diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2013-02-02 09:24:49 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2013-02-13 09:16:07 -0500 |
| commit | 03bc6d1cc1759e6b5959cacc02a19ef36e95e741 (patch) | |
| tree | a573059a5c568b5ad560e28d77d6ea27bc91eb07 /fs/nfsd | |
| parent | ab8e4aee0a3f73d1b12e6d63b42075f0586ad4fd (diff) | |
nfsd: Modify nfsd4_cb_sec to use kuids and kgids
Change uid and gid in struct nfsd4_cb_sec to be of type kuid_t and
kgid_t.
In nfsd4_decode_cb_sec when reading uids and gids off the wire convert
them to kuids and kgids, and if they don't convert to valid kuids or
valid kuids ignore RPC_AUTH_UNIX and don't fill in any of the fields.
Cc: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4xdr.c | 13 | ||||
| -rw-r--r-- | fs/nfsd/state.h | 4 |
2 files changed, 12 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 3812b06d24b1..2d1d06bae3a7 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c | |||
| @@ -464,9 +464,16 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ | |||
| 464 | READ32(dummy); | 464 | READ32(dummy); |
| 465 | READ_BUF(dummy * 4); | 465 | READ_BUF(dummy * 4); |
| 466 | if (cbs->flavor == (u32)(-1)) { | 466 | if (cbs->flavor == (u32)(-1)) { |
| 467 | cbs->uid = uid; | 467 | kuid_t kuid = make_kuid(&init_user_ns, uid); |
| 468 | cbs->gid = gid; | 468 | kgid_t kgid = make_kgid(&init_user_ns, gid); |
| 469 | cbs->flavor = RPC_AUTH_UNIX; | 469 | if (uid_valid(kuid) && gid_valid(kgid)) { |
| 470 | cbs->uid = kuid; | ||
| 471 | cbs->gid = kgid; | ||
| 472 | cbs->flavor = RPC_AUTH_UNIX; | ||
| 473 | } else { | ||
| 474 | dprintk("RPC_AUTH_UNIX with invalid" | ||
| 475 | "uid or gid ignoring!\n"); | ||
| 476 | } | ||
| 470 | } | 477 | } |
| 471 | break; | 478 | break; |
| 472 | case RPC_AUTH_GSS: | 479 | case RPC_AUTH_GSS: |
diff --git a/fs/nfsd/state.h b/fs/nfsd/state.h index d1c229feed52..1a8c7391f7ae 100644 --- a/fs/nfsd/state.h +++ b/fs/nfsd/state.h | |||
| @@ -152,8 +152,8 @@ struct nfsd4_channel_attrs { | |||
| 152 | 152 | ||
| 153 | struct nfsd4_cb_sec { | 153 | struct nfsd4_cb_sec { |
| 154 | u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */ | 154 | u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */ |
| 155 | u32 uid; | 155 | kuid_t uid; |
| 156 | u32 gid; | 156 | kgid_t gid; |
| 157 | }; | 157 | }; |
| 158 | 158 | ||
| 159 | struct nfsd4_create_session { | 159 | struct nfsd4_create_session { |