aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:05 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:05 -0500
commitda9592edebceeba1b9301beafe80ec8b9c2db0ce (patch)
tree00c110cd8ff6d211d76ab4868b6175096a38aad5
parent82ab8deda7fef36f067ccdeacc3b3caefc970f89 (diff)
CRED: Wrap task credential accesses in the filesystem subsystem
Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat
-rw-r--r--fs/anon_inodes.c4
-rw-r--r--fs/attr.c4
-rw-r--r--fs/binfmt_elf_fdpic.c8
-rw-r--r--fs/dquot.c4
-rw-r--r--fs/exec.c18
-rw-r--r--fs/fcntl.c2
-rw-r--r--fs/inotify_user.c2
-rw-r--r--fs/ioprio.c4
-rw-r--r--fs/locks.c2
-rw-r--r--fs/namei.c10
-rw-r--r--fs/namespace.c2
-rw-r--r--fs/pipe.c4
-rw-r--r--fs/posix_acl.c4
-rw-r--r--fs/quota.c4
-rw-r--r--include/linux/fs.h2
15 files changed, 38 insertions, 36 deletions
diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index 3662dd44896b..c16d9be1b017 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -154,8 +154,8 @@ static struct inode *anon_inode_mkinode(void)
154 */ 154 */
155 inode->i_state = I_DIRTY; 155 inode->i_state = I_DIRTY;
156 inode->i_mode = S_IRUSR | S_IWUSR; 156 inode->i_mode = S_IRUSR | S_IWUSR;
157 inode->i_uid = current->fsuid; 157 inode->i_uid = current_fsuid();
158 inode->i_gid = current->fsgid; 158 inode->i_gid = current_fsgid();
159 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 159 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
160 return inode; 160 return inode;
161} 161}
diff --git a/fs/attr.c b/fs/attr.c
index 7a83819f6ba2..f4360192a938 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -29,13 +29,13 @@ int inode_change_ok(struct inode *inode, struct iattr *attr)
29 29
30 /* Make sure a caller can chown. */ 30 /* Make sure a caller can chown. */
31 if ((ia_valid & ATTR_UID) && 31 if ((ia_valid & ATTR_UID) &&
32 (current->fsuid != inode->i_uid || 32 (current_fsuid() != inode->i_uid ||
33 attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN)) 33 attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN))
34 goto error; 34 goto error;
35 35
36 /* Make sure caller can chgrp. */ 36 /* Make sure caller can chgrp. */
37 if ((ia_valid & ATTR_GID) && 37 if ((ia_valid & ATTR_GID) &&
38 (current->fsuid != inode->i_uid || 38 (current_fsuid() != inode->i_uid ||
39 (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) && 39 (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
40 !capable(CAP_CHOWN)) 40 !capable(CAP_CHOWN))
41 goto error; 41 goto error;
diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
index 5b5424cb3391..488584c87512 100644
--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -623,10 +623,10 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
623 NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr); 623 NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr);
624 NEW_AUX_ENT(AT_FLAGS, 0); 624 NEW_AUX_ENT(AT_FLAGS, 0);
625 NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr); 625 NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr);
626 NEW_AUX_ENT(AT_UID, (elf_addr_t) current->uid); 626 NEW_AUX_ENT(AT_UID, (elf_addr_t) current_uid());
627 NEW_AUX_ENT(AT_EUID, (elf_addr_t) current->euid); 627 NEW_AUX_ENT(AT_EUID, (elf_addr_t) current_euid());
628 NEW_AUX_ENT(AT_GID, (elf_addr_t) current->gid); 628 NEW_AUX_ENT(AT_GID, (elf_addr_t) current_gid());
