p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SUNRPC: remove uid and gid from struct auth_cred 

Use cred->fsuid and cred->fsgid instead.

Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
This commit is contained in:
NeilBrown 2018-12-03 11:30:30 +11:00 committed by Anna Schumaker
parent fc0664fd9b
commit 8276c902bb
7 changed files with 29 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
fs/nfs/flexfilelayout/flexfilelayout.c
View File

@ -414,6 +414,8 @@ ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
struct auth_cred acred = {}; struct auth_cred acred = {};
struct rpc_cred __rcu *cred; struct rpc_cred __rcu *cred;
struct cred *kcred; struct cred *kcred;
kuid_t uid;
kgid_t gid;
u32 ds_count, fh_count, id; u32 ds_count, fh_count, id;
int j; int j;
@ -481,14 +483,14 @@ ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
if (rc) if (rc)
goto out_err_free; goto out_err_free;
acred.uid = make_kuid(&init_user_ns, id); uid = make_kuid(&init_user_ns, id);
/* group */ /* group */
rc = decode_name(&stream, &id); rc = decode_name(&stream, &id);
if (rc) if (rc)
goto out_err_free; goto out_err_free;
acred.gid = make_kgid(&init_user_ns, id); gid = make_kgid(&init_user_ns, id);
if (gfp_flags & __GFP_FS) if (gfp_flags & __GFP_FS)
kcred = prepare_kernel_cred(NULL); kcred = prepare_kernel_cred(NULL);
@ -500,8 +502,8 @@ ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
rc = -ENOMEM; rc = -ENOMEM;
if (!kcred) if (!kcred)
goto out_err_free; goto out_err_free;
kcred->fsuid = acred.uid; kcred->fsuid = uid;
kcred->fsgid = acred.gid; kcred->fsgid = gid;
acred.cred = kcred; acred.cred = kcred;
/* find the cred for it */ /* find the cred for it */
@ -533,8 +535,8 @@ ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
dprintk("%s: iomode %s uid %u gid %u\n", __func__, dprintk("%s: iomode %s uid %u gid %u\n", __func__,
lgr->range.iomode == IOMODE_READ ? "READ" : "RW", lgr->range.iomode == IOMODE_READ ? "READ" : "RW",
from_kuid(&init_user_ns, acred.uid), from_kuid(&init_user_ns, uid),
from_kgid(&init_user_ns, acred.gid)); from_kgid(&init_user_ns, gid));
} }
p = xdr_inline_decode(&stream, 4); p = xdr_inline_decode(&stream, 4);

6
fs/nfsd/nfs4callback.c
View File

@ -865,10 +865,8 @@ static struct rpc_cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc
if (!kcred) if (!kcred)
return NULL; return NULL;
acred.uid = ses->se_cb_sec.uid; kcred->uid = ses->se_cb_sec.uid;
acred.gid = ses->se_cb_sec.gid; kcred->gid = ses->se_cb_sec.gid;
kcred->uid = acred.uid;
kcred->gid = acred.gid;
acred.cred = kcred; acred.cred = kcred;
ret = auth->au_ops->lookup_cred(client->cl_auth, &acred, 0); ret = auth->au_ops->lookup_cred(client->cl_auth, &acred, 0);
put_cred(kcred); put_cred(kcred);

3
include/linux/sunrpc/auth.h
View File

@ -44,11 +44,8 @@ enum {
key will expire soon */ key will expire soon */
}; };
/* Work around the lack of a VFS credential */
struct auth_cred { struct auth_cred {
const struct cred *cred; const struct cred *cred;
kuid_t uid;
kgid_t gid;
const char *principal; const char *principal;
unsigned long ac_flags; unsigned long ac_flags;
unsigned char machine_cred : 1; unsigned char machine_cred : 1;

6
net/sunrpc/auth.c
View File

@ -656,8 +656,6 @@ rpcauth_lookupcred(struct rpc_auth *auth, int flags)
auth->au_ops->au_name); auth->au_ops->au_name);
memset(&acred, 0, sizeof(acred)); memset(&acred, 0, sizeof(acred));
acred.uid = cred->fsuid;
acred.gid = cred->fsgid;
acred.cred = cred; acred.cred = cred;
ret = auth->au_ops->lookup_cred(auth, &acred, flags); ret = auth->au_ops->lookup_cred(auth, &acred, flags);
return ret; return ret;
@ -675,7 +673,7 @@ rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
cred->cr_ops = ops; cred->cr_ops = ops;
cred->cr_expire = jiffies; cred->cr_expire = jiffies;
cred->cr_cred = get_cred(acred->cred); cred->cr_cred = get_cred(acred->cred);
cred->cr_uid = acred->uid; cred->cr_uid = acred->cred->fsuid;
} }
EXPORT_SYMBOL_GPL(rpcauth_init_cred); EXPORT_SYMBOL_GPL(rpcauth_init_cred);
@ -693,8 +691,6 @@ rpcauth_bind_root_cred(struct rpc_task *task, int lookupflags)
{ {
struct rpc_auth *auth = task->tk_client->cl_auth; struct rpc_auth *auth = task->tk_client->cl_auth;
struct auth_cred acred = { struct auth_cred acred = {
.uid = GLOBAL_ROOT_UID,
.gid = GLOBAL_ROOT_GID,
.cred = get_task_cred(&init_task), .cred = get_task_cred(&init_task),
}; };
struct rpc_cred *ret; struct rpc_cred *ret;

