Blame view
fs/nfsd/auth.c
2.03 KB
7663dacd9 nfsd: remove poin... |
1 |
/* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ |
1da177e4c Linux-2.6.12-rc2 |
2 |
|
1da177e4c Linux-2.6.12-rc2 |
3 |
#include <linux/sched.h> |
9a74af213 nfsd: Move privat... |
4 |
#include "nfsd.h" |
a254b246e nfsd: fix sparse ... |
5 |
#include "auth.h" |
1da177e4c Linux-2.6.12-rc2 |
6 |
|
c7d51402d knfsd: clean up E... |
7 |
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) |
1269bc69b knfsd: nfsd: enfo... |
8 9 10 11 12 |
{ struct exp_flavor_info *f; struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; for (f = exp->ex_flavors; f < end; f++) { |
d5497fc69 nfsd4: move rq_fl... |
13 |
if (f->pseudoflavor == rqstp->rq_cred.cr_flavor) |
1269bc69b knfsd: nfsd: enfo... |
14 15 16 17 18 |
return f->flags; } return exp->ex_flags; } |
1da177e4c Linux-2.6.12-rc2 |
19 20 |
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) { |
d84f4f992 CRED: Inaugurate ... |
21 22 23 |
struct group_info *rqgi; struct group_info *gi; struct cred *new; |
1da177e4c Linux-2.6.12-rc2 |
24 |
int i; |
1269bc69b knfsd: nfsd: enfo... |
25 |
int flags = nfsexp_flags(rqstp, exp); |
1da177e4c Linux-2.6.12-rc2 |
26 |
|
e0e817392 CRED: Add some co... |
27 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
28 |
/* discard any old override before preparing the new set */ |
ae4b884fc nfsd: silence spa... |
29 |
revert_creds(get_cred(current_real_cred())); |
d84f4f992 CRED: Inaugurate ... |
30 31 32 33 34 35 36 37 |
new = prepare_creds(); if (!new) return -ENOMEM; new->fsuid = rqstp->rq_cred.cr_uid; new->fsgid = rqstp->rq_cred.cr_gid; rqgi = rqstp->rq_cred.cr_group_info; |
1269bc69b knfsd: nfsd: enfo... |
38 |
if (flags & NFSEXP_ALLSQUASH) { |
d84f4f992 CRED: Inaugurate ... |
39 40 41 |
new->fsuid = exp->ex_anon_uid; new->fsgid = exp->ex_anon_gid; gi = groups_alloc(0); |
bf935a788 nfsd: fix null de... |
42 43 |
if (!gi) goto oom; |
1269bc69b knfsd: nfsd: enfo... |
44 |
} else if (flags & NFSEXP_ROOTSQUASH) { |
6fab87790 nfsd: Properly co... |
45 |
if (uid_eq(new->fsuid, GLOBAL_ROOT_UID)) |
d84f4f992 CRED: Inaugurate ... |
46 |
new->fsuid = exp->ex_anon_uid; |
6fab87790 nfsd: Properly co... |
47 |
if (gid_eq(new->fsgid, GLOBAL_ROOT_GID)) |
d84f4f992 CRED: Inaugurate ... |
48 |
new->fsgid = exp->ex_anon_gid; |
1da177e4c Linux-2.6.12-rc2 |
49 |
|
d84f4f992 CRED: Inaugurate ... |
50 51 52 53 54 |
gi = groups_alloc(rqgi->ngroups); if (!gi) goto oom; for (i = 0; i < rqgi->ngroups; i++) { |
81243eacf cred: simpler, 1D... |
55 56 |
if (gid_eq(GLOBAL_ROOT_GID, rqgi->gid[i])) gi->gid[i] = exp->ex_anon_gid; |
d84f4f992 CRED: Inaugurate ... |
57 |
else |
81243eacf cred: simpler, 1D... |
58 |
gi->gid[i] = rqgi->gid[i]; |
d84f4f992 CRED: Inaugurate ... |
59 |
} |
1da177e4c Linux-2.6.12-rc2 |
60 |
} else { |
d84f4f992 CRED: Inaugurate ... |
61 |
gi = get_group_info(rqgi); |
1da177e4c Linux-2.6.12-rc2 |
62 |
} |
d84f4f992 CRED: Inaugurate ... |
63 |
|
6fab87790 nfsd: Properly co... |
64 |
if (uid_eq(new->fsuid, INVALID_UID)) |
d84f4f992 CRED: Inaugurate ... |
65 |
new->fsuid = exp->ex_anon_uid; |
6fab87790 nfsd: Properly co... |
66 |
if (gid_eq(new->fsgid, INVALID_GID)) |
d84f4f992 CRED: Inaugurate ... |
67 |
new->fsgid = exp->ex_anon_gid; |
8f6c5ffc8 kernel/groups.c: ... |
68 |
set_groups(new, gi); |
d84f4f992 CRED: Inaugurate ... |
69 |
put_group_info(gi); |
d84f4f992 CRED: Inaugurate ... |
70 |
|
6fab87790 nfsd: Properly co... |
71 |
if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID)) |
d84f4f992 CRED: Inaugurate ... |
72 73 74 75 |
new->cap_effective = cap_drop_nfsd_set(new->cap_effective); else new->cap_effective = cap_raise_nfsd_set(new->cap_effective, new->cap_permitted); |
e0e817392 CRED: Add some co... |
76 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
77 |
put_cred(override_creds(new)); |
b914152a6 nfsd: fix cred le... |
78 |
put_cred(new); |
e0e817392 CRED: Add some co... |
79 |
validate_process_creds(); |
3b11a1dec CRED: Differentia... |
80 |
return 0; |
d84f4f992 CRED: Inaugurate ... |
81 82 |
oom: |
d84f4f992 CRED: Inaugurate ... |
83 |
abort_creds(new); |
61a27f08a NFSD: Cleanup unu... |
84 |
return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
85 |
} |
b6dff3ec5 CRED: Separate ta... |
86 |