nfs4idmap.c 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664
  1. /*
  2. * Mapping of UID/GIDs to name and vice versa.
  3. *
  4. * Copyright (c) 2002, 2003 The Regents of the University of
  5. * Michigan. All rights reserved.
  6. *
  7. * Marius Aamodt Eriksen <marius@umich.edu>
  8. *
  9. * Redistribution and use in source and binary forms, with or without
  10. * modification, are permitted provided that the following conditions
  11. * are met:
  12. *
  13. * 1. Redistributions of source code must retain the above copyright
  14. * notice, this list of conditions and the following disclaimer.
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in the
  17. * documentation and/or other materials provided with the distribution.
  18. * 3. Neither the name of the University nor the names of its
  19. * contributors may be used to endorse or promote products derived
  20. * from this software without specific prior written permission.
  21. *
  22. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  23. * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  24. * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  25. * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  26. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  27. * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  28. * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  29. * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  30. * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  31. * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  32. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  33. */
  34. #include <linux/module.h>
  35. #include <linux/seq_file.h>
  36. #include <linux/sched.h>
  37. #include <linux/slab.h>
  38. #include <linux/sunrpc/svc_xprt.h>
  39. #include <net/net_namespace.h>
  40. #include "idmap.h"
  41. #include "nfsd.h"
  42. #include "netns.h"
  43. /*
  44. * Turn off idmapping when using AUTH_SYS.
  45. */
  46. static bool nfs4_disable_idmapping = true;
  47. module_param(nfs4_disable_idmapping, bool, 0644);
  48. MODULE_PARM_DESC(nfs4_disable_idmapping,
  49. "Turn off server's NFSv4 idmapping when using 'sec=sys'");
  50. /*
  51. * Cache entry
  52. */
  53. /*
  54. * XXX we know that IDMAP_NAMESZ < PAGE_SIZE, but it's ugly to rely on
  55. * that.
  56. */
  57. struct ent {
  58. struct cache_head h;
  59. int type; /* User / Group */
  60. u32 id;
  61. char name[IDMAP_NAMESZ];
  62. char authname[IDMAP_NAMESZ];
  63. };
  64. /* Common entry handling */
  65. #define ENT_HASHBITS 8
  66. #define ENT_HASHMAX (1 << ENT_HASHBITS)
  67. static void
  68. ent_init(struct cache_head *cnew, struct cache_head *citm)
  69. {
  70. struct ent *new = container_of(cnew, struct ent, h);
  71. struct ent *itm = container_of(citm, struct ent, h);
  72. new->id = itm->id;
  73. new->type = itm->type;
  74. strlcpy(new->name, itm->name, sizeof(new->name));
  75. strlcpy(new->authname, itm->authname, sizeof(new->name));
  76. }
  77. static void
  78. ent_put(struct kref *ref)
  79. {
  80. struct ent *map = container_of(ref, struct ent, h.ref);
  81. kfree(map);
  82. }
  83. static struct cache_head *
  84. ent_alloc(void)
  85. {
  86. struct ent *e = kmalloc(sizeof(*e), GFP_KERNEL);
  87. if (e)
  88. return &e->h;
  89. else
  90. return NULL;
  91. }
  92. /*
  93. * ID -> Name cache
  94. */
  95. static uint32_t
  96. idtoname_hash(struct ent *ent)
  97. {
  98. uint32_t hash;
  99. hash = hash_str(ent->authname, ENT_HASHBITS);
  100. hash = hash_long(hash ^ ent->id, ENT_HASHBITS);
  101. /* Flip LSB for user/group */
  102. if (ent->type == IDMAP_TYPE_GROUP)
  103. hash ^= 1;
  104. return hash;
  105. }
