[mirror_spl.git] / module / spl / spl-cred.c

/*****************************************************************************\
 *  Copyright (C) 2007-2010 Lawrence Livermore National Security, LLC.
 *  Copyright (C) 2007 The Regents of the University of California.
 *  Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER).
 *  Written by Brian Behlendorf <behlendorf1@llnl.gov>.
 *  UCRL-CODE-235197
 *
 *  This file is part of the SPL, Solaris Porting Layer.
 *  For details, see <http://zfsonlinux.org/>.
 *
 *  The SPL is free software; you can redistribute it and/or modify it
 *  under the terms of the GNU General Public License as published by the
 *  Free Software Foundation; either version 2 of the License, or (at your
 *  option) any later version.
 *
 *  The SPL is distributed in the hope that it will be useful, but WITHOUT
 *  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 *  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 *  for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with the SPL.  If not, see <http://www.gnu.org/licenses/>.
 *****************************************************************************
 *  Solaris Porting Layer (SPL) Credential Implementation.
\*****************************************************************************/

#include <sys/cred.h>

#ifdef DEBUG_SUBSYSTEM
#undef DEBUG_SUBSYSTEM
#endif

#define DEBUG_SUBSYSTEM S_CRED

static int
#ifdef HAVE_KUIDGID_T
cr_groups_search(const struct group_info *group_info, kgid_t grp)
#else
cr_groups_search(const struct group_info *group_info, gid_t grp)
#endif
{
	unsigned int left, right, mid;
	int cmp;

	if (!group_info)
		return 0;

	left = 0;
	right = group_info->ngroups;
	while (left < right) {
		mid = (left + right) / 2;
		cmp = KGID_TO_SGID(grp) -
		    KGID_TO_SGID(GROUP_AT(group_info, mid));

		if (cmp > 0)
			left = mid + 1;
		else if (cmp < 0)
			right = mid;
		else
			return 1;
	}
	return 0;
}

/* Hold a reference on the credential and group info */
void
crhold(cred_t *cr)
{
	(void)get_cred((const cred_t *)cr);
	(void)get_group_info(cr->group_info);
}

/* Free a reference on the credential and group info */
void
crfree(cred_t *cr)
{
	put_group_info(cr->group_info);
	put_cred((const cred_t *)cr);
}

/* Return the number of supplemental groups */
int
crgetngroups(const cred_t *cr)
{
	struct group_info *gi;
	int rc;

	gi = get_group_info(cr->group_info);
	rc = gi->ngroups;
	put_group_info(gi);

	return rc;
}

/*
 * Return an array of supplemental gids.  The returned address is safe
 * to use as long as the caller has taken a reference with crhold().
 * The caller is responsible for releasing the reference with crfree().
 */
gid_t *
crgetgroups(const cred_t *cr)
{
	struct group_info *gi;
	gid_t *gids;

	gi = get_group_info(cr->group_info);
	gids = KGIDP_TO_SGIDP(gi->blocks[0]);
	put_group_info(gi);

	return gids;
}

/* Check if the passed gid is available in supplied credential. */
int
groupmember(gid_t gid, const cred_t *cr)
{
	struct group_info *gi;
	int rc;

	gi = get_group_info(cr->group_info);
	rc = cr_groups_search(gi, SGID_TO_KGID(gid));
	put_group_info(gi);

	return rc;
}

/* Return the effective user id */
uid_t
crgetuid(const cred_t *cr)
{
	return KUID_TO_SUID(cr->euid);
}

/* Return the real user id */
uid_t
crgetruid(const cred_t *cr)
{
	return KUID_TO_SUID(cr->uid);
}

/* Return the saved user id */
uid_t
crgetsuid(const cred_t *cr)
{
	return KUID_TO_SUID(cr->suid);
}

/* Return the filesystem user id */
uid_t
crgetfsuid(const cred_t *cr)
{
	return KUID_TO_SUID(cr->fsuid);
}

/* Return the effective group id */
gid_t
crgetgid(const cred_t *cr)
{
	return KGID_TO_SGID(cr->egid);
}

/* Return the real group id */
gid_t
crgetrgid(const cred_t *cr)
{
	return KGID_TO_SGID(cr->gid);
}

/* Return the saved group id */
gid_t
crgetsgid(const cred_t *cr)
{
	return KGID_TO_SGID(cr->sgid);
}

/* Return the filesystem group id */
gid_t
crgetfsgid(const cred_t *cr)
{
	return KGID_TO_SGID(cr->fsgid);
}

EXPORT_SYMBOL(crhold);
EXPORT_SYMBOL(crfree);
EXPORT_SYMBOL(crgetuid);
EXPORT_SYMBOL(crgetruid);
EXPORT_SYMBOL(crgetsuid);
EXPORT_SYMBOL(crgetfsuid);
EXPORT_SYMBOL(crgetgid);
EXPORT_SYMBOL(crgetrgid);
EXPORT_SYMBOL(crgetsgid);
EXPORT_SYMBOL(crgetfsgid);
EXPORT_SYMBOL(crgetngroups);
EXPORT_SYMBOL(crgetgroups);
EXPORT_SYMBOL(groupmember);
Commit	Line	Data
716154c5 BB	1	/*****************************************************************************\
	2	* Copyright (C) 2007-2010 Lawrence Livermore National Security, LLC.
	3	* Copyright (C) 2007 The Regents of the University of California.
	4	* Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER).
	5	* Written by Brian Behlendorf <behlendorf1@llnl.gov>.
ec7d53e9 BB	6	* UCRL-CODE-235197
ec7d53e9 BB	7	*
716154c5	8	* This file is part of the SPL, Solaris Porting Layer.
3d6af2dd	9	* For details, see <http://zfsonlinux.org/>.
ec7d53e9	10	*
716154c5 BB	11	* The SPL is free software; you can redistribute it and/or modify it
	12	* under the terms of the GNU General Public License as published by the
	13	* Free Software Foundation; either version 2 of the License, or (at your
	14	* option) any later version.
	15	*
	16	* The SPL is distributed in the hope that it will be useful, but WITHOUT
ec7d53e9 BB	17	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	18	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	19	* for more details.
	20	*
	21	* You should have received a copy of the GNU General Public License along
716154c5 BB	22	* with the SPL. If not, see <http://www.gnu.org/licenses/>.
	23	*****************************************************************************
	24	* Solaris Porting Layer (SPL) Credential Implementation.
	25	\*****************************************************************************/
ec7d53e9 BB	26
	27	#include <sys/cred.h>
	28
	29	#ifdef DEBUG_SUBSYSTEM
	30	#undef DEBUG_SUBSYSTEM
	31	#endif
	32
	33	#define DEBUG_SUBSYSTEM S_CRED
	34
ec7d53e9	35	static int
f7fd6ddd RY	36	#ifdef HAVE_KUIDGID_T
	37	cr_groups_search(const struct group_info *group_info, kgid_t grp)
	38	#else
ec7d53e9	39	cr_groups_search(const struct group_info *group_info, gid_t grp)
f7fd6ddd	40	#endif
ec7d53e9	41	{
e19101e0 BB	42	unsigned int left, right, mid;
e19101e0 BB	43	int cmp;
ec7d53e9 BB	44
	45	if (!group_info)
	46	return 0;
	47
	48	left = 0;
	49	right = group_info->ngroups;
	50	while (left < right) {
e19101e0 BB	51	mid = (left + right) / 2;
	52	cmp = KGID_TO_SGID(grp) -
	53	KGID_TO_SGID(GROUP_AT(group_info, mid));
	54
ec7d53e9 BB	55	if (cmp > 0)
	56	left = mid + 1;
	57	else if (cmp < 0)
	58	right = mid;
	59	else
	60	return 1;
	61	}
	62	return 0;
	63	}
ec7d53e9 BB	64
	65	/* Hold a reference on the credential and group info */
	66	void
	67	crhold(cred_t *cr)
	68	{
	69	(void)get_cred((const cred_t *)cr);
	70	(void)get_group_info(cr->group_info);
	71	}
	72
	73	/* Free a reference on the credential and group info */
	74	void
	75	crfree(cred_t *cr)
	76	{
	77	put_group_info(cr->group_info);
	78	put_cred((const cred_t *)cr);
	79	}
	80
ec7d53e9 BB	81	/* Return the number of supplemental groups */
	82	int
	83	crgetngroups(const cred_t *cr)
	84	{
	85	struct group_info *gi;
	86	int rc;
	87
	88	gi = get_group_info(cr->group_info);
	89	rc = gi->ngroups;
	90	put_group_info(gi);
	91
	92	return rc;
	93	}
	94
	95	/*
	96	* Return an array of supplemental gids. The returned address is safe
	97	* to use as long as the caller has taken a reference with crhold().
	98	* The caller is responsible for releasing the reference with crfree().
	99	*/
	100	gid_t *
	101	crgetgroups(const cred_t *cr)
	102	{
	103	struct group_info *gi;
	104	gid_t *gids;
	105
	106	gi = get_group_info(cr->group_info);
f7fd6ddd	107	gids = KGIDP_TO_SGIDP(gi->blocks[0]);
ec7d53e9 BB	108	put_group_info(gi);
	109
	110	return gids;
	111	}
	112
e19101e0	113	/* Check if the passed gid is available in supplied credential. */
ec7d53e9 BB	114	int
	115	groupmember(gid_t gid, const cred_t *cr)
	116	{
	117	struct group_info *gi;
	118	int rc;
	119
	120	gi = get_group_info(cr->group_info);
e19101e0	121	rc = cr_groups_search(gi, SGID_TO_KGID(gid));
ec7d53e9 BB	122	put_group_info(gi);
	123
	124	return rc;
	125	}
	126
734fcac7 BB	127	/* Return the effective user id */
	128	uid_t
	129	crgetuid(const cred_t *cr)
	130	{
f7fd6ddd	131	return KUID_TO_SUID(cr->euid);
734fcac7 BB	132	}
	133
	134	/* Return the real user id */
	135	uid_t
	136	crgetruid(const cred_t *cr)
	137	{
f7fd6ddd	138	return KUID_TO_SUID(cr->uid);
734fcac7 BB	139	}
	140
	141	/* Return the saved user id */
	142	uid_t
	143	crgetsuid(const cred_t *cr)
	144	{
f7fd6ddd	145	return KUID_TO_SUID(cr->suid);
734fcac7 BB	146	}
	147
	148	/* Return the filesystem user id */
	149	uid_t
	150	crgetfsuid(const cred_t *cr)
	151	{
f7fd6ddd	152	return KUID_TO_SUID(cr->fsuid);
734fcac7 BB	153	}
	154
	155	/* Return the effective group id */
	156	gid_t
	157	crgetgid(const cred_t *cr)
	158	{
f7fd6ddd	159	return KGID_TO_SGID(cr->egid);
734fcac7 BB	160	}
	161
	162	/* Return the real group id */
	163	gid_t
	164	crgetrgid(const cred_t *cr)
	165	{
f7fd6ddd	166	return KGID_TO_SGID(cr->gid);
734fcac7 BB	167	}
	168
	169	/* Return the saved group id */
	170	gid_t
	171	crgetsgid(const cred_t *cr)
	172	{
f7fd6ddd	173	return KGID_TO_SGID(cr->sgid);
734fcac7 BB	174	}
	175
	176	/* Return the filesystem group id */
	177	gid_t
	178	crgetfsgid(const cred_t *cr)
	179	{
f7fd6ddd	180	return KGID_TO_SGID(cr->fsgid);
734fcac7 BB	181	}
734fcac7 BB	182
ec7d53e9 BB	183	EXPORT_SYMBOL(crhold);
	184	EXPORT_SYMBOL(crfree);
	185	EXPORT_SYMBOL(crgetuid);
	186	EXPORT_SYMBOL(crgetruid);
	187	EXPORT_SYMBOL(crgetsuid);
734fcac7	188	EXPORT_SYMBOL(crgetfsuid);
ec7d53e9 BB	189	EXPORT_SYMBOL(crgetgid);
	190	EXPORT_SYMBOL(crgetrgid);
	191	EXPORT_SYMBOL(crgetsgid);
734fcac7	192	EXPORT_SYMBOL(crgetfsgid);
ec7d53e9 BB	193	EXPORT_SYMBOL(crgetngroups);
	194	EXPORT_SYMBOL(crgetgroups);
	195	EXPORT_SYMBOL(groupmember);