629 NEW_AUX_ENT(AT_EGID, (elf_addr_t) current->egid); 629 NEW_AUX_ENT(AT_EGID, (elf_addr_t) current_egid());
630 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm)); 630 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
631 NEW_AUX_ENT(AT_EXECFN, bprm->exec); 631 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
632 632
diff --git a/fs/dquot.c b/fs/dquot.c
index 5e95261005b2..c237ccc8581c 100644
--- a/fs/dquot.c
+++ b/fs/dquot.c
@@ -874,7 +874,7 @@ static inline int need_print_warning(struct dquot *dquot)
874 874
875 switch (dquot->dq_type) { 875 switch (dquot->dq_type) {
876 case USRQUOTA: 876 case USRQUOTA:
877 return current->fsuid == dquot->dq_id; 877 return current_fsuid() == dquot->dq_id;
878 case GRPQUOTA: 878 case GRPQUOTA:
879 return in_group_p(dquot->dq_id); 879 return in_group_p(dquot->dq_id);
880 } 880 }
@@ -981,7 +981,7 @@ static void send_warning(const struct dquot *dquot, const char warntype)
981 MINOR(dquot->dq_sb->s_dev)); 981 MINOR(dquot->dq_sb->s_dev));
982 if (ret) 982 if (ret)
983 goto attr_err_out; 983 goto attr_err_out;
984 ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current->user->uid); 984 ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current_uid());
985 if (ret) 985 if (ret)
986 goto attr_err_out; 986 goto attr_err_out;
987 genlmsg_end(skb, msg_head); 987 genlmsg_end(skb, msg_head);
diff --git a/fs/exec.c b/fs/exec.c
index 4e834f16d9da..604834f3b208 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -980,7 +980,7 @@ int flush_old_exec(struct linux_binprm * bprm)
980 /* This is the point of no return */ 980 /* This is the point of no return */
981 current->sas_ss_sp = current->sas_ss_size = 0; 981 current->sas_ss_sp = current->sas_ss_size = 0;
982 982
983 if (current->euid == current->uid && current->egid == current->gid) 983 if (current_euid() == current_uid() && current_egid() == current_gid())
984 set_dumpable(current->mm, 1); 984 set_dumpable(current->mm, 1);
985 else 985 else
986 set_dumpable(current->mm, suid_dumpable); 986 set_dumpable(current->mm, suid_dumpable);
@@ -1007,7 +1007,7 @@ int flush_old_exec(struct linux_binprm * bprm)
1007 */ 1007 */
1008 current->mm->task_size = TASK_SIZE; 1008 current->mm->task_size = TASK_SIZE;
1009 1009
1010 if (bprm->e_uid != current->euid || bprm->e_gid != current->egid) { 1010 if (bprm->e_uid != current_euid() || bprm->e_gid != current_egid()) {
1011 suid_keys(current); 1011 suid_keys(current);
1012 set_dumpable(current->mm, suid_dumpable); 1012 set_dumpable(current->mm, suid_dumpable);
1013 current->pdeath_signal = 0; 1013 current->pdeath_signal = 0;
@@ -1047,8 +1047,8 @@ int prepare_binprm(struct linux_binprm *bprm)
1047 if (bprm->file->f_op == NULL) 1047 if (bprm->file->f_op == NULL)
1048 return -EACCES; 1048 return -EACCES;
1049 1049
1050 bprm->e_uid = current->euid; 1050 bprm->e_uid = current_euid();
1051 bprm->e_gid = current->egid; 1051 bprm->e_gid = current_egid();
1052 1052
1053 if(!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) { 1053 if(!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) {
1054 /* Set-uid? */ 1054 /* Set-uid? */
@@ -1096,7 +1096,7 @@ void compute_creds(struct linux_binprm *bprm)
1096{ 1096{
1097 int unsafe; 1097 int unsafe;
1098 1098
1099 if (bprm->e_uid != current->uid) { 1099 if (bprm->e_uid != current_uid()) {
1100 suid_keys(current); 1100 suid_keys(current);
