diff options
Diffstat (limited to 'net/sunrpc/auth_unix.c')
-rw-r--r-- | net/sunrpc/auth_unix.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c index e50502d8ceb7..52c5abdee211 100644 --- a/net/sunrpc/auth_unix.c +++ b/net/sunrpc/auth_unix.c | |||
@@ -12,6 +12,7 @@ | |||
12 | #include <linux/module.h> | 12 | #include <linux/module.h> |
13 | #include <linux/sunrpc/clnt.h> | 13 | #include <linux/sunrpc/clnt.h> |
14 | #include <linux/sunrpc/auth.h> | 14 | #include <linux/sunrpc/auth.h> |
15 | #include <linux/user_namespace.h> | ||
15 | 16 | ||
16 | #define NFS_NGROUPS 16 | 17 | #define NFS_NGROUPS 16 |
17 | 18 | ||
@@ -78,8 +79,11 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | |||
78 | groups = NFS_NGROUPS; | 79 | groups = NFS_NGROUPS; |
79 | 80 | ||
80 | cred->uc_gid = acred->gid; | 81 | cred->uc_gid = acred->gid; |
81 | for (i = 0; i < groups; i++) | 82 | for (i = 0; i < groups; i++) { |
82 | cred->uc_gids[i] = GROUP_AT(acred->group_info, i); | 83 | gid_t gid; |
84 | gid = from_kgid(&init_user_ns, GROUP_AT(acred->group_info, i)); | ||
85 | cred->uc_gids[i] = gid; | ||
86 | } | ||
83 | if (i < NFS_NGROUPS) | 87 | if (i < NFS_NGROUPS) |
84 | cred->uc_gids[i] = NOGROUP; | 88 | cred->uc_gids[i] = NOGROUP; |
85 | 89 | ||
@@ -126,9 +130,12 @@ unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags) | |||
126 | groups = acred->group_info->ngroups; | 130 | groups = acred->group_info->ngroups; |
127 | if (groups > NFS_NGROUPS) | 131 | if (groups > NFS_NGROUPS) |
128 | groups = NFS_NGROUPS; | 132 | groups = NFS_NGROUPS; |
129 | for (i = 0; i < groups ; i++) | 133 | for (i = 0; i < groups ; i++) { |
130 | if (cred->uc_gids[i] != GROUP_AT(acred->group_info, i)) | 134 | gid_t gid; |
135 | gid = from_kgid(&init_user_ns, GROUP_AT(acred->group_info, i)); | ||
136 | if (cred->uc_gids[i] != gid) | ||
131 | return 0; | 137 | return 0; |
138 | } | ||
132 | if (groups < NFS_NGROUPS && | 139 | if (groups < NFS_NGROUPS && |
133 | cred->uc_gids[groups] != NOGROUP) | 140 | cred->uc_gids[groups] != NOGROUP) |
134 | return 0; | 141 | return 0; |