| | 1 | /* |
| | 2 | * fs/cifs/cifsacl.h |
| | 3 | * |
| | 4 | * Copyright (c) International Business Machines Corp., 2007 |
| | 5 | * Author(s): Steve French (sfrench@us.ibm.com) |
| | 6 | * |
| | 7 | * This library is free software; you can redistribute it and/or modify |
| | 8 | * it under the terms of the GNU Lesser General Public License as published |
| | 9 | * by the Free Software Foundation; either version 2.1 of the License, or |
| | 10 | * (at your option) any later version. |
| | 11 | * |
| | 12 | * This library is distributed in the hope that it will be useful, |
| | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See |
| | 15 | * the GNU Lesser General Public License for more details. |
| | 16 | * |
| | 17 | * You should have received a copy of the GNU Lesser General Public License |
| | 18 | * along with this library; if not, write to the Free Software |
| | 19 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| | 20 | */ |
| | 21 | |
| | 22 | #ifndef _CIFSACL_H |
| | 23 | #define _CIFSACL_H |
| | 24 | |
| | 25 | |
| | 26 | #define NUM_AUTHS (6) /* number of authority fields */ |
| | 27 | #define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */ |
| | 28 | |
| | 29 | #define READ_BIT 0x4 |
| | 30 | #define WRITE_BIT 0x2 |
| | 31 | #define EXEC_BIT 0x1 |
| | 32 | |
| | 33 | #define UBITSHIFT 6 |
| | 34 | #define GBITSHIFT 3 |
| | 35 | |
| | 36 | #define ACCESS_ALLOWED 0 |
| | 37 | #define ACCESS_DENIED 1 |
| | 38 | |
| | 39 | #define SIDOWNER 1 |
| | 40 | #define SIDGROUP 2 |
| | 41 | |
| | 42 | /* |
| | 43 | * Security Descriptor length containing DACL with 3 ACEs (one each for |
| | 44 | * owner, group and world). |
| | 45 | */ |
| | 46 | #define DEFAULT_SEC_DESC_LEN (sizeof(struct cifs_ntsd) + \ |
| | 47 | sizeof(struct cifs_acl) + \ |
| | 48 | (sizeof(struct cifs_ace) * 3)) |
| | 49 | |
| | 50 | /* |
| | 51 | * Maximum size of a string representation of a SID: |
| | 52 | * |
| | 53 | * The fields are unsigned values in decimal. So: |
| | 54 | * |
| | 55 | * u8: max 3 bytes in decimal |
| | 56 | * u32: max 10 bytes in decimal |
| | 57 | * |
| | 58 | * "S-" + 3 bytes for version field + 15 for authority field + NULL terminator |
| | 59 | * |
| | 60 | * For authority field, max is when all 6 values are non-zero and it must be |
| | 61 | * represented in hex. So "-0x" + 12 hex digits. |
| | 62 | * |
| | 63 | * Add 11 bytes for each subauthority field (10 bytes each + 1 for '-') |
| | 64 | */ |
| | 65 | #define SID_STRING_BASE_SIZE (2 + 3 + 15 + 1) |
| | 66 | #define SID_STRING_SUBAUTH_SIZE (11) /* size of a single subauth string */ |
| | 67 | |
| | 68 | struct cifs_ntsd { |
| | 69 | __le16 revision; /* revision level */ |
| | 70 | __le16 type; |
| | 71 | __le32 osidoffset; |
| | 72 | __le32 gsidoffset; |
| | 73 | __le32 sacloffset; |
| | 74 | __le32 dacloffset; |
| | 75 | } __attribute__((packed)); |
| | 76 | |
| | 77 | struct cifs_sid { |
| | 78 | __u8 revision; /* revision level */ |
| | 79 | __u8 num_subauth; |
| | 80 | __u8 authority[NUM_AUTHS]; |
| | 81 | __le32 sub_auth[SID_MAX_SUB_AUTHORITIES]; /* sub_auth[num_subauth] */ |
| | 82 | } __attribute__((packed)); |
| | 83 | |
| | 84 | /* size of a struct cifs_sid, sans sub_auth array */ |
| | 85 | #define CIFS_SID_BASE_SIZE (1 + 1 + NUM_AUTHS) |
| | 86 | |
| | 87 | struct cifs_acl { |
| | 88 | __le16 revision; /* revision level */ |
| | 89 | __le16 size; |
| | 90 | __le32 num_aces; |
| | 91 | } __attribute__((packed)); |
| | 92 | |
| | 93 | struct cifs_ace { |
| | 94 | __u8 type; |
| | 95 | __u8 flags; |
| | 96 | __le16 size; |
| | 97 | __le32 access_req; |
| | 98 | struct cifs_sid sid; /* ie UUID of user or group who gets these perms */ |
| | 99 | } __attribute__((packed)); |
| | 100 | |
| | 101 | #endif /* _CIFSACL_H */ |
projects / linux-2.6-block.git / blame_incremental