[lvc-project] [PATCH] smb: remove redundant DACL check in smb_check_perm_dacl

[Alexey Velichayshiy]

Problem Analysis:
1. Permanently false condition:
The check `if (!pdacl->num_aces)` inside the `FILE_MAXIMAL_ACCESS_LE` block
can never execute because when `pdacl->num_aces == 0`, the function already
jumps to `err_out` in the earlier DACL validation check at line 35.
2. Logical contradiction:
The code contains conflicting semantics for empty DACL handling:
   - First check (line 35): Empty DACL → access denied → goto err_out
   - Second check (line 65): Empty DACL → grant GENERIC_ALL_FLAGS
   This creates unreachable code and semantic inconsistency.

Solution:
Remove the unreachable code block
as the most concise solution with no functional impact.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Alexey Velichayshiy <a.velichayshiy at ispras.ru>
---
 fs/smb/server/smbacl.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/fs/smb/server/smbacl.c b/fs/smb/server/smbacl.c
index 5aa7a66334d9..05598d994a68 100644
--- a/fs/smb/server/smbacl.c
+++ b/fs/smb/server/smbacl.c
@@ -1307,9 +1307,6 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, const struct path *path,
 			granted |= le32_to_cpu(ace->access_req);
 			ace = (struct smb_ace *)((char *)ace + le16_to_cpu(ace->size));
 		}
-
-		if (!pdacl->num_aces)
-			granted = GENERIC_ALL_FLAGS;
 	}
 
 	if (!uid)
-- 
2.43.0