4 files changed, 14 insertions, 14 deletions
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 4d6642b38eae..06cddd572264 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -47,9 +47,9 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
                if (!gi)
                        goto oom;
        } else if (flags & NFSEXP_ROOTSQUASH) {
-                if (!new->fsuid)
+                if (uid_eq(new->fsuid, GLOBAL_ROOT_UID))
                        new->fsuid = exp->ex_anon_uid;
-                if (!new->fsgid)
+                if (gid_eq(new->fsgid, GLOBAL_ROOT_GID))
                        new->fsgid = exp->ex_anon_gid;
                gi = groups_alloc(rqgi->ngroups);
@@ -66,9 +66,9 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
                gi = get_group_info(rqgi);
        }
-        if (new->fsuid == (uid_t) -1)
+        if (uid_eq(new->fsuid, INVALID_UID))
                new->fsuid = exp->ex_anon_uid;
-        if (new->fsgid == (gid_t) -1)
+        if (gid_eq(new->fsgid, INVALID_GID))
                new->fsgid = exp->ex_anon_gid;
        ret = set_groups(new, gi);
@@ -76,7 +76,7 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
        if (ret < 0)
                goto error;
-        if (new->fsuid)
+        if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID))
                new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
        else
                new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index ba6fdd4a0455..4914af4a817e 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -73,8 +73,8 @@ nfs4_save_creds(const struct cred **original_creds)
        if (!new)
                return -ENOMEM;
-        new->fsuid = 0;
+        new->fsuid = GLOBAL_ROOT_UID;
-        new->fsgid = 0;
+        new->fsgid = GLOBAL_ROOT_GID;
        *original_creds = override_creds(new);
        put_cred(new);
        return 0;
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index ac8ed96c4199..0af6d3c114ed 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -1202,7 +1202,7 @@ static bool groups_equal(struct group_info *g1, struct group_info *g2)
        if (g1->ngroups != g2->ngroups)
                return false;
        for (i=0; i<g1->ngroups; i++)
-                if (GROUP_AT(g1, i) != GROUP_AT(g2, i))
+                if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
                        return false;
        return true;
 }
@@ -1227,8 +1227,8 @@ static bool
 same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
 {
        if ((is_gss_cred(cr1) != is_gss_cred(cr2))
-                || (cr1->cr_uid != cr2->cr_uid)
+                || (!uid_eq(cr1->cr_uid, cr2->cr_uid))
-                || (cr1->cr_gid != cr2->cr_gid)
+                || (!gid_eq(cr1->cr_gid, cr2->cr_gid))
                || !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
                return false;
        if (cr1->cr_principal == cr2->cr_principal)
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index d586117fa94a..31ff1d642e31 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -401,8 +401,8 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
        /* Revoke setuid/setgid on chown */
        if (!S_ISDIR(inode->i_mode) &&
-            (((iap->ia_valid & ATTR_UID) && iap->ia_uid != inode->i_uid) ||
+            (((iap->ia_valid & ATTR_UID) && !uid_eq(iap->ia_uid, inode->i_uid)) ||
-             ((iap->ia_valid & ATTR_GID) && iap->ia_gid != inode->i_gid))) {
+             ((iap->ia_valid & ATTR_GID) && !gid_eq(iap->ia_gid, inode->i_gid)))) {
                iap->ia_valid |= ATTR_KILL_PRIV;
                if (iap->ia_valid & ATTR_MODE) {
                        /* we're setting mode too, just clear the s*id bits */
@@ -1205,7 +1205,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp,
         * send along the gid on create when it tries to implement
         * setgid directories via NFS:
         */
-        if (current_fsuid() != 0)
+        if (!uid_eq(current_fsuid(), GLOBAL_ROOT_UID))
                iap->ia_valid &= ~(ATTR_UID|ATTR_GID);
        if (iap->ia_valid)
                return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
@@ -2150,7 +2150,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
         * with NFSv3.
         */
        if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&
-            inode->i_uid == current_fsuid())
+            uid_eq(inode->i_uid, current_fsuid()))
                return 0;
        /* This assumes  NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */

diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index 4d6642b38eae..06cddd572264 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c
@@ -47,9 +47,9 @@ int nfsd_setuser(struct svc_rqst rqstp, struct svc_export exp)
47	if (!gi)	47	if (!gi)
48	goto oom;	48	goto oom;
49	} else if (flags & NFSEXP_ROOTSQUASH) {	49	} else if (flags & NFSEXP_ROOTSQUASH) {
50	if (!new->fsuid)	50	if (uid_eq(new->fsuid, GLOBAL_ROOT_UID))
51	new->fsuid = exp->ex_anon_uid;	51	new->fsuid = exp->ex_anon_uid;
52	if (!new->fsgid)	52	if (gid_eq(new->fsgid, GLOBAL_ROOT_GID))
53	new->fsgid = exp->ex_anon_gid;	53	new->fsgid = exp->ex_anon_gid;
54		54
55	gi = groups_alloc(rqgi->ngroups);	55	gi = groups_alloc(rqgi->ngroups);
@@ -66,9 +66,9 @@ int nfsd_setuser(struct svc_rqst rqstp, struct svc_export exp)
66	gi = get_group_info(rqgi);	66	gi = get_group_info(rqgi);
67	}	67	}
68		68
69	if (new->fsuid == (uid_t) -1)	69	if (uid_eq(new->fsuid, INVALID_UID))
70	new->fsuid = exp->ex_anon_uid;	70	new->fsuid = exp->ex_anon_uid;
71	if (new->fsgid == (gid_t) -1)	71	if (gid_eq(new->fsgid, INVALID_GID))
72	new->fsgid = exp->ex_anon_gid;	72	new->fsgid = exp->ex_anon_gid;
73		73
74	ret = set_groups(new, gi);	74	ret = set_groups(new, gi);
@@ -76,7 +76,7 @@ int nfsd_setuser(struct svc_rqst rqstp, struct svc_export exp)
76	if (ret < 0)	76	if (ret < 0)
77	goto error;	77	goto error;
78		78
79	if (new->fsuid)	79	if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID))
80	new->cap_effective = cap_drop_nfsd_set(new->cap_effective);	80	new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
81	else	81	else
82	new->cap_effective = cap_raise_nfsd_set(new->cap_effective,	82	new->cap_effective = cap_raise_nfsd_set(new->cap_effective,


diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index ba6fdd4a0455..4914af4a817e 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c
@@ -73,8 +73,8 @@ nfs4_save_creds(const struct cred **original_creds)
73	if (!new)	73	if (!new)
74	return -ENOMEM;	74	return -ENOMEM;
75		75
76	new->fsuid = 0;	76	new->fsuid = GLOBAL_ROOT_UID;
77	new->fsgid = 0;	77	new->fsgid = GLOBAL_ROOT_GID;
78	*original_creds = override_creds(new);	78	*original_creds = override_creds(new);
79	put_cred(new);	79	put_cred(new);
80	return 0;	80	return 0;


diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index ac8ed96c4199..0af6d3c114ed 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c
@@ -1202,7 +1202,7 @@ static bool groups_equal(struct group_info g1, struct group_info g2)
1202	if (g1->ngroups != g2->ngroups)	1202	if (g1->ngroups != g2->ngroups)
1203	return false;	1203	return false;
1204	for (i=0; i<g1->ngroups; i++)	1204	for (i=0; i<g1->ngroups; i++)
1205	if (GROUP_AT(g1, i) != GROUP_AT(g2, i))	1205	if (!gid_eq(GROUP_AT(g1, i), GROUP_AT(g2, i)))
1206	return false;	1206	return false;
1207	return true;	1207	return true;
1208	}	1208	}
@@ -1227,8 +1227,8 @@ static bool
1227	same_creds(struct svc_cred cr1, struct svc_cred cr2)	1227	same_creds(struct svc_cred cr1, struct svc_cred cr2)
1228	{	1228	{
1229	if ((is_gss_cred(cr1) != is_gss_cred(cr2))	1229	if ((is_gss_cred(cr1) != is_gss_cred(cr2))
1230	\|\| (cr1->cr_uid != cr2->cr_uid)	1230	\|\| (!uid_eq(cr1->cr_uid, cr2->cr_uid))
1231	\|\| (cr1->cr_gid != cr2->cr_gid)	1231	\|\| (!gid_eq(cr1->cr_gid, cr2->cr_gid))
1232	\|\| !groups_equal(cr1->cr_group_info, cr2->cr_group_info))	1232	\|\| !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
1233	return false;	1233	return false;
1234	if (cr1->cr_principal == cr2->cr_principal)	1234	if (cr1->cr_principal == cr2->cr_principal)


diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index d586117fa94a..31ff1d642e31 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c
@@ -401,8 +401,8 @@ nfsd_setattr(struct svc_rqst rqstp, struct svc_fh fhp, struct iattr *iap,
401		401
402	/* Revoke setuid/setgid on chown */	402	/* Revoke setuid/setgid on chown */
403	if (!S_ISDIR(inode->i_mode) &&	403	if (!S_ISDIR(inode->i_mode) &&
404	(((iap->ia_valid & ATTR_UID) && iap->ia_uid != inode->i_uid) \|\|	404	(((iap->ia_valid & ATTR_UID) && !uid_eq(iap->ia_uid, inode->i_uid)) \|\|
405	((iap->ia_valid & ATTR_GID) && iap->ia_gid != inode->i_gid))) {	405	((iap->ia_valid & ATTR_GID) && !gid_eq(iap->ia_gid, inode->i_gid)))) {
406	iap->ia_valid \|= ATTR_KILL_PRIV;	406	iap->ia_valid \|= ATTR_KILL_PRIV;
407	if (iap->ia_valid & ATTR_MODE) {	407	if (iap->ia_valid & ATTR_MODE) {
408	/* we're setting mode too, just clear the sid bits /	408	/* we're setting mode too, just clear the sid bits /
@@ -1205,7 +1205,7 @@ nfsd_create_setattr(struct svc_rqst rqstp, struct svc_fh resfhp,
1205	* send along the gid on create when it tries to implement	1205	* send along the gid on create when it tries to implement
1206	* setgid directories via NFS:	1206	* setgid directories via NFS:
1207	*/	1207	*/
1208	if (current_fsuid() != 0)	1208	if (!uid_eq(current_fsuid(), GLOBAL_ROOT_UID))
1209	iap->ia_valid &= ~(ATTR_UID\|ATTR_GID);	1209	iap->ia_valid &= ~(ATTR_UID\|ATTR_GID);
1210	if (iap->ia_valid)	1210	if (iap->ia_valid)
1211	return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);	1211	return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
@@ -2150,7 +2150,7 @@ nfsd_permission(struct svc_rqst rqstp, struct svc_export exp,
2150	* with NFSv3.	2150	* with NFSv3.
2151	*/	2151	*/
2152	if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&	2152	if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&
2153	inode->i_uid == current_fsuid())	2153	uid_eq(inode->i_uid, current_fsuid()))
2154	return 0;	2154	return 0;
2155		2155
2156	/* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */	2156	/* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */