Commit 5cc0a840 authored by David Howells's avatar David Howells Committed by James Morris

CRED: Wrap task credential accesses in the NFS daemon

Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.

Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().

Change some task->e?[ug]id to task_e?[ug]id().  In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Reviewed-by: default avatarJames Morris <jmorris@namei.org>
Acked-by: default avatarSerge Hallyn <serue@us.ibm.com>
Cc: J. Bruce Fields <bfields@fieldses.org>
Cc: Neil Brown <neilb@suse.de>
Cc: linux-nfs@vger.kernel.org
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 48937024
...@@ -1169,7 +1169,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp, ...@@ -1169,7 +1169,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp,
* send along the gid on create when it tries to implement * send along the gid on create when it tries to implement
* setgid directories via NFS: * setgid directories via NFS:
*/ */
if (current->fsuid != 0) if (current_fsuid() != 0)
iap->ia_valid &= ~(ATTR_UID|ATTR_GID); iap->ia_valid &= ~(ATTR_UID|ATTR_GID);
if (iap->ia_valid) if (iap->ia_valid)
return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0); return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
...@@ -2004,7 +2004,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, ...@@ -2004,7 +2004,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
IS_APPEND(inode)? " append" : "", IS_APPEND(inode)? " append" : "",
__mnt_is_readonly(exp->ex_path.mnt)? " ro" : ""); __mnt_is_readonly(exp->ex_path.mnt)? " ro" : "");
dprintk(" owner %d/%d user %d/%d\n", dprintk(" owner %d/%d user %d/%d\n",
inode->i_uid, inode->i_gid, current->fsuid, current->fsgid); inode->i_uid, inode->i_gid, current_fsuid(), current_fsgid());
#endif #endif
/* Normally we reject any write/sattr etc access on a read-only file /* Normally we reject any write/sattr etc access on a read-only file
...@@ -2047,7 +2047,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, ...@@ -2047,7 +2047,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
* with NFSv3. * with NFSv3.
*/ */
if ((acc & NFSD_MAY_OWNER_OVERRIDE) && if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&
inode->i_uid == current->fsuid) inode->i_uid == current_fsuid())
return 0; return 0;
/* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */ /* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment