@@ -1016,7 +1016,7 @@ id_mode_to_cifs_acl(struct inode *inode, const char *path, __u64 nmode,
* memory for the smb header, set security descriptor request security
* descriptor parameters, and secuirty descriptor itself
*/
- secdesclen = max_t(u32, secdesclen, DEFSECDESCLEN);
+ secdesclen = max_t(u32, secdesclen, DEFAULT_SEC_DESC_LEN);
pnntsd = kmalloc(secdesclen, GFP_KERNEL);
if (!pnntsd) {
cERROR(1, "Unable to allocate security descriptor");
@@ -25,9 +25,6 @@
#define NUM_AUTHS (6) /* number of authority fields */
#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
-#define NUM_WK_SIDS 7 /* number of well known sids */
-#define SIDNAMELENGTH 20 /* long enough for the ones we care about */
-#define DEFSECDESCLEN 192 /* sec desc len contaiting a dacl with three aces */
#define READ_BIT 0x4
#define WRITE_BIT 0x2
@@ -43,6 +40,14 @@
#define SIDGROUP 2
/*
+ * Security Descriptor length containing DACL with 3 ACEs (one each for
+ * owner, group and world).
+ */
+#define DEFAULT_SEC_DESC_LEN (sizeof(struct cifs_ntsd) + \
+ sizeof(struct cifs_acl) + \
+ (sizeof(struct cifs_ace) * 3))
+
+/*
* Maximum size of a string representation of a SID:
*
* The fields are unsigned values in decimal. So:
It was hardcoded to 192 bytes, which was not enough when the max number of subauthorities went to 15. Redefine this constant in terms of sizeof the structs involved, and rename it for better clarity. While we're at it, remove a couple more unused constants from cifsacl.h. Signed-off-by: Jeff Layton <jlayton@redhat.com> --- fs/cifs/cifsacl.c | 2 +- fs/cifs/cifsacl.h | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-)