1101 current->pdeath_signal = 0; 1101 current->pdeath_signal = 0;
1102 } 1102 }
@@ -1424,7 +1424,7 @@ static int format_corename(char *corename, long signr)
1424 /* uid */ 1424 /* uid */
1425 case 'u': 1425 case 'u':
1426 rc = snprintf(out_ptr, out_end - out_ptr, 1426 rc = snprintf(out_ptr, out_end - out_ptr,
1427 "%d", current->uid); 1427 "%d", current_uid());
1428 if (rc > out_end - out_ptr) 1428 if (rc > out_end - out_ptr)
1429 goto out; 1429 goto out;
1430 out_ptr += rc; 1430 out_ptr += rc;
@@ -1432,7 +1432,7 @@ static int format_corename(char *corename, long signr)
1432 /* gid */ 1432 /* gid */
1433 case 'g': 1433 case 'g':
1434 rc = snprintf(out_ptr, out_end - out_ptr, 1434 rc = snprintf(out_ptr, out_end - out_ptr,
1435 "%d", current->gid); 1435 "%d", current_gid());
1436 if (rc > out_end - out_ptr) 1436 if (rc > out_end - out_ptr)
1437 goto out; 1437 goto out;
1438 out_ptr += rc; 1438 out_ptr += rc;
@@ -1709,7 +1709,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1709 struct inode * inode; 1709 struct inode * inode;
1710 struct file * file; 1710 struct file * file;
1711 int retval = 0; 1711 int retval = 0;
1712 int fsuid = current->fsuid; 1712 int fsuid = current_fsuid();
1713 int flag = 0; 1713 int flag = 0;
1714 int ispipe = 0; 1714 int ispipe = 0;
1715 unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur; 1715 unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur;
@@ -1815,7 +1815,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1815 * Dont allow local users get cute and trick others to coredump 1815 * Dont allow local users get cute and trick others to coredump
1816 * into their pre-created files: 1816 * into their pre-created files:
1817 */ 1817 */
1818 if (inode->i_uid != current->fsuid) 1818 if (inode->i_uid != current_fsuid())
1819 goto close_fail; 1819 goto close_fail;
1820 if (!file->f_op) 1820 if (!file->f_op)
1821 goto close_fail; 1821 goto close_fail;
diff --git a/fs/fcntl.c b/fs/fcntl.c
index ac4f7db9f134..bf049a805e59 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -211,7 +211,7 @@ int __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
211 if (err) 211 if (err)
212 return err; 212 return err;
213 213
214 f_modown(filp, pid, type, current->uid, current->euid, force); 214 f_modown(filp, pid, type, current_uid(), current_euid(), force);
215 return 0; 215 return 0;
216} 216}
217EXPORT_SYMBOL(__f_setown); 217EXPORT_SYMBOL(__f_setown);
diff --git a/fs/inotify_user.c b/fs/inotify_user.c
index d367e9b92862..e2425bbd871f 100644
--- a/fs/inotify_user.c
+++ b/fs/inotify_user.c
@@ -601,7 +601,7 @@ asmlinkage long sys_inotify_init1(int flags)
601 goto out_put_fd; 601 goto out_put_fd;
602 } 602 }
603 603
604 user = get_uid(current->user); 604 user = get_current_user();
605 if (unlikely(atomic_read(&user->inotify_devs) >= 605 if (unlikely(atomic_read(&user->inotify_devs) >=
606 inotify_max_user_instances)) { 606 inotify_max_user_instances)) {
607 ret = -EMFILE; 607 ret = -EMFILE;
diff --git a/fs/ioprio.c b/fs/ioprio.c
index da3cc460d4df..68d2cd807118 100644
--- a/fs/ioprio.c
+++ b/fs/ioprio.c
@@ -32,8 +32,8 @@ static int set_task_ioprio(struct task_struct *task, int ioprio)
32 int err; 32 int err;
33 struct io_context *ioc; 33 struct io_context *ioc;
34 34
35 if (task->uid != current->euid && 35 if (task->uid != current_euid() &&
36 task->uid != current->uid && !capable(CAP_SYS_NICE)) 36 task->uid != current_uid() && !capable(CAP_SYS_NICE))
37 return -EPERM; 37 return -EPERM;
38 38
39 err = security_task_setioprio(task, ioprio); 39 err = security_task_setioprio(task, ioprio);
diff --git a/fs/locks.c b/fs/locks.c
index 09062e3ff104..46a2e12f7d42 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -1349,7 +1349,7 @@ int generic_setlease(struct file *filp, long arg, struct file_lock **flp)
1349 struct inode *inode = dentry->d_inode; 1349 struct inode *inode = dentry->d_inode;
1350 int error, rdlease_count = 0, wrlease_count = 0; 1350 int error, rdlease_count = 0, wrlease_count = 0;
1351 1351
1352 if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE)) 1352 if ((current_fsuid() != inode->i_uid) && !capable(CAP_LEASE))
1353 return -EACCES; 1353 return -EACCES;
1354 if (!S_ISREG(inode->i_mode)) 1354 if (!S_ISREG(inode->i_mode))
1355 return -EINVAL; 1355 return -EINVAL;
diff --git a/fs/namei.c b/fs/namei.c
index 09ce58e49e72..42d7b7606936 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -186,7 +186,7 @@ int generic_permission(struct inode *inode, int mask,
186 186
187 mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 187 mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
188 188
189 if (current->fsuid == inode->i_uid) 189 if (current_fsuid() == inode->i_uid)
190 mode >>= 6; 190 mode >>= 6;
191 else { 191 else {
192 if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 192 if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) {
@@ -441,7 +441,7 @@ static int exec_permission_lite(struct inode *inode)
441 if (inode->i_op && inode->i_op->permission) 441 if (inode->i_op && inode->i_op->permission)
442 return -EAGAIN; 442 return -EAGAIN;
443 443
444 if (current->fsuid == inode->i_uid) 444 if (current_fsuid() == inode->i_uid)
445 mode >>= 6; 445 mode >>= 6;
446 else if (in_group_p(inode->i_gid)) 446 else if (in_group_p(inode->i_gid))
447 mode >>= 3; 447 mode >>= 3;
@@ -1334,11 +1334,13 @@ static int user_path_parent(int dfd, const char __user *path,
1334 */ 1334 */
1335static inline int check_sticky(struct inode *dir, struct inode *inode) 1335static inline int check_sticky(struct inode *dir, struct inode *inode)
1336{ 1336{
1337 uid_t fsuid = current_fsuid();
1338
1337 if (!(dir->i_mode & S_ISVTX)) 1339 if (!(dir->i_mode & S_ISVTX))
1338 return 0; 1340 return 0;
1339 if (inode->i_uid == current->fsuid) 1341 if (inode->i_uid == fsuid)
1340 return 0; 1342 return 0;
1341 if (dir->i_uid == current->fsuid) 1343 if (dir->i_uid == fsuid)
1342 return 0; 1344 return 0;
1343 return !capable(CAP_FOWNER); 1345 return !capable(CAP_FOWNER);
1344} 1346}
diff --git a/fs/namespace.c b/fs/namespace.c
index cce46702d33c..d8bc2c4704a5 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1176,7 +1176,7 @@ static int mount_is_safe(struct path *path)
1176 if (S_ISLNK(path->dentry->d_inode->i_mode)) 1176 if (S_ISLNK(path->dentry->d_inode->i_mode))
1177 return -EPERM; 1177 return -EPERM;
1178 if (path->dentry->d_inode->i_mode & S_ISVTX) { 1178 if (path->dentry->d_inode->i_mode & S_ISVTX) {
1179 if (current->uid != path->dentry->d_inode->i_uid) 1179 if (current_uid() != path->dentry->d_inode->i_uid)
1180 return -EPERM; 1180 return -EPERM;
1181 } 1181 }
1182 if (inode_permission(path->dentry->d_inode, MAY_WRITE)) 1182 if (inode_permission(path->dentry->d_inode, MAY_WRITE))
diff --git a/fs/pipe.c b/fs/pipe.c