  106. static void
  107. idtoname_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
  108. int *blen)
  109. {
  110. struct ent *ent = container_of(ch, struct ent, h);
  111. char idstr[11];
  112. qword_add(bpp, blen, ent->authname);
  113. snprintf(idstr, sizeof(idstr), "%u", ent->id);
  114. qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
  115. qword_add(bpp, blen, idstr);
  116. (*bpp)[-1] = '\n';
  117. }
  118. static int
  119. idtoname_match(struct cache_head *ca, struct cache_head *cb)
  120. {
  121. struct ent *a = container_of(ca, struct ent, h);
  122. struct ent *b = container_of(cb, struct ent, h);
  123. return (a->id == b->id && a->type == b->type &&
  124. strcmp(a->authname, b->authname) == 0);
  125. }
  126. static int
  127. idtoname_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
  128. {
  129. struct ent *ent;
  130. if (h == NULL) {
  131. seq_puts(m, "#domain type id [name]\n");
  132. return 0;
  133. }
  134. ent = container_of(h, struct ent, h);
  135. seq_printf(m, "%s %s %u", ent->authname,
  136. ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
  137. ent->id);
  138. if (test_bit(CACHE_VALID, &h->flags))
  139. seq_printf(m, " %s", ent->name);
  140. seq_printf(m, "\n");
  141. return 0;
  142. }
  143. static void
  144. warn_no_idmapd(struct cache_detail *detail, int has_died)
  145. {
  146. printk("nfsd: nfsv4 idmapping failing: has idmapd %s?\n",
  147. has_died ? "died" : "not been started");
  148. }
  149. static int idtoname_parse(struct cache_detail *, char *, int);
  150. static struct ent *idtoname_lookup(struct cache_detail *, struct ent *);
  151. static struct ent *idtoname_update(struct cache_detail *, struct ent *,
  152. struct ent *);
  153. static struct cache_detail idtoname_cache_template = {
  154. .owner = THIS_MODULE,
  155. .hash_size = ENT_HASHMAX,
  156. .name = "nfs4.idtoname",
  157. .cache_put = ent_put,
  158. .cache_request = idtoname_request,
  159. .cache_parse = idtoname_parse,
  160. .cache_show = idtoname_show,
  161. .warn_no_listener = warn_no_idmapd,
  162. .match = idtoname_match,
  163. .init = ent_init,
  164. .update = ent_init,
  165. .alloc = ent_alloc,
  166. };
  167. static int
  168. idtoname_parse(struct cache_detail *cd, char *buf, int buflen)
  169. {
  170. struct ent ent, *res;
  171. char *buf1, *bp;
  172. int len;
  173. int error = -EINVAL;
  174. if (buf[buflen - 1] != '\n')
  175. return (-EINVAL);
  176. buf[buflen - 1]= '\0';
  177. buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
  178. if (buf1 == NULL)
  179. return (-ENOMEM);
  180. memset(&ent, 0, sizeof(ent));
  181. /* Authentication name */
  182. len = qword_get(&buf, buf1, PAGE_SIZE);
  183. if (len <= 0 || len >= IDMAP_NAMESZ)
  184. goto out;
  185. memcpy(ent.authname, buf1, sizeof(ent.authname));
  186. /* Type */
  187. if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
  188. goto out;
  189. ent.type = strcmp(buf1, "user") == 0 ?
  190. IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
  191. /* ID */
  192. if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
  193. goto out;
  194. ent.id = simple_strtoul(buf1, &bp, 10);
  195. if (bp == buf1)
  196. goto out;
  197. /* expiry */
  198. ent.h.expiry_time = get_expiry(&buf);
  199. if (ent.h.expiry_time == 0)
  200. goto out;
  201. error = -ENOMEM;
  202. res = idtoname_lookup(cd, &ent);
  203. if (!res)
  204. goto out;
  205. /* Name */
  206. error = -EINVAL;
  207. len = qword_get(&buf, buf1, PAGE_SIZE);
  208. if (len < 0 || len >= IDMAP_NAMESZ)
  209. goto out;
  210. if (len == 0)
  211. set_bit(CACHE_NEGATIVE, &ent.h.flags);
  212. else
  213. memcpy(ent.name, buf1, sizeof(ent.name));
