ホーム エクスプローラ ヘルプ
サインイン
Rydia
/
linux-phytium
Watch 1
Star 0
Fork 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 6793c0e942
ブランチ タグ
linux-phytium
/
fs
/
nfsd
/
auth.c

auth.c 2.1 KB
履歴 Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. // SPDX-License-Identifier: GPL-2.0
    2. 

  2. /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */
    3. 

  3. 

  4. #include <linux/sched.h>
    5. 

  5. #include "nfsd.h"
    6. 

  6. #include "auth.h"
    7. 

  7. 

  8. int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
    9. 

  9. {
    10. 

  10. 	struct exp_flavor_info *f;
    11. 

  11. 	struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
    12. 

  12. 

  13. 	for (f = exp->ex_flavors; f < end; f++) {
    14. 

  14. 		if (f->pseudoflavor == rqstp->rq_cred.cr_flavor)
    15. 

  15. 			return f->flags;
    16. 

  16. 	}
    17. 

  17. 	return exp->ex_flags;
    18. 

  18. 

  19. }
    20. 

  20. 

  21. int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
    22. 

  22. {
    23. 

  23. 	struct group_info *rqgi;
    24. 

  24. 	struct group_info *gi;
    25. 

  25. 	struct cred *new;
    26. 

  26. 	int i;
    27. 

  27. 	int flags = nfsexp_flags(rqstp, exp);
    28. 

  28. 

  29. 	validate_process_creds();
    30. 

  30. 

  31. 	/* discard any old override before preparing the new set */
    32. 

  32. 	revert_creds(get_cred(current_real_cred()));
    33. 

  33. 	new = prepare_creds();
    34. 

  34. 	if (!new)
    35. 

  35. 		return -ENOMEM;
    36. 

  36. 

  37. 	new->fsuid = rqstp->rq_cred.cr_uid;
    38. 

  38. 	new->fsgid = rqstp->rq_cred.cr_gid;
    39. 

  39. 

  40. 	rqgi = rqstp->rq_cred.cr_group_info;
    41. 

  41. 

  42. 	if (flags & NFSEXP_ALLSQUASH) {
    43. 

  43. 		new->fsuid = exp->ex_anon_uid;
    44. 

  44. 		new->fsgid = exp->ex_anon_gid;
    45. 

  45. 		gi = groups_alloc(0);
    46. 

  46. 		if (!gi)
    47. 

  47. 			goto oom;
    48. 

  48. 	} else if (flags & NFSEXP_ROOTSQUASH) {
    49. 

  49. 		if (uid_eq(new->fsuid, GLOBAL_ROOT_UID))
    50. 

  50. 			new->fsuid = exp->ex_anon_uid;
    51. 

  51. 		if (gid_eq(new->fsgid, GLOBAL_ROOT_GID))
    52. 

  52. 			new->fsgid = exp->ex_anon_gid;
    53. 

  53. 

  54. 		gi = groups_alloc(rqgi->ngroups);
    55. 

  55. 		if (!gi)
    56. 

  56. 			goto oom;
    57. 

  57. 

  58. 		for (i = 0; i < rqgi->ngroups; i++) {
    59. 

  59. 			if (gid_eq(GLOBAL_ROOT_GID, rqgi->gid[i]))
    60. 

  60. 				gi->gid[i] = exp->ex_anon_gid;
    61. 

  61. 			else
    62. 

  62. 				gi->gid[i] = rqgi->gid[i];
    63. 

  63. 		}
    64. 

  64. 

  65. 		/* Each thread allocates its own gi, no race */
    66. 

  66. 		groups_sort(gi);
    67. 

  67. 	} else {
    68. 

  68. 		gi = get_group_info(rqgi);
    69. 

  69. 	}
    70. 

  70. 

  71. 	if (uid_eq(new->fsuid, INVALID_UID))
    72. 

  72. 		new->fsuid = exp->ex_anon_uid;
    73. 

  73. 	if (gid_eq(new->fsgid, INVALID_GID))
    74. 

  74. 		new->fsgid = exp->ex_anon_gid;
    75. 

  75. 

  76. 	set_groups(new, gi);
    77. 

  77. 	put_group_info(gi);
    78. 

  78. 

  79. 	if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID))
    80. 

  80. 		new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
    81. 

  81. 	else
    82. 

  82. 		new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
    83. 

  83. 							new->cap_permitted);
    84. 

  84. 	validate_process_creds();
    85. 

  85. 	put_cred(override_creds(new));
    86. 

  86. 	put_cred(new);
    87. 

  87. 	validate_process_creds();
    88. 

  88. 	return 0;
    89. 

  89. 

  90. oom:
    91. 

  91. 	abort_creds(new);
    92. 

  92. 	return -ENOMEM;
    93. 

  93. }
    94. 

  94. 

  95.