23
net/sunrpc/auth_generic.c
View File

@ -18,9 +18,6 @@
# define RPCDBG_FACILITY RPCDBG_AUTH # define RPCDBG_FACILITY RPCDBG_AUTH
#endif #endif
#define RPC_MACHINE_CRED_USERID GLOBAL_ROOT_UID
#define RPC_MACHINE_CRED_GROUPID GLOBAL_ROOT_GID
struct generic_cred { struct generic_cred {
struct rpc_cred gc_base; struct rpc_cred gc_base;
struct auth_cred acred; struct auth_cred acred;
@ -57,8 +54,6 @@ EXPORT_SYMBOL_GPL(rpc_lookup_cred_nonblock);
struct rpc_cred *rpc_lookup_machine_cred(const char *service_name) struct rpc_cred *rpc_lookup_machine_cred(const char *service_name)
{ {
struct auth_cred acred = { struct auth_cred acred = {
.uid = RPC_MACHINE_CRED_USERID,
.gid = RPC_MACHINE_CRED_GROUPID,
.principal = service_name, .principal = service_name,
.machine_cred = 1, .machine_cred = 1,
.cred = get_task_cred(&init_task), .cred = get_task_cred(&init_task),
@ -85,8 +80,8 @@ static struct rpc_cred *generic_bind_cred(struct rpc_task *task,
static int static int
generic_hash_cred(struct auth_cred *acred, unsigned int hashbits) generic_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{ {
return hash_64(from_kgid(&init_user_ns, acred->gid) | return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
((u64)from_kuid(&init_user_ns, acred->uid) << ((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
(sizeof(gid_t) * 8)), hashbits); (sizeof(gid_t) * 8)), hashbits);
} }
@ -111,8 +106,6 @@ generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, g
rpcauth_init_cred(&gcred->gc_base, acred, &generic_auth, &generic_credops); rpcauth_init_cred(&gcred->gc_base, acred, &generic_auth, &generic_credops);
gcred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; gcred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
gcred->acred.uid = acred->uid;
gcred->acred.gid = acred->gid;
gcred->acred.cred = gcred->gc_base.cr_cred; gcred->acred.cred = gcred->gc_base.cr_cred;
gcred->acred.ac_flags = 0; gcred->acred.ac_flags = 0;
gcred->acred.machine_cred = acred->machine_cred; gcred->acred.machine_cred = acred->machine_cred;
@ -121,8 +114,8 @@ generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, g
dprintk("RPC: allocated %s cred %p for uid %d gid %d\n", dprintk("RPC: allocated %s cred %p for uid %d gid %d\n",
gcred->acred.machine_cred ? "machine" : "generic", gcred->acred.machine_cred ? "machine" : "generic",
gcred, gcred,
from_kuid(&init_user_ns, acred->uid), from_kuid(&init_user_ns, acred->cred->fsuid),
from_kgid(&init_user_ns, acred->gid)); from_kgid(&init_user_ns, acred->cred->fsgid));
return &gcred->gc_base; return &gcred->gc_base;
} }
@ -154,8 +147,8 @@ machine_cred_match(struct auth_cred *acred, struct generic_cred *gcred, int flag
{ {
if (!gcred->acred.machine_cred || if (!gcred->acred.machine_cred ||
gcred->acred.principal != acred->principal || gcred->acred.principal != acred->principal ||
!uid_eq(gcred->acred.uid, acred->uid) || !uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
!gid_eq(gcred->acred.gid, acred->gid)) !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid))
return 0; return 0;
return 1; return 1;
} }
@ -173,8 +166,8 @@ generic_match(struct auth_cred *acred, struct rpc_cred *cred, int flags)
if (acred->machine_cred) if (acred->machine_cred)
return machine_cred_match(acred, gcred, flags); return machine_cred_match(acred, gcred, flags);
if (!uid_eq(gcred->acred.uid, acred->uid) || if (!uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
!gid_eq(gcred->acred.gid, acred->gid) || !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid) ||
gcred->acred.machine_cred != 0) gcred->acred.machine_cred != 0)
goto out_nomatch; goto out_nomatch;

