Linux/fs/nfsd/auth.c

Version: ~ [ linux-6.11-rc3 ] ~ [ linux-6.10.4 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.45 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.104 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.164 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.223 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.281 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.319 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ 3 4 #include <linux/sched.h> 5 #include "nfsd.h" 6 #include "auth.h" 7 8 int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) 9 { 10 struct exp_flavor_info *f; 11 struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; 12 13 for (f = exp->ex_flavors; f < end; f++) { 14 if (f->pseudoflavor == rqstp->rq_cred.cr_flavor) 15 return f->flags; 16 } 17 return exp->ex_flags; 18 19 } 20 21 int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) 22 { 23 struct group_info *rqgi; 24 struct group_info *gi; 25 struct cred *new; 26 int i; 27 int flags = nfsexp_flags(rqstp, exp); 28 29 /* discard any old override before preparing the new set */ 30 revert_creds(get_cred(current_real_cred())); 31 new = prepare_creds(); 32 if (!new) 33 return -ENOMEM; 34 35 new->fsuid = rqstp->rq_cred.cr_uid; 36 new->fsgid = rqstp->rq_cred.cr_gid; 37 38 rqgi = rqstp->rq_cred.cr_group_info; 39 40 if (flags & NFSEXP_ALLSQUASH) { 41 new->fsuid = exp->ex_anon_uid; 42 new->fsgid = exp->ex_anon_gid; 43 gi = groups_alloc(0); 44 if (!gi) 45 goto oom; 46 } else if (flags & NFSEXP_ROOTSQUASH) { 47 if (uid_eq(new->fsuid, GLOBAL_ROOT_UID)) 48 new->fsuid = exp->ex_anon_uid; 49 if (gid_eq(new->fsgid, GLOBAL_ROOT_GID)) 50 new->fsgid = exp->ex_anon_gid; 51 52 gi = groups_alloc(rqgi->ngroups); 53 if (!gi) 54 goto oom; 55 56 for (i = 0; i < rqgi->ngroups; i++) { 57 if (gid_eq(GLOBAL_ROOT_GID, rqgi->gid[i])) 58 gi->gid[i] = exp->ex_anon_gid; 59 else 60 gi->gid[i] = rqgi->gid[i]; 61 } 62 63 /* Each thread allocates its own gi, no race */ 64 groups_sort(gi); 65 } else { 66 gi = get_group_info(rqgi); 67 } 68 69 if (uid_eq(new->fsuid, INVALID_UID)) 70 new->fsuid = exp->ex_anon_uid; 71 if (gid_eq(new->fsgid, INVALID_GID)) 72 new->fsgid = exp->ex_anon_gid; 73 74 set_groups(new, gi); 75 put_group_info(gi); 76 77 if (!uid_eq(new->fsuid, GLOBAL_ROOT_UID)) 78 new->cap_effective = cap_drop_nfsd_set(new->cap_effective); 79 else 80 new->cap_effective = cap_raise_nfsd_set(new->cap_effective, 81 new->cap_permitted); 82 put_cred(override_creds(new)); 83 put_cred(new); 84 return 0; 85 86 oom: 87 abort_creds(new); 88 return -ENOMEM; 89 } 90 91

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference Linux/fs/nfsd/auth.c

TOMOYO Linux Cross Reference
Linux/fs/nfsd/auth.c