]>
Commit | Line | Data |
---|---|---|
716154c5 BB |
1 | /*****************************************************************************\ |
2 | * Copyright (C) 2007-2010 Lawrence Livermore National Security, LLC. | |
3 | * Copyright (C) 2007 The Regents of the University of California. | |
4 | * Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER). | |
5 | * Written by Brian Behlendorf <behlendorf1@llnl.gov>. | |
ec7d53e9 BB |
6 | * UCRL-CODE-235197 |
7 | * | |
716154c5 | 8 | * This file is part of the SPL, Solaris Porting Layer. |
3d6af2dd | 9 | * For details, see <http://zfsonlinux.org/>. |
ec7d53e9 | 10 | * |
716154c5 BB |
11 | * The SPL is free software; you can redistribute it and/or modify it |
12 | * under the terms of the GNU General Public License as published by the | |
13 | * Free Software Foundation; either version 2 of the License, or (at your | |
14 | * option) any later version. | |
15 | * | |
16 | * The SPL is distributed in the hope that it will be useful, but WITHOUT | |
ec7d53e9 BB |
17 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
18 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
19 | * for more details. | |
20 | * | |
21 | * You should have received a copy of the GNU General Public License along | |
716154c5 BB |
22 | * with the SPL. If not, see <http://www.gnu.org/licenses/>. |
23 | ***************************************************************************** | |
24 | * Solaris Porting Layer (SPL) Credential Implementation. | |
25 | \*****************************************************************************/ | |
ec7d53e9 BB |
26 | |
27 | #include <sys/cred.h> | |
28 | ||
29 | #ifdef DEBUG_SUBSYSTEM | |
30 | #undef DEBUG_SUBSYSTEM | |
31 | #endif | |
32 | ||
33 | #define DEBUG_SUBSYSTEM S_CRED | |
34 | ||
ec7d53e9 | 35 | static int |
f7fd6ddd RY |
36 | #ifdef HAVE_KUIDGID_T |
37 | cr_groups_search(const struct group_info *group_info, kgid_t grp) | |
38 | #else | |
ec7d53e9 | 39 | cr_groups_search(const struct group_info *group_info, gid_t grp) |
f7fd6ddd | 40 | #endif |
ec7d53e9 | 41 | { |
e19101e0 BB |
42 | unsigned int left, right, mid; |
43 | int cmp; | |
ec7d53e9 BB |
44 | |
45 | if (!group_info) | |
46 | return 0; | |
47 | ||
48 | left = 0; | |
49 | right = group_info->ngroups; | |
50 | while (left < right) { | |
e19101e0 BB |
51 | mid = (left + right) / 2; |
52 | cmp = KGID_TO_SGID(grp) - | |
53 | KGID_TO_SGID(GROUP_AT(group_info, mid)); | |
54 | ||
ec7d53e9 BB |
55 | if (cmp > 0) |
56 | left = mid + 1; | |
57 | else if (cmp < 0) | |
58 | right = mid; | |
59 | else | |
60 | return 1; | |
61 | } | |
62 | return 0; | |
63 | } | |
ec7d53e9 BB |
64 | |
65 | /* Hold a reference on the credential and group info */ | |
66 | void | |
67 | crhold(cred_t *cr) | |
68 | { | |
69 | (void)get_cred((const cred_t *)cr); | |
70 | (void)get_group_info(cr->group_info); | |
71 | } | |
72 | ||
73 | /* Free a reference on the credential and group info */ | |
74 | void | |
75 | crfree(cred_t *cr) | |
76 | { | |
77 | put_group_info(cr->group_info); | |
78 | put_cred((const cred_t *)cr); | |
79 | } | |
80 | ||
ec7d53e9 BB |
81 | /* Return the number of supplemental groups */ |
82 | int | |
83 | crgetngroups(const cred_t *cr) | |
84 | { | |
85 | struct group_info *gi; | |
86 | int rc; | |
