forked from Minki/linux
e0e817392b
Add a config option (CONFIG_DEBUG_CREDENTIALS) to turn on some debug checking for credential management. The additional code keeps track of the number of pointers from task_structs to any given cred struct, and checks to see that this number never exceeds the usage count of the cred struct (which includes all references, not just those from task_structs). Furthermore, if SELinux is enabled, the code also checks that the security pointer in the cred struct is never seen to be invalid. This attempts to catch the bug whereby inode_has_perm() faults in an nfsd kernel thread on seeing cred->security be a NULL pointer (it appears that the credential struct has been previously released): http://www.kerneloops.org/oops.php?number=252883 Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
104 lines
2.1 KiB
C
104 lines
2.1 KiB
C
/*
|
|
* linux/fs/nfsd/auth.c
|
|
*
|
|
* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
|
|
*/
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/sunrpc/svc.h>
|
|
#include <linux/sunrpc/svcauth.h>
|
|
#include <linux/nfsd/nfsd.h>
|
|
#include <linux/nfsd/export.h>
|
|
#include "auth.h"
|
|
|
|
int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
|
|
{
|
|
struct exp_flavor_info *f;
|
|
struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
|
|
|
|
for (f = exp->ex_flavors; f < end; f++) {
|
|
if (f->pseudoflavor == rqstp->rq_flavor)
|
|
return f->flags;
|
|
}
|
|
return exp->ex_flags;
|
|
|
|
}
|
|
|
|
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
|
|
{
|
|
struct group_info *rqgi;
|
|
struct group_info *gi;
|
|
struct cred *new;
|
|
int i;
|
|
int flags = nfsexp_flags(rqstp, exp);
|
|
int ret;
|
|
|
|
validate_process_creds();
|
|
|
|
/* discard any old override before preparing the new set */
|
|
revert_creds(get_cred(current->real_cred));
|
|
new = prepare_creds();
|
|
if (!new)
|
|
return -ENOMEM;
|
|
|
|
new->fsuid = rqstp->rq_cred.cr_uid;
|
|
new->fsgid = rqstp->rq_cred.cr_gid;
|
|
|
|
rqgi = rqstp->rq_cred.cr_group_info;
|
|
|
|
if (flags & NFSEXP_ALLSQUASH) {
|
|
new->fsuid = exp->ex_anon_uid;
|
|
new->fsgid = exp->ex_anon_gid;
|
|
gi = groups_alloc(0);
|
|
if (!gi)
|
|
goto oom;
|
|
} else if (flags & NFSEXP_ROOTSQUASH) {
|
|
if (!new->fsuid)
|
|
new->fsuid = exp->ex_anon_uid;
|
|
if (!new->fsgid)
|
|
new->fsgid = exp->ex_anon_gid;
|
|
|
|
gi = groups_alloc(rqgi->ngroups);
|
|
if (!gi)
|
|
goto oom;
|
|
|
|
for (i = 0; i < rqgi->ngroups; i++) {
|
|
if (!GROUP_AT(rqgi, i))
|
|
GROUP_AT(gi, i) = exp->ex_anon_gid;
|
|
else
|
|
GROUP_AT(gi, i) = GROUP_AT(rqgi, i);
|
|
}
|
|
} else {
|
|
gi = get_group_info(rqgi);
|
|
}
|
|
|
|
if (new->fsuid == (uid_t) -1)
|
|
new->fsuid = exp->ex_anon_uid;
|
|
if (new->fsgid == (gid_t) -1)
|
|
new->fsgid = exp->ex_anon_gid;
|
|
|
|
ret = set_groups(new, gi);
|
|
put_group_info(gi);
|
|
if (ret < 0)
|
|
goto error;
|
|
|
|
if (new->fsuid)
|
|
new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
|
|
else
|
|
new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
|
|
new->cap_permitted);
|
|
validate_process_creds();
|
|
put_cred(override_creds(new));
|
|
put_cred(new);
|
|
validate_process_creds();
|
|
return 0;
|
|
|
|
oom:
|
|
ret = -ENOMEM;
|
|
error:
|
|
abort_creds(new);
|
|
return ret;
|
|
}
|
|
|