Home Explore Help
Register Sign In
dingyu
/
CooCenter-System-kernel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
CooCenter-Sy...
/
fs
/
nfsd
/
auth.c

auth.c 2.1 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */
    2. 

  2. 

  3. #include <linux/sched.h>
    4. 

  4. #include "nfsd.h"
    5. 

  5. #include "auth.h"
    6. 

  6. 

  7. int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
    8. 

  8. {
    9. 

  9. 	struct exp_flavor_info *f;
    10. 

  10. 	struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
    11. 

  11. 

  12. 	for (f = exp->ex_flavors; f < end; f++) {
    13. 

  13. 		if (f->pseudoflavor == rqstp->rq_cred.cr_flavor)
    14. 

  14. 			return f->flags;
    15. 

  15. 	}
    16. 

  16. 	return exp->ex_flags;
    17. 

  17. 

  18. }
    19. 

  19. 

  20. int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
    21. 

  21. {
    22. 

  22. 	struct group_info *rqgi;
    23. 

  23. 	struct group_info *gi;
    24. 

  24. 	struct cred *new;
    25. 

  25. 	int i;
    26. 

  26. 	int flags = nfsexp_flags(rqstp, exp);
    27. 

  27. 

  28. 	validate_process_creds();
    29. 

  29. 

  30. 	/* discard any old override before preparing the new set */
    31. 

  31. 	revert_creds(get_cred(current_real_cred()));
    32. 

  32. 	new = prepare_creds();
    33. 

  33. 	if (!new)
    34. 

  34. 		return -ENOMEM;
    35. 

  35. 

  36. 	new->fsuid = rqstp->rq_cred.cr_uid;
    37. 

  37. 	new->fsgid = rqstp->rq_cred.cr_gid;
    38. 

  38. 

  39. 	rqgi = rqstp->rq_cred.cr_group_info;
    40. 

  40. 

  41. 	if (flags & NFSEXP_ALLSQUASH) {
    42. 

  42. 		new->fsuid = exp->ex_anon_uid;
    43. 

  43. 		new->fsgid = exp->ex_anon_gid;
    44. 

  44. 		gi = groups_alloc(0);
    45. 

  45. 		if (!gi)
    46. 

  46. 			goto oom;
    47. 

  47. 	} else if (flags & NFSEXP_ROOTSQUASH) {
    48. 

  48. 		if (uid_eq(new->fsuid, GLOBAL_ROOT_UID))
    49. 

  49. 			new->fsuid = exp->ex_anon_uid;
    50. 

  50. 		if (gid_eq(new->fsgid, GLOBAL_ROOT_GID))
    51. 

  51. 			new->fsgid = exp->ex_anon_gid;
    52. 

  52. 

  53. 		gi = groups_alloc(rqgi->ngroups);
    54. 

  54. 		if (!gi)
    55. 

  55. 			goto oom;
    56. 

  56. 

  57. 		for (i = 0; i < rqgi->ngroups; i++) {
    58. 

  58. 			if (gid_eq(GLOBAL_ROOT_GID, GROUP_AT(rqgi, i)))
    59. 

  59. 				GROUP_AT(gi, i) = exp->ex_anon_gid;
    60. 

  60. 			else
    61. 

  61. 				GROUP_AT(gi, i) = GROUP_AT(rqgi, i);
    62. 

  62. 

  63. 		}
    64. 

  64. 

  65. 		/* Each thread allocates its own gi, no race */
    66. 

  66. 		groups_sort(gi);
    67. 

  67. 	} else {
    68. 

  68. 		gi = get_group_info(rqgi);
    69. 

  69. 	}
    70. 

  70. 

  71. 	if (uid_eq(new->fsuid, INVALID_UID))
    72. 

  72. 		new->fsuid = exp->ex_anon_uid;
    73. 

  73. 	if (gid_eq(new->fsgid, INVALID_GID))
    74. 

  74. 		new->fsgid = exp->ex_anon_gid;
    75. 

  75. 

  76. 	set_groups(new, gi);
    77. 

  77. 	put_group_info(gi);
    78. 

  78. 

  79. 	if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID))
    80. 

  80. 		new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
    81. 

  81. 	else
    82. 

  82. 		new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
    83. 

  83. 							new->cap_permitted);
    84. 

  84. 	validate_process_creds();
    85. 

  85. 	put_cred(override_creds(new));
    86. 

  86. 	put_cred(new);
    87. 

  87. 	validate_process_creds();
    88. 

  88. 	return 0;
    89. 

  89. 

  90. oom:
    91. 

  91. 	abort_creds(new);
    92. 

  92. 	return -ENOMEM;
    93. 

  93. }
    94. 

  94.