Use cred->fsuid and cred->fsgid instead.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
struct auth_cred acred = {};
struct rpc_cred __rcu *cred;
struct cred *kcred;
+ kuid_t uid;
+ kgid_t gid;
u32 ds_count, fh_count, id;
int j;
if (rc)
goto out_err_free;
- acred.uid = make_kuid(&init_user_ns, id);
+ uid = make_kuid(&init_user_ns, id);
/* group */
rc = decode_name(&stream, &id);
if (rc)
goto out_err_free;
- acred.gid = make_kgid(&init_user_ns, id);
+ gid = make_kgid(&init_user_ns, id);
if (gfp_flags & __GFP_FS)
kcred = prepare_kernel_cred(NULL);
rc = -ENOMEM;
if (!kcred)
goto out_err_free;
- kcred->fsuid = acred.uid;
- kcred->fsgid = acred.gid;
+ kcred->fsuid = uid;
+ kcred->fsgid = gid;
acred.cred = kcred;
/* find the cred for it */
dprintk("%s: iomode %s uid %u gid %u\n", __func__,
lgr->range.iomode == IOMODE_READ ? "READ" : "RW",
- from_kuid(&init_user_ns, acred.uid),
- from_kgid(&init_user_ns, acred.gid));
+ from_kuid(&init_user_ns, uid),
+ from_kgid(&init_user_ns, gid));
}
p = xdr_inline_decode(&stream, 4);
if (!kcred)
return NULL;
- acred.uid = ses->se_cb_sec.uid;
- acred.gid = ses->se_cb_sec.gid;
- kcred->uid = acred.uid;
- kcred->gid = acred.gid;
+ kcred->uid = ses->se_cb_sec.uid;
+ kcred->gid = ses->se_cb_sec.gid;
acred.cred = kcred;
ret = auth->au_ops->lookup_cred(client->cl_auth, &acred, 0);
put_cred(kcred);
key will expire soon */
};
-/* Work around the lack of a VFS credential */
struct auth_cred {
const struct cred *cred;
- kuid_t uid;
- kgid_t gid;
const char *principal;
unsigned long ac_flags;
unsigned char machine_cred : 1;
auth->au_ops->au_name);
memset(&acred, 0, sizeof(acred));
- acred.uid = cred->fsuid;
- acred.gid = cred->fsgid;
acred.cred = cred;
ret = auth->au_ops->lookup_cred(auth, &acred, flags);
return ret;
cred->cr_ops = ops;
cred->cr_expire = jiffies;
cred->cr_cred = get_cred(acred->cred);
- cred->cr_uid = acred->uid;
+ cred->cr_uid = acred->cred->fsuid;
}
EXPORT_SYMBOL_GPL(rpcauth_init_cred);
{
struct rpc_auth *auth = task->tk_client->cl_auth;
struct auth_cred acred = {
- .uid = GLOBAL_ROOT_UID,
- .gid = GLOBAL_ROOT_GID,
.cred = get_task_cred(&init_task),
};
struct rpc_cred *ret;
# define RPCDBG_FACILITY RPCDBG_AUTH
#endif
-#define RPC_MACHINE_CRED_USERID GLOBAL_ROOT_UID
-#define RPC_MACHINE_CRED_GROUPID GLOBAL_ROOT_GID
-
struct generic_cred {
struct rpc_cred gc_base;
struct auth_cred acred;
struct rpc_cred *rpc_lookup_machine_cred(const char *service_name)
{
struct auth_cred acred = {
- .uid = RPC_MACHINE_CRED_USERID,
- .gid = RPC_MACHINE_CRED_GROUPID,
.principal = service_name,
.machine_cred = 1,
.cred = get_task_cred(&init_task),
static int
generic_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{
- return hash_64(from_kgid(&init_user_ns, acred->gid) |
- ((u64)from_kuid(&init_user_ns, acred->uid) <<
+ return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
+ ((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
(sizeof(gid_t) * 8)), hashbits);
}
rpcauth_init_cred(&gcred->gc_base, acred, &generic_auth, &generic_credops);
gcred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
- gcred->acred.uid = acred->uid;
- gcred->acred.gid = acred->gid;
gcred->acred.cred = gcred->gc_base.cr_cred;
gcred->acred.ac_flags = 0;