  214. error = -ENOMEM;
  215. res = idtoname_update(cd, &ent, res);
  216. if (res == NULL)
  217. goto out;
  218. cache_put(&res->h, cd);
  219. error = 0;
  220. out:
  221. kfree(buf1);
  222. return error;
  223. }
  224. static struct ent *
  225. idtoname_lookup(struct cache_detail *cd, struct ent *item)
  226. {
  227. struct cache_head *ch = sunrpc_cache_lookup(cd, &item->h,
  228. idtoname_hash(item));
  229. if (ch)
  230. return container_of(ch, struct ent, h);
  231. else
  232. return NULL;
  233. }
  234. static struct ent *
  235. idtoname_update(struct cache_detail *cd, struct ent *new, struct ent *old)
  236. {
  237. struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
  238. idtoname_hash(new));
  239. if (ch)
  240. return container_of(ch, struct ent, h);
  241. else
  242. return NULL;
  243. }
  244. /*
  245. * Name -> ID cache
  246. */
  247. static inline int
  248. nametoid_hash(struct ent *ent)
  249. {
  250. return hash_str(ent->name, ENT_HASHBITS);
  251. }
  252. static void
  253. nametoid_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
  254. int *blen)
  255. {
  256. struct ent *ent = container_of(ch, struct ent, h);
  257. qword_add(bpp, blen, ent->authname);
  258. qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
  259. qword_add(bpp, blen, ent->name);
  260. (*bpp)[-1] = '\n';
  261. }
  262. static int
  263. nametoid_match(struct cache_head *ca, struct cache_head *cb)
  264. {
  265. struct ent *a = container_of(ca, struct ent, h);
  266. struct ent *b = container_of(cb, struct ent, h);
  267. return (a->type == b->type && strcmp(a->name, b->name) == 0 &&
  268. strcmp(a->authname, b->authname) == 0);
  269. }
  270. static int
  271. nametoid_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
  272. {
  273. struct ent *ent;
  274. if (h == NULL) {
  275. seq_puts(m, "#domain type name [id]\n");
  276. return 0;
  277. }
  278. ent = container_of(h, struct ent, h);
  279. seq_printf(m, "%s %s %s", ent->authname,
  280. ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
  281. ent->name);
  282. if (test_bit(CACHE_VALID, &h->flags))
  283. seq_printf(m, " %u", ent->id);
  284. seq_printf(m, "\n");
  285. return 0;
  286. }
  287. static struct ent *nametoid_lookup(struct cache_detail *, struct ent *);
  288. static struct ent *nametoid_update(struct cache_detail *, struct ent *,
  289. struct ent *);
  290. static int nametoid_parse(struct cache_detail *, char *, int);
  291. static struct cache_detail nametoid_cache_template = {
  292. .owner = THIS_MODULE,
  293. .hash_size = ENT_HASHMAX,
  294. .name = "nfs4.nametoid",
  295. .cache_put = ent_put,
  296. .cache_request = nametoid_request,
  297. .cache_parse = nametoid_parse,
  298. .cache_show = nametoid_show,
  299. .warn_no_listener = warn_no_idmapd,
  300. .match = nametoid_match,
  301. .init = ent_init,
  302. .update = ent_init,
  303. .alloc = ent_alloc,
  304. };
  305. static int
  306. nametoid_parse(struct cache_detail *cd, char *buf, int buflen)
  307. {
  308. struct ent ent, *res;
  309. char *buf1;
  310. int len, error = -EINVAL;
  311. if (buf[buflen - 1] != '\n')
  312. return (-EINVAL);
  313. buf[buflen - 1]= '\0';
  314. buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
  315. if (buf1 == NULL)
  316. return (-ENOMEM);
  317. memset(&ent, 0, sizeof(ent));
  318. /* Authentication name */
  319. len = qword_get(&buf, buf1, PAGE_SIZE);
  320. if (len <= 0 || len >= IDMAP_NAMESZ)
  321. goto out;
  322. memcpy(ent.authname, buf1, sizeof(ent.authname));
  323. /* Type */
  324. if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
  325. goto out;
  326. ent.type = strcmp(buf1, "user") == 0 ?