87 | ||
88 | gi = get_group_info(cr->group_info); | |
89 | rc = gi->ngroups; | |
90 | put_group_info(gi); | |
91 | ||
92 | return rc; | |
93 | } | |
94 | ||
95 | /* | |
96 | * Return an array of supplemental gids. The returned address is safe | |
97 | * to use as long as the caller has taken a reference with crhold(). | |
98 | * The caller is responsible for releasing the reference with crfree(). | |
99 | */ | |
100 | gid_t * | |
101 | crgetgroups(const cred_t *cr) | |
102 | { | |
103 | struct group_info *gi; | |
104 | gid_t *gids; | |
105 | ||
106 | gi = get_group_info(cr->group_info); | |
f7fd6ddd | 107 | gids = KGIDP_TO_SGIDP(gi->blocks[0]); |
ec7d53e9 BB |
108 | put_group_info(gi); |
109 | ||
110 | return gids; | |
111 | } | |
112 | ||
e19101e0 | 113 | /* Check if the passed gid is available in supplied credential. */ |
ec7d53e9 BB |
114 | int |
115 | groupmember(gid_t gid, const cred_t *cr) | |
116 | { | |
117 | struct group_info *gi; | |
118 | int rc; | |
119 | ||
120 | gi = get_group_info(cr->group_info); | |
e19101e0 | 121 | rc = cr_groups_search(gi, SGID_TO_KGID(gid)); |
ec7d53e9 BB |
122 | put_group_info(gi); |
123 | ||
124 | return rc; | |
125 | } | |
126 | ||
734fcac7 BB |
127 | /* Return the effective user id */ |
128 | uid_t | |
129 | crgetuid(const cred_t *cr) | |
130 | { | |
f7fd6ddd | 131 | return KUID_TO_SUID(cr->euid); |
734fcac7 BB |
132 | } |
133 | ||
134 | /* Return the real user id */ | |
135 | uid_t | |
136 | crgetruid(const cred_t *cr) | |
137 | { | |
f7fd6ddd | 138 | return KUID_TO_SUID(cr->uid); |
734fcac7 BB |
139 | } |
140 | ||
141 | /* Return the saved user id */ | |
142 | uid_t | |
143 | crgetsuid(const cred_t *cr) | |
144 | { | |
f7fd6ddd | 145 | return KUID_TO_SUID(cr->suid); |
734fcac7 BB |
146 | } |
147 | ||
148 | /* Return the filesystem user id */ | |
149 | uid_t | |
150 | crgetfsuid(const cred_t *cr) | |
151 | { | |
f7fd6ddd | 152 | return KUID_TO_SUID(cr->fsuid); |
734fcac7 BB |
153 | } |
154 | ||
155 | /* Return the effective group id */ | |
156 | gid_t | |
157 | crgetgid(const cred_t *cr) | |
158 | { | |
f7fd6ddd | 159 | return KGID_TO_SGID(cr->egid); |
734fcac7 BB |
160 | } |
161 | ||
162 | /* Return the real group id */ | |
163 | gid_t | |
164 | crgetrgid(const cred_t *cr) | |
165 | { | |
f7fd6ddd | 166 | return KGID_TO_SGID(cr->gid); |
734fcac7 BB |
167 | } |
168 | ||
169 | /* Return the saved group id */ | |
170 | gid_t | |
171 | crgetsgid(const cred_t *cr) | |
172 | { | |
f7fd6ddd | 173 | return KGID_TO_SGID(cr->sgid); |
734fcac7 BB |
174 | } |
175 | ||
176 | /* Return the filesystem group id */ | |
177 | gid_t | |
178 | crgetfsgid(const cred_t *cr) | |
179 | { | |
f7fd6ddd | 180 | return KGID_TO_SGID(cr->fsgid); |
734fcac7 BB |
181 | } |
182 | ||
ec7d53e9 BB |
183 | EXPORT_SYMBOL(crhold); |
184 | EXPORT_SYMBOL(crfree); | |
185 | EXPORT_SYMBOL(crgetuid); | |
186 | EXPORT_SYMBOL(crgetruid); | |
187 | EXPORT_SYMBOL(crgetsuid); | |
734fcac7 | 188 | EXPORT_SYMBOL(crgetfsuid); |
ec7d53e9 BB |
189 | EXPORT_SYMBOL(crgetgid); |
190 | EXPORT_SYMBOL(crgetrgid); | |
191 | EXPORT_SYMBOL(crgetsgid); | |
734fcac7 | 192 | EXPORT_SYMBOL(crgetfsgid); |
ec7d53e9 BB |
193 | EXPORT_SYMBOL(crgetngroups); |
194 | EXPORT_SYMBOL(crgetgroups); | |
195 | EXPORT_SYMBOL(groupmember); |