index 7aea8b89baac..aaf797bd57b9 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -899,8 +899,8 @@ static struct inode * get_pipe_inode(void)
899 */ 899 */
900 inode->i_state = I_DIRTY; 900 inode->i_state = I_DIRTY;
901 inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR; 901 inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR;
902 inode->i_uid = current->fsuid; 902 inode->i_uid = current_fsuid();
903 inode->i_gid = current->fsgid; 903 inode->i_gid = current_fsgid();
904 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 904 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
905 905
906 return inode; 906 return inode;
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index aec931e09973..39df95a0ec25 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -217,11 +217,11 @@ posix_acl_permission(struct inode *inode, const struct posix_acl *acl, int want)
217 switch(pa->e_tag) { 217 switch(pa->e_tag) {
218 case ACL_USER_OBJ: 218 case ACL_USER_OBJ:
219 /* (May have been checked already) */ 219 /* (May have been checked already) */
220 if (inode->i_uid == current->fsuid) 220 if (inode->i_uid == current_fsuid())
221 goto check_perm; 221 goto check_perm;
222 break; 222 break;
223 case ACL_USER: 223 case ACL_USER:
224 if (pa->e_id == current->fsuid) 224 if (pa->e_id == current_fsuid())
225 goto mask; 225 goto mask;
226 break; 226 break;
227 case ACL_GROUP_OBJ: 227 case ACL_GROUP_OBJ:
diff --git a/fs/quota.c b/fs/quota.c
index 7f4386ebc23a..b7fe44e01618 100644
--- a/fs/quota.c
+++ b/fs/quota.c
@@ -79,7 +79,7 @@ static int generic_quotactl_valid(struct super_block *sb, int type, int cmd, qid
79 79
80 /* Check privileges */ 80 /* Check privileges */
81 if (cmd == Q_GETQUOTA) { 81 if (cmd == Q_GETQUOTA) {
82 if (((type == USRQUOTA && current->euid != id) || 82 if (((type == USRQUOTA && current_euid() != id) ||
83 (type == GRPQUOTA && !in_egroup_p(id))) && 83 (type == GRPQUOTA && !in_egroup_p(id))) &&
84 !capable(CAP_SYS_ADMIN)) 84 !capable(CAP_SYS_ADMIN))
85 return -EPERM; 85 return -EPERM;
@@ -130,7 +130,7 @@ static int xqm_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t i
130 130
131 /* Check privileges */ 131 /* Check privileges */
132 if (cmd == Q_XGETQUOTA) { 132 if (cmd == Q_XGETQUOTA) {
133 if (((type == XQM_USRQUOTA && current->euid != id) || 133 if (((type == XQM_USRQUOTA && current_euid() != id) ||
134 (type == XQM_GRPQUOTA && !in_egroup_p(id))) && 134 (type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
135 !capable(CAP_SYS_ADMIN)) 135 !capable(CAP_SYS_ADMIN))
136 return -EPERM; 136 return -EPERM;
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 0dcdd9458f4b..b3d404aaabed 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1193,7 +1193,7 @@ enum {
1193#define has_fs_excl() atomic_read(&current->fs_excl) 1193#define has_fs_excl() atomic_read(&current->fs_excl)
1194 1194
1195#define is_owner_or_cap(inode) \ 1195#define is_owner_or_cap(inode) \
1196 ((current->fsuid == (inode)->i_uid) || capable(CAP_FOWNER)) 1196 ((current_fsuid() == (inode)->i_uid) || capable(CAP_FOWNER))
1197 1197
1198/* not quite ready to be deprecated, but... */ 1198/* not quite ready to be deprecated, but... */
1199extern void lock_super(struct super_block *); 1199extern void lock_super(struct super_block *);
generated by cgit v1.2.2 (git 2.25.0) at 2024-09-19 23:49:55 -0400