9
net/sunrpc/auth_gss/auth_gss.c
View File

@ -1248,7 +1248,7 @@ gss_dup_cred(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
new = kzalloc(sizeof(*gss_cred), GFP_NOIO); new = kzalloc(sizeof(*gss_cred), GFP_NOIO);
if (new) { if (new) {
struct auth_cred acred = { struct auth_cred acred = {
.uid = gss_cred->gc_base.cr_uid, .cred = gss_cred->gc_base.cr_cred,
}; };
struct gss_cl_ctx *ctx = struct gss_cl_ctx *ctx =
rcu_dereference_protected(gss_cred->gc_ctx, 1); rcu_dereference_protected(gss_cred->gc_ctx, 1);
@ -1362,7 +1362,7 @@ gss_destroy_cred(struct rpc_cred *cred)
static int static int
gss_hash_cred(struct auth_cred *acred, unsigned int hashbits) gss_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{ {
return hash_64(from_kuid(&init_user_ns, acred->uid), hashbits); return hash_64(from_kuid(&init_user_ns, acred->cred->fsuid), hashbits);
} }
/* /*
@ -1382,7 +1382,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
int err = -ENOMEM; int err = -ENOMEM;
dprintk("RPC: %s for uid %d, flavor %d\n", dprintk("RPC: %s for uid %d, flavor %d\n",
__func__, from_kuid(&init_user_ns, acred->uid), __func__, from_kuid(&init_user_ns, acred->cred->fsuid),
auth->au_flavor); auth->au_flavor);
if (!(cred = kzalloc(sizeof(*cred), gfp))) if (!(cred = kzalloc(sizeof(*cred), gfp)))
@ -1523,7 +1523,7 @@ gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
} }
if (gss_cred->gc_principal != NULL) if (gss_cred->gc_principal != NULL)
return 0; return 0;
ret = uid_eq(rc->cr_uid, acred->uid); ret = uid_eq(rc->cr_uid, acred->cred->fsuid);
check_expire: check_expire:
if (ret == 0) if (ret == 0)
@ -1608,7 +1608,6 @@ static int gss_renew_cred(struct rpc_task *task)
gc_base); gc_base);
struct rpc_auth *auth = oldcred->cr_auth; struct rpc_auth *auth = oldcred->cr_auth;
struct auth_cred acred = { struct auth_cred acred = {
.uid = oldcred->cr_uid,
.cred = oldcred->cr_cred, .cred = oldcred->cr_cred,
.principal = gss_cred->gc_principal, .principal = gss_cred->gc_principal,
.machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0), .machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0),

12
net/sunrpc/auth_unix.c
View File

@ -48,8 +48,8 @@ unx_destroy(struct rpc_auth *auth)
static int static int
unx_hash_cred(struct auth_cred *acred, unsigned int hashbits) unx_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{ {
return hash_64(from_kgid(&init_user_ns, acred->gid) | return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
((u64)from_kuid(&init_user_ns, acred->uid) << ((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
(sizeof(gid_t) * 8)), hashbits); (sizeof(gid_t) * 8)), hashbits);
} }
@ -70,8 +70,8 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
unsigned int i; unsigned int i;
dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", dprintk("RPC: allocating UNIX cred for uid %d gid %d\n",
from_kuid(&init_user_ns, acred->uid), from_kuid(&init_user_ns, acred->cred->fsuid),
from_kgid(&init_user_ns, acred->gid)); from_kgid(&init_user_ns, acred->cred->fsgid));
if (!(cred = kmalloc(sizeof(*cred), gfp))) if (!(cred = kmalloc(sizeof(*cred), gfp)))
return ERR_PTR(-ENOMEM); return ERR_PTR(-ENOMEM);
@ -84,7 +84,7 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
if (groups > UNX_NGROUPS) if (groups > UNX_NGROUPS)
groups = UNX_NGROUPS; groups = UNX_NGROUPS;
cred->uc_gid = acred->gid; cred->uc_gid = acred->cred->fsgid;
for (i = 0; i < groups; i++) for (i = 0; i < groups; i++)
cred->uc_gids[i] = acred->cred->group_info->gid[i]; cred->uc_gids[i] = acred->cred->group_info->gid[i];
if (i < UNX_NGROUPS) if (i < UNX_NGROUPS)
@ -127,7 +127,7 @@ unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags)
unsigned int i; unsigned int i;
if (!uid_eq(cred->uc_uid, acred->uid) || !gid_eq(cred->uc_gid, acred->gid)) if (!uid_eq(cred->uc_uid, acred->cred->fsuid) || !gid_eq(cred->uc_gid, acred->cred->fsgid))
return 0; return 0;
if (acred->cred && acred->cred->group_info != NULL) if (acred->cred && acred->cred->group_info != NULL)