aboutsummaryrefslogtreecommitdiffstats
path: root/fs/nfsd
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:26 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:26 -0500
commit3b11a1decef07c19443d24ae926982bc8ec9f4c0 (patch)
treeb6555f0e5b07f4b2badd332a0a900b974920c49d /fs/nfsd
parent98870ab0a5a3f1822aee681d2997017e1c87d026 (diff)
CRED: Differentiate objective and effective subjective credentials on a task
Differentiate the objective and real subjective credentials from the effective subjective credentials on a task by introducing a second credentials pointer into the task_struct. task_struct::real_cred then refers to the objective and apparent real subjective credentials of a task, as perceived by the other tasks in the system. task_struct::cred then refers to the effective subjective credentials of a task, as used by that task when it's actually running. These are not visible to the other tasks in the system. __task_cred(task) then refers to the objective/real credentials of the task in question. current_cred() refers to the effective subjective credentials of the current task. prepare_creds() uses the objective creds as a base and commit_creds() changes both pointers in the task_struct (indeed commit_creds() requires them to be the same). override_creds() and revert_creds() change the subjective creds pointer only, and the former returns the old subjective creds. These are used by NFSD, faccessat() and do_coredump(), and will by used by CacheFiles. In SELinux, current_has_perm() is provided as an alternative to task_has_perm(). This uses the effective subjective context of current, whereas task_has_perm() uses the objective/real context of the subject. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/nfsd')
-rw-r--r--fs/nfsd/auth.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 836ffa1047d9..0184fe9b514c 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -34,6 +34,8 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
34 int flags = nfsexp_flags(rqstp, exp); 34 int flags = nfsexp_flags(rqstp, exp);
35 int ret; 35 int ret;
36 36
37 /* discard any old override before preparing the new set */
38 revert_creds(get_cred(current->real_cred));
37 new = prepare_creds(); 39 new = prepare_creds();
38 if (!new) 40 if (!new)
39 return -ENOMEM; 41 return -ENOMEM;
@@ -82,7 +84,8 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
82 else 84 else
83 new->cap_effective = cap_raise_nfsd_set(new->cap_effective, 85 new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
84 new->cap_permitted); 86 new->cap_permitted);
85 return commit_creds(new); 87 put_cred(override_creds(new));
88 return 0;
86 89
87oom: 90oom:
88 ret = -ENOMEM; 91 ret = -ENOMEM;