diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:38:49 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:38:49 -0500 |
| commit | 4eea03539d9a8e3f5056aed690efde1f75535e7b (patch) | |
| tree | 1dd58dee9a286459c7a70b8f82edcb63d20b2c07 /fs/ecryptfs/miscdev.c | |
| parent | ec4c2aacd16672febca053109eb9ddf672108ca1 (diff) | |
CRED: Wrap task credential accesses in the eCryptFS filesystem
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Mike Halcrow <mhalcrow@us.ibm.com>
Cc: Phillip Hellewell <phillip@hellewell.homeip.net>
Cc: ecryptfs-devel@lists.sourceforge.net
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/ecryptfs/miscdev.c')
| -rw-r--r-- | fs/ecryptfs/miscdev.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c index b484792a0996..047ac609695b 100644 --- a/fs/ecryptfs/miscdev.c +++ b/fs/ecryptfs/miscdev.c | |||
| @@ -42,11 +42,12 @@ ecryptfs_miscdev_poll(struct file *file, poll_table *pt) | |||
| 42 | { | 42 | { |
| 43 | struct ecryptfs_daemon *daemon; | 43 | struct ecryptfs_daemon *daemon; |
| 44 | unsigned int mask = 0; | 44 | unsigned int mask = 0; |
| 45 | uid_t euid = current_euid(); | ||
| 45 | int rc; | 46 | int rc; |
| 46 | 47 | ||
| 47 | mutex_lock(&ecryptfs_daemon_hash_mux); | 48 | mutex_lock(&ecryptfs_daemon_hash_mux); |
| 48 | /* TODO: Just use file->private_data? */ | 49 | /* TODO: Just use file->private_data? */ |
| 49 | rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, | 50 | rc = ecryptfs_find_daemon_by_euid(&daemon, euid, |
| 50 | current->nsproxy->user_ns); | 51 | current->nsproxy->user_ns); |
| 51 | BUG_ON(rc || !daemon); | 52 | BUG_ON(rc || !daemon); |
| 52 | mutex_lock(&daemon->mux); | 53 | mutex_lock(&daemon->mux); |
| @@ -83,6 +84,7 @@ static int | |||
| 83 | ecryptfs_miscdev_open(struct inode *inode, struct file *file) | 84 | ecryptfs_miscdev_open(struct inode *inode, struct file *file) |
| 84 | { | 85 | { |
| 85 | struct ecryptfs_daemon *daemon = NULL; | 86 | struct ecryptfs_daemon *daemon = NULL; |
| 87 | uid_t euid = current_euid(); | ||
| 86 | int rc; | 88 | int rc; |
| 87 | 89 | ||
| 88 | mutex_lock(&ecryptfs_daemon_hash_mux); | 90 | mutex_lock(&ecryptfs_daemon_hash_mux); |
| @@ -93,10 +95,10 @@ ecryptfs_miscdev_open(struct inode *inode, struct file *file) | |||
| 93 | "count; rc = [%d]\n", __func__, rc); | 95 | "count; rc = [%d]\n", __func__, rc); |
| 94 | goto out_unlock_daemon_list; | 96 | goto out_unlock_daemon_list; |
| 95 | } | 97 | } |
| 96 | rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, | 98 | rc = ecryptfs_find_daemon_by_euid(&daemon, euid, |
| 97 | current->nsproxy->user_ns); | 99 | current->nsproxy->user_ns); |
| 98 | if (rc || !daemon) { | 100 | if (rc || !daemon) { |
| 99 | rc = ecryptfs_spawn_daemon(&daemon, current->euid, | 101 | rc = ecryptfs_spawn_daemon(&daemon, euid, |
| 100 | current->nsproxy->user_ns, | 102 | current->nsproxy->user_ns, |
| 101 | task_pid(current)); | 103 | task_pid(current)); |
| 102 | if (rc) { | 104 | if (rc) { |
| @@ -147,10 +149,11 @@ static int | |||
| 147 | ecryptfs_miscdev_release(struct inode *inode, struct file *file) | 149 | ecryptfs_miscdev_release(struct inode *inode, struct file *file) |
| 148 | { | 150 | { |
| 149 | struct ecryptfs_daemon *daemon = NULL; | 151 | struct ecryptfs_daemon *daemon = NULL; |
| 152 | uid_t euid = current_euid(); | ||
| 150 | int rc; | 153 | int rc; |
| 151 | 154 | ||
| 152 | mutex_lock(&ecryptfs_daemon_hash_mux); | 155 | mutex_lock(&ecryptfs_daemon_hash_mux); |
| 153 | rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, | 156 | rc = ecryptfs_find_daemon_by_euid(&daemon, euid, |
| 154 | current->nsproxy->user_ns); | 157 | current->nsproxy->user_ns); |
| 155 | BUG_ON(rc || !daemon); | 158 | BUG_ON(rc || !daemon); |
| 156 | mutex_lock(&daemon->mux); | 159 | mutex_lock(&daemon->mux); |
| @@ -246,11 +249,12 @@ ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, | |||
| 246 | char packet_length[3]; | 249 | char packet_length[3]; |
| 247 | size_t i; | 250 | size_t i; |
| 248 | size_t total_length; | 251 | size_t total_length; |
| 252 | uid_t euid = current_euid(); | ||
| 249 | int rc; | 253 | int rc; |
| 250 | 254 | ||
| 251 | mutex_lock(&ecryptfs_daemon_hash_mux); | 255 | mutex_lock(&ecryptfs_daemon_hash_mux); |
| 252 | /* TODO: Just use file->private_data? */ | 256 | /* TODO: Just use file->private_data? */ |
| 253 | rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, | 257 | rc = ecryptfs_find_daemon_by_euid(&daemon, euid, |
| 254 | current->nsproxy->user_ns); | 258 | current->nsproxy->user_ns); |
| 255 | BUG_ON(rc || !daemon); | 259 | BUG_ON(rc || !daemon); |
| 256 | mutex_lock(&daemon->mux); | 260 | mutex_lock(&daemon->mux); |
| @@ -290,7 +294,7 @@ check_list: | |||
| 290 | * message from the queue; try again */ | 294 | * message from the queue; try again */ |
| 291 | goto check_list; | 295 | goto check_list; |
| 292 | } | 296 | } |
| 293 | BUG_ON(current->euid != daemon->euid); | 297 | BUG_ON(euid != daemon->euid); |
| 294 | BUG_ON(current->nsproxy->user_ns != daemon->user_ns); | 298 | BUG_ON(current->nsproxy->user_ns != daemon->user_ns); |
| 295 | BUG_ON(task_pid(current) != daemon->pid); | 299 | BUG_ON(task_pid(current) != daemon->pid); |
| 296 | msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, | 300 | msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, |
| @@ -414,6 +418,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, | |||
| 414 | size_t packet_size, packet_size_length, i; | 418 | size_t packet_size, packet_size_length, i; |
| 415 | ssize_t sz = 0; | 419 | ssize_t sz = 0; |
| 416 | char *data; | 420 | char *data; |
| 421 | uid_t euid = current_euid(); | ||
| 417 | int rc; | 422 | int rc; |
| 418 | 423 | ||
| 419 | if (count == 0) | 424 | if (count == 0) |
| @@ -463,8 +468,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, | |||
| 463 | goto out_free; | 468 | goto out_free; |
| 464 | } | 469 | } |
| 465 | rc = ecryptfs_miscdev_response(&data[i], packet_size, | 470 | rc = ecryptfs_miscdev_response(&data[i], packet_size, |
| 466 | current->euid, | 471 | euid, current->nsproxy->user_ns, |
| 467 | current->nsproxy->user_ns, | ||
| 468 | task_pid(current), seq); | 472 | task_pid(current), seq); |
| 469 | if (rc) | 473 | if (rc) |
| 470 | printk(KERN_WARNING "%s: Failed to deliver miscdev " | 474 | printk(KERN_WARNING "%s: Failed to deliver miscdev " |