Blame view
fs/nfsd/auth.c
2.13 KB
b24413180 License cleanup: ... |
1 |
// SPDX-License-Identifier: GPL-2.0 |
7663dacd9 nfsd: remove poin... |
2 |
/* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ |
1da177e4c Linux-2.6.12-rc2 |
3 |
|
1da177e4c Linux-2.6.12-rc2 |
4 |
#include <linux/sched.h> |
9a74af213 nfsd: Move privat... |
5 |
#include "nfsd.h" |
a254b246e nfsd: fix sparse ... |
6 |
#include "auth.h" |
1da177e4c Linux-2.6.12-rc2 |
7 |
|
c7d51402d knfsd: clean up E... |
8 |
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) |
1269bc69b knfsd: nfsd: enfo... |
9 10 11 12 13 |
{ struct exp_flavor_info *f; struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; for (f = exp->ex_flavors; f < end; f++) { |
d5497fc69 nfsd4: move rq_fl... |
14 |
if (f->pseudoflavor == rqstp->rq_cred.cr_flavor) |
1269bc69b knfsd: nfsd: enfo... |
15 16 17 18 19 |
return f->flags; } return exp->ex_flags; } |
1da177e4c Linux-2.6.12-rc2 |
20 21 |
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) { |
d84f4f992 CRED: Inaugurate ... |
22 23 24 |
struct group_info *rqgi; struct group_info *gi; struct cred *new; |
1da177e4c Linux-2.6.12-rc2 |
25 |
int i; |
1269bc69b knfsd: nfsd: enfo... |
26 |
int flags = nfsexp_flags(rqstp, exp); |
1da177e4c Linux-2.6.12-rc2 |
27 |
|
e0e817392 CRED: Add some co... |
28 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
29 |
/* discard any old override before preparing the new set */ |
ae4b884fc nfsd: silence spa... |
30 |
revert_creds(get_cred(current_real_cred())); |
d84f4f992 CRED: Inaugurate ... |
31 32 33 34 35 36 37 38 |
new = prepare_creds(); if (!new) return -ENOMEM; new->fsuid = rqstp->rq_cred.cr_uid; new->fsgid = rqstp->rq_cred.cr_gid; rqgi = rqstp->rq_cred.cr_group_info; |
1269bc69b knfsd: nfsd: enfo... |
39 |
if (flags & NFSEXP_ALLSQUASH) { |
d84f4f992 CRED: Inaugurate ... |
40 41 42 |
new->fsuid = exp->ex_anon_uid; new->fsgid = exp->ex_anon_gid; gi = groups_alloc(0); |
bf935a788 nfsd: fix null de... |
43 44 |
if (!gi) goto oom; |
1269bc69b knfsd: nfsd: enfo... |
45 |
} else if (flags & NFSEXP_ROOTSQUASH) { |
6fab87790 nfsd: Properly co... |
46 |
if (uid_eq(new->fsuid, GLOBAL_ROOT_UID)) |
d84f4f992 CRED: Inaugurate ... |
47 |
new->fsuid = exp->ex_anon_uid; |
6fab87790 nfsd: Properly co... |
48 |
if (gid_eq(new->fsgid, GLOBAL_ROOT_GID)) |
d84f4f992 CRED: Inaugurate ... |
49 |
new->fsgid = exp->ex_anon_gid; |
1da177e4c Linux-2.6.12-rc2 |
50 |
|
d84f4f992 CRED: Inaugurate ... |
51 52 53 54 55 |
gi = groups_alloc(rqgi->ngroups); if (!gi) goto oom; for (i = 0; i < rqgi->ngroups; i++) { |
81243eacf cred: simpler, 1D... |
56 57 |
if (gid_eq(GLOBAL_ROOT_GID, rqgi->gid[i])) gi->gid[i] = exp->ex_anon_gid; |
d84f4f992 CRED: Inaugurate ... |
58 |
else |
81243eacf cred: simpler, 1D... |
59 |
gi->gid[i] = rqgi->gid[i]; |
d84f4f992 CRED: Inaugurate ... |
60 |
} |
199526672 nfsd: auth: Fix g... |
61 62 63 |
/* Each thread allocates its own gi, no race */ groups_sort(gi); |
1da177e4c Linux-2.6.12-rc2 |
64 |
} else { |
d84f4f992 CRED: Inaugurate ... |
65 |
gi = get_group_info(rqgi); |
1da177e4c Linux-2.6.12-rc2 |
66 |
} |
d84f4f992 CRED: Inaugurate ... |
67 |
|
6fab87790 nfsd: Properly co... |
68 |
if (uid_eq(new->fsuid, INVALID_UID)) |
d84f4f992 CRED: Inaugurate ... |
69 |
new->fsuid = exp->ex_anon_uid; |
6fab87790 nfsd: Properly co... |
70 |
if (gid_eq(new->fsgid, INVALID_GID)) |
d84f4f992 CRED: Inaugurate ... |
71 |
new->fsgid = exp->ex_anon_gid; |
8f6c5ffc8 kernel/groups.c: ... |
72 |
set_groups(new, gi); |
d84f4f992 CRED: Inaugurate ... |
73 |
put_group_info(gi); |
d84f4f992 CRED: Inaugurate ... |
74 |
|
6fab87790 nfsd: Properly co... |
75 |
if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID)) |
d84f4f992 CRED: Inaugurate ... |
76 77 78 79 |
new->cap_effective = cap_drop_nfsd_set(new->cap_effective); else new->cap_effective = cap_raise_nfsd_set(new->cap_effective, new->cap_permitted); |
e0e817392 CRED: Add some co... |
80 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
81 |
put_cred(override_creds(new)); |
b914152a6 nfsd: fix cred le... |
82 |
put_cred(new); |
e0e817392 CRED: Add some co... |
83 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
84 |
return 0; |
d84f4f992 CRED: Inaugurate ... |
85 86 |
oom: |
d84f4f992 CRED: Inaugurate ... |
87 |
abort_creds(new); |
61a27f08a NFSD: Cleanup unu... |
88 |
return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
89 |
} |
b6dff3ec5 CRED: Separate ta... |
90 |