diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:16 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:16 -0500 |
commit | b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch) | |
tree | 9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /fs/nfsd | |
parent | 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff) |
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the
security data is temporarily embedded in the task_struct with two pointers
pointing to it.
Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
entry.S via asm-offsets.
With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/nfsd')
-rw-r--r-- | fs/nfsd/auth.c | 22 | ||||
-rw-r--r-- | fs/nfsd/nfs4recover.c | 12 | ||||
-rw-r--r-- | fs/nfsd/nfsfh.c | 6 |
3 files changed, 21 insertions, 19 deletions
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index 294992e9bf69..808fc03a6fbd 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c | |||
@@ -27,6 +27,7 @@ int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) | |||
27 | 27 | ||
28 | int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) | 28 | int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) |
29 | { | 29 | { |
30 | struct cred *act_as = current->cred ; | ||
30 | struct svc_cred cred = rqstp->rq_cred; | 31 | struct svc_cred cred = rqstp->rq_cred; |
31 | int i; | 32 | int i; |
32 | int flags = nfsexp_flags(rqstp, exp); | 33 | int flags = nfsexp_flags(rqstp, exp); |
@@ -55,25 +56,26 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) | |||
55 | get_group_info(cred.cr_group_info); | 56 | get_group_info(cred.cr_group_info); |
56 | 57 | ||
57 | if (cred.cr_uid != (uid_t) -1) | 58 | if (cred.cr_uid != (uid_t) -1) |
58 | current->fsuid = cred.cr_uid; | 59 | act_as->fsuid = cred.cr_uid; |
59 | else | 60 | else |
60 | current->fsuid = exp->ex_anon_uid; | 61 | act_as->fsuid = exp->ex_anon_uid; |
61 | if (cred.cr_gid != (gid_t) -1) | 62 | if (cred.cr_gid != (gid_t) -1) |
62 | current->fsgid = cred.cr_gid; | 63 | act_as->fsgid = cred.cr_gid; |
63 | else | 64 | else |
64 | current->fsgid = exp->ex_anon_gid; | 65 | act_as->fsgid = exp->ex_anon_gid; |
65 | 66 | ||
66 | if (!cred.cr_group_info) | 67 | if (!cred.cr_group_info) |
67 | return -ENOMEM; | 68 | return -ENOMEM; |
68 | ret = set_current_groups(cred.cr_group_info); | 69 | ret = set_groups(act_as, cred.cr_group_info); |
69 | put_group_info(cred.cr_group_info); | 70 | put_group_info(cred.cr_group_info); |
70 | if ((cred.cr_uid)) { | 71 | if ((cred.cr_uid)) { |
71 | current->cap_effective = | 72 | act_as->cap_effective = |
72 | cap_drop_nfsd_set(current->cap_effective); | 73 | cap_drop_nfsd_set(act_as->cap_effective); |
73 | } else { | 74 | } else { |
74 | current->cap_effective = | 75 | act_as->cap_effective = |
75 | cap_raise_nfsd_set(current->cap_effective, | 76 | cap_raise_nfsd_set(act_as->cap_effective, |
76 | current->cap_permitted); | 77 | act_as->cap_permitted); |
77 | } | 78 | } |
78 | return ret; | 79 | return ret; |
79 | } | 80 | } |
81 | |||
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index bb93946ace22..a5e14e8695ea 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c | |||
@@ -57,17 +57,17 @@ static int rec_dir_init = 0; | |||
57 | static void | 57 | static void |
58 | nfs4_save_user(uid_t *saveuid, gid_t *savegid) | 58 | nfs4_save_user(uid_t *saveuid, gid_t *savegid) |
59 | { | 59 | { |
60 | *saveuid = current->fsuid; | 60 | *saveuid = current->cred->fsuid; |
61 | *savegid = current->fsgid; | 61 | *savegid = current->cred->fsgid; |
62 | current->fsuid = 0; | 62 | current->cred->fsuid = 0; |
63 | current->fsgid = 0; | 63 | current->cred->fsgid = 0; |
64 | } | 64 | } |
65 | 65 | ||
66 | static void | 66 | static void |
67 | nfs4_reset_user(uid_t saveuid, gid_t savegid) | 67 | nfs4_reset_user(uid_t saveuid, gid_t savegid) |
68 | { | 68 | { |
69 | current->fsuid = saveuid; | 69 | current->cred->fsuid = saveuid; |
70 | current->fsgid = savegid; | 70 | current->cred->fsgid = savegid; |
71 | } | 71 | } |
72 | 72 | ||
73 | static void | 73 | static void |
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c index cd25d91895a1..e67cfaea0865 100644 --- a/fs/nfsd/nfsfh.c +++ b/fs/nfsd/nfsfh.c | |||
@@ -186,9 +186,9 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp) | |||
186 | * access control settings being in effect, we cannot | 186 | * access control settings being in effect, we cannot |
187 | * fix that case easily. | 187 | * fix that case easily. |
188 | */ | 188 | */ |
189 | current->cap_effective = | 189 | current->cred->cap_effective = |
190 | cap_raise_nfsd_set(current->cap_effective, | 190 | cap_raise_nfsd_set(current->cred->cap_effective, |
191 | current->cap_permitted); | 191 | current->cred->cap_permitted); |
192 | } else { | 192 | } else { |
193 | error = nfsd_setuser_and_check_port(rqstp, exp); | 193 | error = nfsd_setuser_and_check_port(rqstp, exp); |
194 | if (error) | 194 | if (error) |