Changed interface for translating permissions to avoid a version dependency

include/ntfs-3g/acls.h

@@ -176,7 +176,7 @@ struct POSIX_SECURITY *ntfs_replace_acl(const struct POSIX_SECURITY *oldpxdesc,
 struct POSIX_SECURITY *ntfs_build_permissions_posix(
 			struct MAPPING* const mapping[],
 			const char *securattr,
-			const SID *usid, const SID *gsid, ntfs_inode *ni);
+			const SID *usid, const SID *gsid, BOOL isdir);
 struct POSIX_SECURITY *ntfs_merge_descr_posix(const struct POSIX_SECURITY *first,
 			const struct POSIX_SECURITY *second);
 char *ntfs_build_descr_posix(struct MAPPING* const mapping[],
@@ -188,7 +188,7 @@ char *ntfs_build_descr_posix(struct MAPPING* const mapping[],
 int ntfs_inherit_acl(const ACL *oldacl, ACL *newacl,
 			const SID *usid, const SID *gsid, BOOL fordir);
 int ntfs_build_permissions(const char *securattr,
-			const SID *usid, const SID *gsid, ntfs_inode *ni);
+			const SID *usid, const SID *gsid, BOOL isdir);
 char *ntfs_build_descr(mode_t mode,
 			int isdir, const SID * usid, const SID * gsid);
 struct MAPLIST *ntfs_read_mapping(FILEREADER reader, void *fileid);

include/ntfs-3g/security.h

@@ -303,7 +303,7 @@ int ntfs_set_ntfs_attrib(const char *path,
  *	based on Win32 API
  */
 
-#define MAGIC_API 10102007
+#define MAGIC_API 0x09042009
 
 struct SECURITY_API {
 	u32 magic;

libntfs-3g/acls.c

@@ -2651,7 +2651,7 @@ char *ntfs_build_descr(mode_t mode,
  *	from owner, group and world grants as represented in ACEs
  */
 
-static int merge_permissions(ntfs_inode *ni,
+static int merge_permissions(BOOL isdir,
 		le32 owner, le32 group, le32 world, le32 special)
 
 {
@@ -2660,7 +2660,7 @@ static int merge_permissions(ntfs_inode *ni,
 	perm = 0;
 	/* build owner permission */
 	if (owner) {
-		if (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY) {
+		if (isdir) {
 			/* exec if any of list, traverse */
 			if (owner & DIR_GEXEC)
 				perm |= S_IXUSR;
@@ -2684,7 +2684,7 @@ static int merge_permissions(ntfs_inode *ni,
 	}
 	/* build group permission */
 	if (group) {
-		if (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY) {
+		if (isdir) {
 			/* exec if any of list, traverse */
 			if (group & DIR_GEXEC)
 				perm |= S_IXGRP;
@@ -2708,7 +2708,7 @@ static int merge_permissions(ntfs_inode *ni,
 	}
 	/* build world permission */
 	if (world) {
-		if (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY) {
+		if (isdir) {
 			/* exec if any of list, traverse */
 			if (world & DIR_GEXEC)
 				perm |= S_IXOTH;
@@ -2907,7 +2907,7 @@ static int norm_std_permissions_posix(struct POSIX_SECURITY *posix_desc,
  */
 
 static int build_std_permissions(const char *securattr,
-		const SID *usid, const SID *gsid, ntfs_inode *ni)
+		const SID *usid, const SID *gsid, BOOL isdir)
 {
 	const SECURITY_DESCRIPTOR_RELATIVE *phead;
 	const ACL *pacl;
@@ -2978,7 +2978,7 @@ static int build_std_permissions(const char *securattr,
 		 */
 	allowown |= (allowgrp | allowall);
 	allowgrp |= allowall;
-	return (merge_permissions(ni,
+	return (merge_permissions(isdir,
 				allowown & ~(denyown | denyall),
 				allowgrp & ~(denygrp | denyall),
 				allowall & ~denyall,
@@ -2992,7 +2992,7 @@ static int build_std_permissions(const char *securattr,
  */
 
 static int build_owngrp_permissions(const char *securattr,
-			const SID *usid, ntfs_inode *ni)
+			const SID *usid, BOOL isdir)
 {
 	const SECURITY_DESCRIPTOR_RELATIVE *phead;
 	const ACL *pacl;
@@ -3049,7 +3049,7 @@ static int build_owngrp_permissions(const char *securattr,
 		}
 	if (!grppresent)
 		allowgrp = allowall;
-	return (merge_permissions(ni,
+	return (merge_permissions(isdir,
 				allowown & ~(denyown | denyall),
 				allowgrp & ~(denygrp | denyall),
 				allowall & ~denyall,
@@ -3176,7 +3176,7 @@ static int norm_ownadmin_permissions_posix(struct POSIX_SECURITY *posix_desc,
 
 
 static int build_ownadmin_permissions(const char *securattr,
-			const SID *usid, const SID *gsid, ntfs_inode *ni)
+			const SID *usid, const SID *gsid, BOOL isdir)
 {
 	const SECURITY_DESCRIPTOR_RELATIVE *phead;
 	const ACL *pacl;
@@ -3245,7 +3245,7 @@ static int build_ownadmin_permissions(const char *securattr,
 		allowown |= (allowgrp | allowall);
 		allowgrp |= allowall;
 	}
-	return (merge_permissions(ni,
+	return (merge_permissions(isdir,
 				allowown & ~(denyown | denyall),
 				allowgrp & ~(denygrp | denyall),
 				allowall & ~denyall,
@@ -3374,7 +3374,7 @@ static uid_t find_tenant(struct MAPPING *const mapping[],
 struct POSIX_SECURITY *ntfs_build_permissions_posix(
 			struct MAPPING *const mapping[],
 			const char *securattr,
-			const SID *usid, const SID *gsid, ntfs_inode *ni)
+			const SID *usid, const SID *gsid, BOOL isdir)
 {
 	const SECURITY_DESCRIPTOR_RELATIVE *phead;
 	struct POSIX_SECURITY *pxdesc;
@@ -3615,7 +3615,7 @@ struct POSIX_SECURITY *ntfs_build_permissions_posix(
 				if (pace->mask & FILE_READ_DATA)
 					pxace->perms |= S_ISVTX;
 			} else
-				if (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY) {
+				if (isdir) {
 					if (pace->mask & DIR_GEXEC)
 						pxace->perms |= POSIX_PERM_X;
 					if (pace->mask & DIR_GWRITE)
@@ -3799,7 +3799,7 @@ struct POSIX_SECURITY *ntfs_build_permissions_posix(
  */
 
 int ntfs_build_permissions(const char *securattr,
-			const SID *usid, const SID *gsid, ntfs_inode *ni)
+			const SID *usid, const SID *gsid, BOOL isdir)
 {
 	const SECURITY_DESCRIPTOR_RELATIVE *phead;
 	int perm;
@@ -3811,12 +3811,12 @@ int ntfs_build_permissions(const char *securattr,
 	         || ntfs_same_sid(gsid,adminsid);
 	groupowns = !adminowns && ntfs_same_sid(gsid,usid);
 	if (adminowns)
-		perm = build_ownadmin_permissions(securattr, usid, gsid, ni);
+		perm = build_ownadmin_permissions(securattr, usid, gsid, isdir);
 	else
 		if (groupowns)
-			perm = build_owngrp_permissions(securattr, usid, ni);
+			perm = build_owngrp_permissions(securattr, usid, isdir);
 		else
-			perm = build_std_permissions(securattr, usid, gsid, ni);
+			perm = build_std_permissions(securattr, usid, gsid, isdir);
 	return (perm);
 }
 

libntfs-3g/security.c

@@ -1932,6 +1932,7 @@ static int ntfs_get_perm(struct SECURITY_CONTEXT *scx,
 	uid_t uid;
 	gid_t gid;
 	int perm;
+	BOOL isdir;
 	struct POSIX_SECURITY *pxdesc;
 
 	if (!scx->mapping[MAPUSERS] || !scx->uid)
@@ -1945,6 +1946,8 @@ static int ntfs_get_perm(struct SECURITY_CONTEXT *scx,
 			perm = access_check_posix(scx,cached->pxdesc,request,uid,gid);
 		} else {
 			perm = 0;	/* default to no permission */
+			isdir = (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY)
+				!= const_cpu_to_le16(0);
 			securattr = getsecurityattr(scx->vol, path, ni);
 			if (securattr) {
 				phead = (const SECURITY_DESCRIPTOR_RELATIVE*)
@@ -1955,7 +1958,7 @@ static int ntfs_get_perm(struct SECURITY_CONTEXT *scx,
 #if OWNERFROMACL
 				usid = ntfs_acl_owner(securattr);
 				pxdesc = ntfs_build_permissions_posix(scx->mapping,securattr,
-						 usid, gsid, ni);
+						 usid, gsid, isdir);
 				if (pxdesc)
 					perm = pxdesc->mode & 07777;
 				else
@@ -1965,7 +1968,7 @@ static int ntfs_get_perm(struct SECURITY_CONTEXT *scx,
 				usid = (const SID*)&
 					    securattr[le32_to_cpu(phead->owner)];
 				pxdesc = ntfs_build_permissions_posix(scx,securattr,
-						 usid, gsid, ni);
+						 usid, gsid, isdir);
 				if (pxdesc)
 					perm = pxdesc->mode & 07777;
 				else
@@ -2032,6 +2035,7 @@ int ntfs_get_posix_acl(struct SECURITY_CONTEXT *scx, const char *path,
 	uid_t uid;
 	gid_t gid;
 	int perm;
+	BOOL isdir;
 	size_t outsize;
 
 	outsize = 0;	/* default to error */
@@ -2044,6 +2048,8 @@ int ntfs_get_posix_acl(struct SECURITY_CONTEXT *scx, const char *path,
 			pxdesc = cached->pxdesc;
 		else {
 			securattr = getsecurityattr(scx->vol, path, ni);
+			isdir = (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY)
+				!= const_cpu_to_le16(0);
 			if (securattr) {
 				phead =
 				    (const SECURITY_DESCRIPTOR_RELATIVE*)
@@ -2057,7 +2063,7 @@ int ntfs_get_posix_acl(struct SECURITY_CONTEXT *scx, const char *path,
 					  securattr[le32_to_cpu(phead->owner)];
 #endif
 				pxdesc = ntfs_build_permissions_posix(scx->mapping,securattr,
-					  usid, gsid, ni);
+					  usid, gsid, isdir);
 
 					/*
 					 * fetch owner and group for cacheing
@@ -2185,6 +2191,7 @@ int ntfs_get_owner_mode(struct SECURITY_CONTEXT *scx,
 	const SID *gsid;	/* group of file/directory */
 	const struct CACHED_PERMISSIONS *cached;
 	int perm;
+	BOOL isdir;
 #if POSIXACLS
 	struct POSIX_SECURITY *pxdesc;
 #endif
@@ -2201,6 +2208,8 @@ int ntfs_get_owner_mode(struct SECURITY_CONTEXT *scx,
 			stbuf->st_mode = (stbuf->st_mode & ~07777) + perm;
 		} else {
 			perm = -1;	/* default to error */
+			isdir = (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY)
+				!= const_cpu_to_le16(0);
 			securattr = getsecurityattr(scx->vol, path, ni);
 			if (securattr) {
 				phead =
@@ -2216,14 +2225,14 @@ int ntfs_get_owner_mode(struct SECURITY_CONTEXT *scx,
 #endif
 #if POSIXACLS
 				pxdesc = ntfs_build_permissions_posix(scx->mapping, securattr,
-					  usid, gsid, ni);
+					  usid, gsid, isdir);
 				if (pxdesc)
 					perm = pxdesc->mode & 07777;
 				else
 					perm = -1;
 #else
 				perm = ntfs_build_permissions(securattr,
-					  usid, gsid, ni);
+					  usid, gsid, isdir);
 #endif
 					/*
 					 * fetch owner and group for cacheing
@@ -2312,13 +2321,13 @@ static struct POSIX_SECURITY *inherit_posix(struct SECURITY_CONTEXT *scx,
 #if OWNERFROMACL
 			usid = ntfs_acl_owner(securattr);
 			pxdesc = ntfs_build_permissions_posix(scx->mapping,securattr,
-						 usid, gsid, dir_ni);
+						 usid, gsid, TRUE);
 			uid = ntfs_find_user(scx->mapping[MAPUSERS],usid);
 #else
 			usid = (const SID*)&
 				    securattr[le32_to_cpu(phead->owner)];
 			pxdesc = ntfs_build_permissions_posix(scx->mapping,securattr,
-						 usid, gsid, dir_ni);
+						 usid, gsid, TRUE);
 			if (pxdesc && ntfs_same_sid(usid, adminsid)) {
 				uid = find_tenant(scx, securattr);
 			} else
@@ -2816,7 +2825,7 @@ int ntfs_set_posix_acl(struct SECURITY_CONTEXT *scx, const char *path,
 				uid = ntfs_find_user(scx->mapping[MAPUSERS],usid);
 				gid = ntfs_find_group(scx->mapping[MAPGROUPS],gsid);
 				oldpxdesc = ntfs_build_permissions_posix(scx->mapping,
-					oldattr, usid, gsid, ni);
+					oldattr, usid, gsid, isdir);
 				if (oldpxdesc) {
 					if (deflt)
 						exist = oldpxdesc->defcnt > 0;
@@ -2999,7 +3008,7 @@ int ntfs_set_mode(struct SECURITY_CONTEXT *scx,
 #if POSIXACLS
 			isdir = (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY) != const_cpu_to_le16(0);
 			newpxdesc = ntfs_build_permissions_posix(scx->mapping,
-				oldattr, usid, gsid, ni);
+				oldattr, usid, gsid, isdir);
 			if (!newpxdesc || ntfs_merge_mode_posix(newpxdesc, mode))
 				res = -1;
 #endif
@@ -3274,6 +3283,7 @@ int ntfs_set_owner(struct SECURITY_CONTEXT *scx,
 	uid_t filegid;
 	mode_t mode;
 	int perm;
+	BOOL isdir;
 	int res;
 #if POSIXACLS
 	struct POSIX_SECURITY *pxdesc;
@@ -3299,6 +3309,8 @@ int ntfs_set_owner(struct SECURITY_CONTEXT *scx,
 		mode = 0;
 		oldattr = getsecurityattr(scx->vol, path, ni);
 		if (oldattr) {
+			isdir = (ni->mrec->flags & MFT_RECORD_IS_DIRECTORY)
+				!= const_cpu_to_le16(0);
 			phead = (const SECURITY_DESCRIPTOR_RELATIVE*)
 				oldattr;
 			gsid = (const SID*)
@@ -3311,7 +3323,7 @@ int ntfs_set_owner(struct SECURITY_CONTEXT *scx,
 #endif
 #if POSIXACLS
 			pxdesc = ntfs_build_permissions_posix(scx->mapping, oldattr,
-					usid, gsid, ni);
+					usid, gsid, isdir);
 			if (pxdesc) {
 				pxdescbuilt = TRUE;
 				fileuid = ntfs_find_user(scx->mapping[MAPUSERS],usid);
@@ -3321,7 +3333,7 @@ int ntfs_set_owner(struct SECURITY_CONTEXT *scx,
 				res = -1;
 #else
 			mode = perm = ntfs_build_permissions(oldattr,
-					 usid, gsid, ni);
+					 usid, gsid, isdir);
 			if (perm >= 0) {
 				fileuid = ntfs_find_user(scx->mapping[MAPUSERS],usid);
 				filegid = ntfs_find_group(scx->mapping[MAPGROUPS],gsid);