gcred->acred.machine_cred = acred->machine_cred;
dprintk("RPC: allocated %s cred %p for uid %d gid %d\n",
gcred->acred.machine_cred ? "machine" : "generic",
gcred,
- from_kuid(&init_user_ns, acred->uid),
- from_kgid(&init_user_ns, acred->gid));
+ from_kuid(&init_user_ns, acred->cred->fsuid),
+ from_kgid(&init_user_ns, acred->cred->fsgid));
return &gcred->gc_base;
}
{
if (!gcred->acred.machine_cred ||
gcred->acred.principal != acred->principal ||
- !uid_eq(gcred->acred.uid, acred->uid) ||
- !gid_eq(gcred->acred.gid, acred->gid))
+ !uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
+ !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid))
return 0;
return 1;
}
if (acred->machine_cred)
return machine_cred_match(acred, gcred, flags);
- if (!uid_eq(gcred->acred.uid, acred->uid) ||
- !gid_eq(gcred->acred.gid, acred->gid) ||
+ if (!uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
+ !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid) ||
gcred->acred.machine_cred != 0)
goto out_nomatch;
new = kzalloc(sizeof(*gss_cred), GFP_NOIO);
if (new) {
struct auth_cred acred = {
- .uid = gss_cred->gc_base.cr_uid,
+ .cred = gss_cred->gc_base.cr_cred,
};
struct gss_cl_ctx *ctx =
rcu_dereference_protected(gss_cred->gc_ctx, 1);
static int
gss_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{
- return hash_64(from_kuid(&init_user_ns, acred->uid), hashbits);
+ return hash_64(from_kuid(&init_user_ns, acred->cred->fsuid), hashbits);
}
/*
int err = -ENOMEM;
dprintk("RPC: %s for uid %d, flavor %d\n",
- __func__, from_kuid(&init_user_ns, acred->uid),
+ __func__, from_kuid(&init_user_ns, acred->cred->fsuid),
auth->au_flavor);
if (!(cred = kzalloc(sizeof(*cred), gfp)))
}
if (gss_cred->gc_principal != NULL)
return 0;
- ret = uid_eq(rc->cr_uid, acred->uid);
+ ret = uid_eq(rc->cr_uid, acred->cred->fsuid);
check_expire:
if (ret == 0)
gc_base);
struct rpc_auth *auth = oldcred->cr_auth;
struct auth_cred acred = {
- .uid = oldcred->cr_uid,
.cred = oldcred->cr_cred,
.principal = gss_cred->gc_principal,
.machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0),
static int
unx_hash_cred(struct auth_cred *acred, unsigned int hashbits)
{
- return hash_64(from_kgid(&init_user_ns, acred->gid) |
- ((u64)from_kuid(&init_user_ns, acred->uid) <<
+ return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
+ ((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
(sizeof(gid_t) * 8)), hashbits);
}
unsigned int i;
dprintk("RPC: allocating UNIX cred for uid %d gid %d\n",
- from_kuid(&init_user_ns, acred->uid),
- from_kgid(&init_user_ns, acred->gid));
+ from_kuid(&init_user_ns, acred->cred->fsuid),
+ from_kgid(&init_user_ns, acred->cred->fsgid));
if (!(cred = kmalloc(sizeof(*cred), gfp)))
return ERR_PTR(-ENOMEM);
if (groups > UNX_NGROUPS)
groups = UNX_NGROUPS;
- cred->uc_gid = acred->gid;
+ cred->uc_gid = acred->cred->fsgid;
for (i = 0; i < groups; i++)
cred->uc_gids[i] = acred->cred->group_info->gid[i];
if (i < UNX_NGROUPS)
unsigned int i;
- if (!uid_eq(cred->uc_uid, acred->uid) || !gid_eq(cred->uc_gid, acred->gid))
+ if (!uid_eq(cred->uc_uid, acred->cred->fsuid) || !gid_eq(cred->uc_gid, acred->cred->fsgid))
return 0;
if (acred->cred && acred->cred->group_info != NULL)