  327. IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
  328. /* Name */
  329. len = qword_get(&buf, buf1, PAGE_SIZE);
  330. if (len <= 0 || len >= IDMAP_NAMESZ)
  331. goto out;
  332. memcpy(ent.name, buf1, sizeof(ent.name));
  333. /* expiry */
  334. ent.h.expiry_time = get_expiry(&buf);
  335. if (ent.h.expiry_time == 0)
  336. goto out;
  337. /* ID */
  338. error = get_int(&buf, &ent.id);
  339. if (error == -EINVAL)
  340. goto out;
  341. if (error == -ENOENT)
  342. set_bit(CACHE_NEGATIVE, &ent.h.flags);
  343. error = -ENOMEM;
  344. res = nametoid_lookup(cd, &ent);
  345. if (res == NULL)
  346. goto out;
  347. res = nametoid_update(cd, &ent, res);
  348. if (res == NULL)
  349. goto out;
  350. cache_put(&res->h, cd);
  351. error = 0;
  352. out:
  353. kfree(buf1);
  354. return (error);
  355. }
  356. static struct ent *
  357. nametoid_lookup(struct cache_detail *cd, struct ent *item)
  358. {
  359. struct cache_head *ch = sunrpc_cache_lookup(cd, &item->h,
  360. nametoid_hash(item));
  361. if (ch)
  362. return container_of(ch, struct ent, h);
  363. else
  364. return NULL;
  365. }
  366. static struct ent *
  367. nametoid_update(struct cache_detail *cd, struct ent *new, struct ent *old)
  368. {
  369. struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
  370. nametoid_hash(new));
  371. if (ch)
  372. return container_of(ch, struct ent, h);
  373. else
  374. return NULL;
  375. }
  376. /*
  377. * Exported API
  378. */
  379. int
  380. nfsd_idmap_init(struct net *net)
  381. {
  382. int rv;
  383. struct nfsd_net *nn = net_generic(net, nfsd_net_id);
  384. nn->idtoname_cache = cache_create_net(&idtoname_cache_template, net);
  385. if (IS_ERR(nn->idtoname_cache))
  386. return PTR_ERR(nn->idtoname_cache);
  387. rv = cache_register_net(nn->idtoname_cache, net);
  388. if (rv)
  389. goto destroy_idtoname_cache;
  390. nn->nametoid_cache = cache_create_net(&nametoid_cache_template, net);
  391. if (IS_ERR(nn->nametoid_cache)) {
  392. rv = PTR_ERR(nn->nametoid_cache);
  393. goto unregister_idtoname_cache;
  394. }
  395. rv = cache_register_net(nn->nametoid_cache, net);
  396. if (rv)
  397. goto destroy_nametoid_cache;
  398. return 0;
  399. destroy_nametoid_cache:
  400. cache_destroy_net(nn->nametoid_cache, net);
  401. unregister_idtoname_cache:
  402. cache_unregister_net(nn->idtoname_cache, net);
  403. destroy_idtoname_cache:
  404. cache_destroy_net(nn->idtoname_cache, net);
  405. return rv;
  406. }
  407. void
  408. nfsd_idmap_shutdown(struct net *net)
  409. {
  410. struct nfsd_net *nn = net_generic(net, nfsd_net_id);
  411. cache_unregister_net(nn->idtoname_cache, net);
  412. cache_unregister_net(nn->nametoid_cache, net);
  413. cache_destroy_net(nn->idtoname_cache, net);
  414. cache_destroy_net(nn->nametoid_cache, net);
  415. }
  416. static int
  417. idmap_lookup(struct svc_rqst *rqstp,
  418. struct ent *(*lookup_fn)(struct cache_detail *, struct ent *),
  419. struct ent *key, struct cache_detail *detail, struct ent **item)
  420. {
  421. int ret;
  422. *item = lookup_fn(detail, key);
  423. if (!*item)
  424. return -ENOMEM;
  425. retry:
  426. ret = cache_check(detail, &(*item)->h, &rqstp->rq_chandle);
  427. if (ret == -ETIMEDOUT) {
  428. struct ent *prev_item = *item;
  429. *item = lookup_fn(detail, key);
  430. if (*item != prev_item)
  431. goto retry;
  432. cache_put(&(*item)->h, detail);
  433. }
  434. return ret;
  435. }
  436. static char *
  437. rqst_authname(struct svc_rqst *rqstp)
  438. {
  439. struct auth_domain *clp;
  440. clp = rqstp->rq_gssclient ? rqstp->rq_gssclient : rqstp->rq_client;
  441. return clp->name;
  442. }
  443. static __be32
  444. idmap_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen,
  445. u32 *id)
  446. {
  447. struct ent *item, key = {
  448. .type = type,
  449. };
  450. int ret;
  451. struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
  452. if (namelen + 1 > sizeof(key.name))
  453. return nfserr_badowner;
  454. memcpy(key.name, name, namelen);
  455. key.name[namelen] = '\0';
  456. strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
  457. ret = idmap_lookup(rqstp, nametoid_lookup, &key, nn->nametoid_cache, &item);
  458. if (ret == -ENOENT)
  459. return nfserr_badowner;
  460. if (ret)
  461. return nfserrno(ret);
  462. *id = item->id;
  463. cache_put(&item->h, nn->nametoid_cache);
  464. return 0;
  465. }
  466. static __be32 encode_ascii_id(struct xdr_stream *xdr, u32 id)
  467. {
  468. char buf[11];
  469. int len;
  470. __be32 *p;
  471. len = sprintf(buf, "%u", id);
  472. p = xdr_reserve_space(xdr, len + 4);
  473. if (!p)
  474. return nfserr_resource;
  475. p = xdr_encode_opaque(p, buf, len);
  476. return 0;
  477. }
  478. static __be32 idmap_id_to_name(struct xdr_stream *xdr,
  479. struct svc_rqst *rqstp, int type, u32 id)
  480. {
  481. struct ent *item, key = {
  482. .id = id,
  483. .type = type,
  484. };
  485. __be32 *p;
  486. int ret;
  487. struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
  488. strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
  489. ret = idmap_lookup(rqstp, idtoname_lookup, &key, nn->idtoname_cache, &item);
  490. if (ret == -ENOENT)
  491. return encode_ascii_id(xdr, id);
  492. if (ret)
  493. return nfserrno(ret);
  494. ret = strlen(item->name);
  495. WARN_ON_ONCE(ret > IDMAP_NAMESZ);
  496. p = xdr_reserve_space(xdr, ret + 4);
  497. if (!p)
  498. return nfserr_resource;
  499. p = xdr_encode_opaque(p, item->name, ret);
  500. cache_put(&item->h, nn->idtoname_cache);
  501. return 0;
  502. }
  503. static bool
  504. numeric_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
  505. {
  506. int ret;
  507. char buf[11];
  508. if (namelen + 1 > sizeof(buf))
  509. /* too long to represent a 32-bit id: */
  510. return false;
  511. /* Just to make sure it's null-terminated: */
  512. memcpy(buf, name, namelen);
  513. buf[namelen] = '\0';
  514. ret = kstrtouint(buf, 10, id);
  515. return ret == 0;
  516. }
  517. static __be32
  518. do_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
  519. {
  520. if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
  521. if (numeric_name_to_id(rqstp, type, name, namelen, id))
  522. return 0;
  523. /*
  524. * otherwise, fall through and try idmapping, for
  525. * backwards compatibility with clients sending names:
  526. */
  527. return idmap_name_to_id(rqstp, type, name, namelen, id);
  528. }
  529. static __be32 encode_name_from_id(struct xdr_stream *xdr,
  530. struct svc_rqst *rqstp, int type, u32 id)
  531. {
  532. if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
  533. return encode_ascii_id(xdr, id);
  534. return idmap_id_to_name(xdr, rqstp, type, id);
  535. }
  536. __be32
  537. nfsd_map_name_to_uid(struct svc_rqst *rqstp, const char *name, size_t namelen,
  538. kuid_t *uid)
  539. {
  540. __be32 status;
  541. u32 id = -1;
  542. status = do_name_to_id(rqstp, IDMAP_TYPE_USER, name, namelen, &id);
  543. *uid = make_kuid(&init_user_ns, id);
  544. if (!uid_valid(*uid))
  545. status = nfserr_badowner;
  546. return status;
  547. }
  548. __be32
  549. nfsd_map_name_to_gid(struct svc_rqst *rqstp, const char *name, size_t namelen,
  550. kgid_t *gid)
  551. {
  552. __be32 status;
  553. u32 id = -1;
  554. status = do_name_to_id(rqstp, IDMAP_TYPE_GROUP, name, namelen, &id);
  555. *gid = make_kgid(&init_user_ns, id);
  556. if (!gid_valid(*gid))
  557. status = nfserr_badowner;
  558. return status;
  559. }
  560. __be32 nfsd4_encode_user(struct xdr_stream *xdr, struct svc_rqst *rqstp,
  561. kuid_t uid)
  562. {
  563. u32 id = from_kuid(&init_user_ns, uid);
  564. return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_USER, id);
  565. }
  566. __be32 nfsd4_encode_group(struct xdr_stream *xdr, struct svc_rqst *rqstp,
  567. kgid_t gid)
  568. {
  569. u32 id = from_kgid(&init_user_ns, gid);
  570. return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_GROUP, id);
  571. }