Blame view
fs/nfsd/auth.c
1.99 KB
7663dacd9 nfsd: remove poin... |
1 |
/* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ |
1da177e4c Linux-2.6.12-rc2 |
2 |
|
1da177e4c Linux-2.6.12-rc2 |
3 |
#include <linux/sched.h> |
9a74af213 nfsd: Move privat... |
4 |
#include "nfsd.h" |
a254b246e nfsd: fix sparse ... |
5 |
#include "auth.h" |
1da177e4c Linux-2.6.12-rc2 |
6 |
|
c7d51402d knfsd: clean up E... |
7 |
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) |
1269bc69b knfsd: nfsd: enfo... |
8 9 10 11 12 13 14 15 16 17 18 |
{ struct exp_flavor_info *f; struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; for (f = exp->ex_flavors; f < end; f++) { if (f->pseudoflavor == rqstp->rq_flavor) return f->flags; } return exp->ex_flags; } |
1da177e4c Linux-2.6.12-rc2 |
19 20 |
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) { |
d84f4f992 CRED: Inaugurate ... |
21 22 23 |
struct group_info *rqgi; struct group_info *gi; struct cred *new; |
1da177e4c Linux-2.6.12-rc2 |
24 |
int i; |
1269bc69b knfsd: nfsd: enfo... |
25 |
int flags = nfsexp_flags(rqstp, exp); |
1da177e4c Linux-2.6.12-rc2 |
26 |
int ret; |
e0e817392 CRED: Add some co... |
27 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
28 29 |
/* discard any old override before preparing the new set */ revert_creds(get_cred(current->real_cred)); |
d84f4f992 CRED: Inaugurate ... |
30 31 32 33 34 35 36 37 |
new = prepare_creds(); if (!new) return -ENOMEM; new->fsuid = rqstp->rq_cred.cr_uid; new->fsgid = rqstp->rq_cred.cr_gid; rqgi = rqstp->rq_cred.cr_group_info; |
1269bc69b knfsd: nfsd: enfo... |
38 |
if (flags & NFSEXP_ALLSQUASH) { |
d84f4f992 CRED: Inaugurate ... |
39 40 41 |
new->fsuid = exp->ex_anon_uid; new->fsgid = exp->ex_anon_gid; gi = groups_alloc(0); |
bf935a788 nfsd: fix null de... |
42 43 |
if (!gi) goto oom; |
1269bc69b knfsd: nfsd: enfo... |
44 |
} else if (flags & NFSEXP_ROOTSQUASH) { |
d84f4f992 CRED: Inaugurate ... |
45 46 47 48 |
if (!new->fsuid) new->fsuid = exp->ex_anon_uid; if (!new->fsgid) new->fsgid = exp->ex_anon_gid; |
1da177e4c Linux-2.6.12-rc2 |
49 |
|
d84f4f992 CRED: Inaugurate ... |
50 51 52 53 54 55 56 57 58 59 |
gi = groups_alloc(rqgi->ngroups); if (!gi) goto oom; for (i = 0; i < rqgi->ngroups; i++) { if (!GROUP_AT(rqgi, i)) GROUP_AT(gi, i) = exp->ex_anon_gid; else GROUP_AT(gi, i) = GROUP_AT(rqgi, i); } |
1da177e4c Linux-2.6.12-rc2 |
60 |
} else { |
d84f4f992 CRED: Inaugurate ... |
61 |
gi = get_group_info(rqgi); |
1da177e4c Linux-2.6.12-rc2 |
62 |
} |
d84f4f992 CRED: Inaugurate ... |
63 64 65 66 67 68 69 70 |
if (new->fsuid == (uid_t) -1) new->fsuid = exp->ex_anon_uid; if (new->fsgid == (gid_t) -1) new->fsgid = exp->ex_anon_gid; ret = set_groups(new, gi); put_group_info(gi); |
f05ef8db1 CRED: Fix NFSD re... |
71 |
if (ret < 0) |
d84f4f992 CRED: Inaugurate ... |
72 |
goto error; |
f05ef8db1 CRED: Fix NFSD re... |
73 |
if (new->fsuid) |
d84f4f992 CRED: Inaugurate ... |
74 75 76 77 |
new->cap_effective = cap_drop_nfsd_set(new->cap_effective); else new->cap_effective = cap_raise_nfsd_set(new->cap_effective, new->cap_permitted); |
e0e817392 CRED: Add some co... |
78 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
79 |
put_cred(override_creds(new)); |
b914152a6 nfsd: fix cred le... |
80 |
put_cred(new); |
e0e817392 CRED: Add some co... |
81 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
82 |
return 0; |
d84f4f992 CRED: Inaugurate ... |
83 84 85 86 87 |
oom: ret = -ENOMEM; error: abort_creds(new); |
1da177e4c Linux-2.6.12-rc2 |
88 89 |
return ret; } |
b6dff3ec5 CRED: Separate ta... |
90 |