e78021968b6c22bc28e9787b33496agwr * Get the Windows SD via ioctl, in
7568150a58e78021968b6c22bc28e9787b33496agwr * "internal" (absolute) form.
7568150a58e78021968b6c22bc28e9787b33496agwr /* Note: sd now holds allocated data. */
7568150a58e78021968b6c22bc28e9787b33496agwr * Convert the internal SD to a ZFS ACL.
7568150a58e78021968b6c22bc28e9787b33496agwr * Get uid/gid too if pointers != NULL.
7568150a58e78021968b6c22bc28e9787b33496agwr /* Success! */
7568150a58e78021968b6c22bc28e9787b33496agwr * Convenience function to Set security using a
7568150a58e78021968b6c22bc28e9787b33496agwr * ZFS-style ACL (libsec acl, type=ACE_T)
7568150a58e78021968b6c22bc28e9787b33496agwr * Intentionally similar to: facl_set(3SEC)
7568150a58e78021968b6c22bc28e9787b33496agwr * Which parts of the SD are being modified?
7568150a58e78021968b6c22bc28e9787b33496agwr * XXX: Ditto comments above re. SACL.
7568150a58e78021968b6c22bc28e9787b33496agwr return (0);
bd7c6f51f14365fc31d408903b38c02177384d3dGordon Ross * If not setting owner or group, we need the
bd7c6f51f14365fc31d408903b38c02177384d3dGordon Ross * current owner and group for translating
bd7c6f51f14365fc31d408903b38c02177384d3dGordon Ross * references via owner@ or group@ ACEs.
7568150a58e78021968b6c22bc28e9787b33496agwr * Convert the ZFS ACL to an internal SD.
7568150a58e78021968b6c22bc28e9787b33496agwr * Returns allocated data in sd