Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5cc0a840 authored by David Howells's avatar David Howells Committed by James Morris
Browse files

CRED: Wrap task credential accesses in the NFS daemon 



Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.

Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().

Change some task->e?[ug]id to task_e?[ug]id().  In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Reviewed-by: default avatarJames Morris <jmorris@namei.org>
Acked-by: default avatarSerge Hallyn <serue@us.ibm.com>
Cc: J. Bruce Fields <bfields@fieldses.org>
Cc: Neil Brown <neilb@suse.de>
Cc: linux-nfs@vger.kernel.org
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 48937024

fs/nfsd/vfs.c

+3 −3
Original line number Original line Diff line number Diff line
@@ -1169,7 +1169,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp, 
	 * send along the gid on create when it tries to implement

	 * send along the gid on create when it tries to implement

	 * setgid directories via NFS:

	 * setgid directories via NFS:

	 */

	 */

	if (current->fsuid != 0)

	if (current_fsuid() != 0)

		iap->ia_valid &= ~(ATTR_UID|ATTR_GID);

		iap->ia_valid &= ~(ATTR_UID|ATTR_GID);

	if (iap->ia_valid)

	if (iap->ia_valid)

		return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);

		return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
@@ -2004,7 +2004,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, 
		IS_APPEND(inode)?	" append" : "",

		IS_APPEND(inode)?	" append" : "",

		__mnt_is_readonly(exp->ex_path.mnt)?	" ro" : "");

		__mnt_is_readonly(exp->ex_path.mnt)?	" ro" : "");

	dprintk("      owner %d/%d user %d/%d\n",

	dprintk("      owner %d/%d user %d/%d\n",

		inode->i_uid, inode->i_gid, current->fsuid, current->fsgid);

		inode->i_uid, inode->i_gid, current_fsuid(), current_fsgid());

#endif

#endif





	/* Normally we reject any write/sattr etc access on a read-only file

	/* Normally we reject any write/sattr etc access on a read-only file
@@ -2047,7 +2047,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, 
	 * with NFSv3.

	 * with NFSv3.

	 */

	 */

	if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&

	if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&

	    inode->i_uid == current->fsuid)

	    inode->i_uid == current_fsuid())

		return 0;

		return 0;





	/* This assumes  NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */

	/* This assumes  NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */