aboutsummaryrefslogtreecommitdiffstats
path: root/fs/nfsd
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:16 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:16 -0500
commitb6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch)
tree9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /fs/nfsd
parent15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff)
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the security data is temporarily embedded in the task_struct with two pointers pointing to it. Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in entry.S via asm-offsets. With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/nfsd')
-rw-r--r--fs/nfsd/auth.c22
-rw-r--r--fs/nfsd/nfs4recover.c12
-rw-r--r--fs/nfsd/nfsfh.c6
3 files changed, 21 insertions, 19 deletions
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 294992e9bf69..808fc03a6fbd 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -27,6 +27,7 @@ int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
27 27
28int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) 28int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
29{ 29{
30 struct cred *act_as = current->cred ;
30 struct svc_cred cred = rqstp->rq_cred; 31 struct svc_cred cred = rqstp->rq_cred;
31 int i; 32 int i;
32 int flags = nfsexp_flags(rqstp, exp); 33 int flags = nfsexp_flags(rqstp, exp);
@@ -55,25 +56,26 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
55 get_group_info(cred.cr_group_info); 56 get_group_info(cred.cr_group_info);
56 57
57 if (cred.cr_uid != (uid_t) -1) 58 if (cred.cr_uid != (uid_t) -1)
58 current->fsuid = cred.cr_uid; 59 act_as->fsuid = cred.cr_uid;
59 else 60 else
60 current->fsuid = exp->ex_anon_uid; 61 act_as->fsuid = exp->ex_anon_uid;
61 if (cred.cr_gid != (gid_t) -1) 62 if (cred.cr_gid != (gid_t) -1)
62 current->fsgid = cred.cr_gid; 63 act_as->fsgid = cred.cr_gid;
63 else 64 else
64 current->fsgid = exp->ex_anon_gid; 65 act_as->fsgid = exp->ex_anon_gid;
65 66
66 if (!cred.cr_group_info) 67 if (!cred.cr_group_info)
67 return -ENOMEM; 68 return -ENOMEM;
68 ret = set_current_groups(cred.cr_group_info); 69 ret = set_groups(act_as, cred.cr_group_info);
69 put_group_info(cred.cr_group_info); 70 put_group_info(cred.cr_group_info);
70 if ((cred.cr_uid)) { 71 if ((cred.cr_uid)) {
71 current->cap_effective = 72 act_as->cap_effective =
72 cap_drop_nfsd_set(current->cap_effective); 73 cap_drop_nfsd_set(act_as->cap_effective);
73 } else { 74 } else {
74 current->cap_effective = 75 act_as->cap_effective =
75 cap_raise_nfsd_set(current->cap_effective, 76 cap_raise_nfsd_set(act_as->cap_effective,
76 current->cap_permitted); 77 act_as->cap_permitted);
77 } 78 }
78 return ret; 79 return ret;
79} 80}
81
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index bb93946ace22..a5e14e8695ea 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -57,17 +57,17 @@ static int rec_dir_init = 0;
57static void 57static void
58nfs4_save_user(uid_t *saveuid, gid_t *savegid) 58nfs4_save_user(uid_t *saveuid, gid_t *savegid)
59{ 59{
60 *saveuid = current->fsuid; 60 *saveuid = current->cred->fsuid;
61 *savegid = current->fsgid; 61 *savegid = current->cred->fsgid;
62 current->fsuid = 0; 62 current->cred->fsuid = 0;
63 current->fsgid = 0; 63 current->cred->fsgid = 0;
64} 64}
65 65
66static void 66static void
67nfs4_reset_user(uid_t saveuid, gid_t savegid) 67nfs4_reset_user(uid_t saveuid, gid_t savegid)
68{ 68{
69 current->fsuid = saveuid; 69 current->cred->fsuid = saveuid;
70 current->fsgid = savegid; 70 current->cred->fsgid = savegid;
71} 71}
72 72
73static void 73static void
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index cd25d91895a1..e67cfaea0865 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -186,9 +186,9 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp)
186 * access control settings being in effect, we cannot 186 * access control settings being in effect, we cannot
187 * fix that case easily. 187 * fix that case easily.
188 */ 188 */
189 current->cap_effective = 189 current->cred->cap_effective =
190 cap_raise_nfsd_set(current->cap_effective, 190 cap_raise_nfsd_set(current->cred->cap_effective,
191 current->cap_permitted); 191 current->cred->cap_permitted);
192 } else { 192 } else {
193 error = nfsd_setuser_and_check_port(rqstp, exp); 193 error = nfsd_setuser_and_check_port(rqstp, exp);
194 if (error) 194 if (error)